RH442-1 利用snmp和mrtg监控linux服务器的网络流量

简介:

 利用snmpmrtg监控linux服务器的网络流量

一、环境

snmpdmrtg服务器:station2.example.com 192.168.32.32

      被监控客户端:station3.example.com192.168.32.33

二、snmp服务器端安装和配置(station2)

1.      snmp安装

[root@station2 ~]# yum install net-snmp.i386

[root@station2 ~]#yuminstall net-snmp-devel.i386

[root@station2 ~]#yum install net-snmp-utils.i386

 

2.      snmp配置

[root@station2 ~]# snmptranslate -On SNMPv2-MIB::system

.1.3.6.1.2.1.1                  #查看systemmiboid

 

[root@station2 ~]#cp /etc/snmp/snmpd /etc/snmp/snmpd.orig  

#备份snmpd文件,默认情况下在运行snmpconf命令进行配置snmp是会覆盖此文件

[root@station2 ~]# snmpconf    

The following installed configuration files were found:

   1:  ./snmpd.conf

   2:  /etc/snmp/snmpd.conf

Would you like me to read them in?  Their content will be merged with the

output files created by this session.

Valid answer examples: "all", "none","3","1,2,5"

Read in which (default = all): 2      

 #读取/etc/snmp/snmpd.conf文件内容,并将其内容加入到新配置文件中

 

I can create the following types of configuration files for you.

Select the file type you wish to create:

(you can create more than one as you run this program)

   1:  snmpd.conf

   2:  snmptrapd.conf

   3:  snmp.conf

Other options: quit

Select File: 1    

#选择配置文件名,默认路径在当前目录下

The configuration information which can be put into snmpd.conf is divided

into sections.  Select a configuration section for snmpd.conf

that you wish to create:

   1:  Trap Destinations

   2:  System Information Setup

   3:  Monitor Various Aspects of the Running Host

   4:  Extending the Agent

   5:  Access Control Setup

   6:  Agent Operating Mode

Other options: finished

Select section: 5     

#选择配置类型,5是访问配置,要通过snmp监控系统信息,得先配置访问控制

 

Section: Access Control Setup

Description:

  This section defines who is allowed to talk to your running

  snmp agent.

Select from:

   1:  a SNMPv3 read-write user

   2:  a SNMPv3 read-only user

   3:  a SNMPv1/SNMPv2c read-only access community name

   4:  a SNMPv1/SNMPv2c read-write access community name

Other options: finished, list

Select section: 3

#范围权限,选择3通过community(访问密码)进行只读访问

 

Configuring: rocommunity

Description:

  a SNMPv1/SNMPv2c read-only access community name

    arguments:  community [default|hostname|network/bits] [oid]

The community name to add read-only access for: example  

#examplecommunity即访问密码

The hostname or network address to accept this community name from [RETURN for all]: 0.0.0.0/0                  #可访问得网段

The OID that this community should be restricted to [RETURN for no-restriction]:  #snmp监控类型,回车则表示监控所有信息。

Finished Output: rocommunity  example 0.0.0.0/0

Section: Access Control Setup

Description:

  This section defines who is allowed to talk to your running

  snmp agent.

Select from:

   1:  a SNMPv3 read-write user

   2:  a SNMPv3 read-only user

   3:  a SNMPv1/SNMPv2c read-only access community name

   4:  a SNMPv1/SNMPv2c read-write access community name

Other options: finished, list

Select section: finished                   #保存配置         

The configuration information which can be put into snmpd.conf is divided

into sections.  Select a configuration section for snmpd.conf

that you wish to create:

   1:  Trap Destinations

   2:  System Information Setup

   3:  Monitor Various Aspects of the Running Host

   4:  Extending the Agent

   5:  Access Control Setup

   6:  Agent Operating Mode

Other options: finished

Select section: finished

I can create the following types of configuration files for you.

Select the file type you wish to create:

(you can create more than one as you run this program)

   1:  snmpd.conf

   2:  snmptrapd.conf

   3:  snmp.conf

 

Other options: quit

Select File: quit

Error: An snmpd.conf file already exists in this directory.

'overwrite', 'skip', 'rename' or 'append'? : overwrite   #覆盖原配置文件

The following files were created:

  snmpd.conf 

These files should be moved to /usr/share/snmp if you

want them used by everyone on the system.  In the future, if you add

the -i option to the command line I'll copy them there automatically for you.

Or, if you want them for your personal use only, copy them to

/root/.snmp .  In the future, if you add the -p option to the

command line I'll copy them there automatically for you.

 

[root@station2 ~]# cp snmpd.conf /etc/snmp/snmpd.conf

cp:是否覆盖“/etc/snmp/snmpd.conf? y   #将新配置文件覆盖原配置文件

 

[root@station2 ~]# cat /etc/snmp/snmpd.conf |grep example

#   example: pass .1.3.6.1.4.1.2021.255 /path/to/local/passtest

rocommunity  example 0.0.0.0/0

 

3.      启动snmpd服务

[root@station2 ~]# service snmpd start

启动 snmpd                                               [确定]

 

[root@station2 ~]# chkconfig snmpd on

 

[root@station2 /]# snmpwalk -v1 -c example station2.example.com

#根据communityexample查看stationa2.example的信息

SNMPv2-MIB::sysDescr.0 = STRING: Linux station2.example.com 2.6.18-194.el5 #1 SMP Tue Mar 16 21:52:43 EDT 2010 i686

SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAgentOIDs.10

DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (7433) 0:01:14.33

SNMPv2-MIB::sysContact.0 = STRING: Root <root@localhost> (configure /etc/snmp/snmp.local.conf)

SNMPv2-MIB::sysName.0 = STRING: station2.example.com

SNMPv2-MIB::sysLocation.0 = STRING: Unknown (edit /etc/snmp/snmpd.conf)

SNMPv2-MIB::sysORLastChange.0 = Timeticks: (1) 0:00:00.01

SNMPv2-MIB::sysORID.1 = OID: SNMPv2-MIB::snmpMIB

SNMPv2-MIB::sysORID.2 = OID: TCP-MIB::tcpMIB

SNMPv2-MIB::sysORID.3 = OID: IP-MIB::ip

SNMPv2-MIB::sysORID.4 = OID: UDP-MIB::udpMIB

SNMPv2-MIB::sysORID.5 = OID: SNMP-VIEW-BASED-ACM-MIB::vacmBasicGroup

SNMPv2-MIB::sysORID.6 = OID: SNMP-FRAMEWORK-MIB::snmpFrameworkMIBCompliance

SNMPv2-MIB::sysORID.7 = OID: SNMP-MPD-MIB::snmpMPDCompliance

SNMPv2-MIB::sysORID.8 = OID: SNMP-USER-BASED-SM-MIB::usmMIBCompliance

SNMPv2-MIB::sysORDescr.1 = STRING: The MIB module for SNMPv2 entities

SNMPv2-MIB::sysORDescr.2 = STRING: The MIB module for managing TCP implementations

SNMPv2-MIB::sysORDescr.3 = STRING: The MIB module for managing IP and ICMP implementations

。。。。。。

End of MIB

 

三、snmpd客户端口配置(station3)

1.      安装

[root@station2 ~]# yum install net-snmp.i386

2.      stationa2的配置文件复制并覆盖station3的原配置文件

 [root@station3 ~]# scp 192.168.32.32:/etc/snmp/snmpd.conf /etc/snmp/snmpd.conf

root@192.168.32.32's password:

snmpd.conf                                 100% 2771     2.7KB/s   00:00   

 

3.      启动snmpd代理服务

[root@station3 snmp]# service snmpd start

启动 snmpd                                               [确定]

[root@station3 snmp]# chkconfig snmpd on

 

四、服务器端mrtg的安装和配置(station2)

1.      mrtg安装

[root@station2 ~]# yum install mrtg

#注在此默认httpd已经安装并配置,安装mrtg后会默认生成一个httpd配置文件/etc/httpd/conf.d/mrtg

 

2.      配置mrtg

[root@station2 /]# cfgmaker --ifref=name --global "workdir:/var/www/mrtg" example@station2.example.com example@station3.example.com >/etc/mrtg/mrtg.cfg

#根据snmpdcommunity定义mrtg的报表配置文件

 

[root@station2 /]# cat /etc/cron.d/mrtg   

*/5 * * * * root LANG=C LC_ALL=C /usr/bin/mrtg /etc/mrtg/mrtg.cfg --lock-file /var/lock/mrtg/mrtg_l --confcache-file /var/lib/mrtg/mrtg.ok

#该文件是安装mrtg时默认生成,表示每5分钟做一次数据读取

 

[root@station2 /]# LANG=C LC_ALL=C /usr/bin/mrtg /etc/mrtg/mrtg.cfg --lock-file /var/lock/mrtg/mrtg_l --confcache-file /var/lib/mrtg/mrtg.ok

#根据/etc/cron.d/mrtg中内容读取数据生成报表,要执行3次此命令才会不提示错误并成功。

 

[root@station2 /]# indexmaker /etc/mrtg/mrtg.cfg>/var/www/mrtg/index.html

#根据mrtg配置文件生成mrtg的默认首页

 

3.     配置httpd并测试

[root@station2 conf.d]# vi /etc/httpd/conf.d/mrtg.conf

Alias /mrtg /var/www/mrtg

<Location /mrtg>

    Order deny,allow

    Deny from all

    Allow from 0.0.0.0/0.0.0.0     #配置/var/www/mrtg的访问权限

</Location>

[root@station2 conf.d]#servie httpd restart

通过IE访问http://192.168.32.32/mrtg


 

 

 

 

本文转自netsword 51CTO博客,原文链接:http://blog.51cto.com/netsword/557957


相关文章
|
3天前
|
安全 Linux 网络安全
Web安全-Linux网络协议
Web安全-Linux网络协议
16 4
|
14天前
|
Linux
Linux 服务器下载百度网盘文件
本教程指导如何使用 `bypy` 库从百度网盘下载文件。首先通过 `pip install bypy` 安装库,接着运行 `bypy info` 获取登录链接并完成授权,最后将文件置于指定目录并通过 `bypy downdir /Ziya-13b-v1` 命令下载至本地。
20 1
Linux 服务器下载百度网盘文件
|
3天前
|
机器学习/深度学习 安全 网络协议
Web安全-Linux网络命令
Web安全-Linux网络命令
8 1
|
6天前
|
存储 安全 Linux
离线Linux服务器环境搭建
【9月更文挑战第3天】在离线环境下搭建Linux服务器需按以下步骤进行:首先确定服务器用途及需求,准备安装介质与所需软件包;接着安装Linux系统并配置网络;然后设置系统基础参数,如主机名与时区;安装必要软件并配置服务;最后进行安全设置,包括关闭非必要服务、配置防火墙、强化用户认证及定期备份数据。整个过程需确保软件包的完整性和兼容性。
|
8天前
|
存储 监控 Linux
监控Linux服务器
详细介绍了如何监控Linux服务器,包括监控CPU、内存、磁盘存储和带宽的使用情况,以及使用各种系统监控工具如vmstat、iostat、sar、top和dstat来分析系统性能,并推荐了一些开源监控系统。
20 0
监控Linux服务器
|
11天前
|
监控 安全 网络安全
深入理解SNMP:网络管理的关键协议
【8月更文挑战第31天】
36 1
|
14天前
|
Shell Linux Perl
linux服务器自动生成本地快照
【8月更文挑战第28天】本文介绍了在Linux服务器上通过两种常见方式创建本地快照的方法:Btrfs文件系统与LVM。Btrfs原生支持快照功能,操作简单快捷;LVM则提供了灵活的逻辑卷管理,可在不影响原始数据的情况下创建快照。文章详细列出了创建、查看、挂载及清理快照的具体步骤,并提供了一个自动化的Shell脚本示例,便于用户根据需求定期创建快照并清理过期快照。
18 3
|
6天前
|
域名解析 负载均衡 网络协议
Linux网络接口配置不当所带来的影响
总而言之,Linux网络接口的恰当配置是保证网络稳定性、性能和安全性的基础。通过遵循最佳实践和定期维护,可以最大程度地减少配置错误带来的负面影响。
25 0
|
9天前
|
监控 安全 网络协议
快速配置Linux云服务器
快速配置Linux云服务器
|
11天前
|
存储 运维 监控