[Plain] viewplaincopyprint? & Lt; spanstyle = & quot; font-size: 14px; & quot; & gt; This article describes how to configure a simple SNMP service in the CentOS environment & lt; /span & gt; software
[Plain]View plaincopyprint?
- This document describes how to configure a simple SNMP service in CentOS.
Software Installation
Switch to the system administrator account
Install snmp
Check that the snmp agent is installed.
Rpm-q net-snmp
If not, install snmp
Yum install net-snmp
Set automatic snmp running upon startup
/Sbin/chkconfig snmpd on configure snmp
Modify configuration file
Back up the original configuration file and edit/etc/snmp/snmpd. conf. The simple configuration is as follows:
[Plain]View plaincopyprint?
- # First, map the community name "public" into a "security name"
- # Sec. name source community
- Com2sec notConfigUser default public
- ####
- # Second, map the security name into a group name:
- # GroupName securityModel securityName
- Group notConfigGroup v1 notConfigUser
- Group notConfigGroup v2c notConfigUser
- ####
- # Third, create a view for us to let the group have rights:
- # Make at least snmpwalk-v 1 localhost-c public system fast again.
- # Name incl/excl subtree mask (optional)
- View systemview embedded DED. 1.3.6.1.2.1.1
- View systemview embedded DED. 1.3.6.1.2.1.25.1.1
- ####
- # Finally, grant the group read-only access to the systemview view.
- # Group context sec. model sec. level prefix read write notif
- Access notConfigGroup "" any noauth exact systemview none
Start snmp
/Etc/init. d/snmpd start
Restart the snmp service if it has been started.
/Etc/init. d/snmpd restart
Test snmp
Check whether the port is enabled
Netstat-ln | grep 161
Install the snmp test tool
Yum install net-snmp-utils
Test snmp data on the local machine (modify monit to the group name configured)
Snmpwalk-v 2c-c public localhost system
Snmpwalk-v3-u username-l auth-a MD5-A password localhost
Create an SNMP (v3) user
Net-snmp-config -- create-snmpv3-user-ro-a MD5 lyceemsnmp lyceem.com
Remote test of snmp data (modify the ip address to the server ip address, and install net-snmp for the snmpwalk command)
Snmpwalk-v 2c-c public ip system
Troubleshooting: if the local test snmp has data and the remote test snmp has no data, the server firewall prohibits external access to port udp 161 of the server:
Modify/etc/sysconfig/iptables (or:/etc/sysconfig/iptables-config) and add the following rules:
-A RH-Firewall-1-INPUT-p udp-m state Cstate NEW-m udp Cdport 161-j ACCEPT
Restart iptables
/Etc/init. d/iptables restart