안녕하세요. 기존에 10.04 버전에서 apt-get install snmpd 로 설치를 하게되면 /etc/snmp/snmpd.conf 파일 중에
sec.name source community
com2sec paranoid default public
#com2sec readonly default public
이런 내용이 있어서 저 부분 수정해서 설정하고 했는데요.
오래동안 사용안하다가 snmpd를 새로 서버에 설치하게되었는데요.
snmpd 파일 안에 내용이 싹 새로 바뀌어 버렸네요.
완전 처음 보는 파일 내용이라서 혹시 바뀐 내용에 따라서 설정 방법도 바뀌었나요 ?
아무리 구글 찾아봐도 이전 설정파일 수정하는 내용밖에 나오질 않네요.
처음보는 snmpd 파일 내용 첨부합니다.
###############################################################################
EXAMPLE.conf:
An example configuration file for configuring the Net-SNMP agent (‘snmpd’)
See the ‘snmpd.conf(5)’ man page for details
Some entries are deliberately commented out, and will need to be explicitly activated
###############################################################################
AGENT BEHAVIOUR
Listen for connections from the local system only
#agentAddress udp:127.0.0.1:161
Listen for connections on all interfaces (both IPv4 and IPv6)
agentAddress udp:161,udp6:[::1]:161
###############################################################################
SNMPv3 AUTHENTICATION
Note that these particular settings don’t actually belong here.
They should be copied to the file /var/lib/snmp/snmpd.conf
and the passwords changed, before being uncommented in that file only.
Then restart the agent
createUser authOnlyUser MD5 "remember to change this password"
createUser authPrivUser SHA "remember to change this one too" DES
createUser internalUser MD5 "this is only ever used internally, but still change the password"
If you also change the usernames (which might be sensible),
then remember to update the other occurances in this example config file to match.
###############################################################################
ACCESS CONTROL
# system + hrSystem groups only
view systemonly included .1.3.6.1.2.1.1
view systemonly included .1.3.6.1.2.1.25.1
# Full access from the local host
#rocommunity public localhost
# Default access to basic system info
rocommunity public default -V systemonly
# Full access from an example network
# Adjust this network address to match your local
# settings, change the community string,
# and check the 'agentAddress' setting above
#rocommunity secret 10.0.0.0/16
# Full read-only access for SNMPv3
rouser authOnlyUser
# Full write access for encrypted requests
# Remember to activate the ‘createUser’ lines above
#rwuser authPrivUser priv
It’s no longer typically necessary to use the full ‘com2sec/group/access’ configuration
r[ou]user and r[ow]community, together with suitable views, should cover most requirements
###############################################################################
SYSTEM INFORMATION
Note that setting these values here, results in the corresponding MIB objects being ‘read-only’
See snmpd.conf(5) for more details
sysLocation Sitting on the Dock of the Bay
sysContact Me <me@example.org>
# Application + End-to-End layers
sysServices 72
Process Monitoring
# At least one 'mountd' process
proc mountd
# No more than 4 ‘ntalkd’ processes - 0 is OK
proc ntalkd 4
# At least one ‘sendmail’ process, but no more than 10
proc sendmail 10 1
Walk the UCD-SNMP-MIB::prTable to see the resulting output
Note that this table will be empty if there are no "proc" entries in the snmpd.conf file
Disk Monitoring
# 10MBs required on root disk, 5% free on /var, 10% free on all other disks
disk / 10000
disk /var 5%
includeAllDisks 10%
Walk the UCD-SNMP-MIB::dskTable to see the resulting output
Note that this table will be empty if there are no "disk" entries in the snmpd.conf file
System Load
# Unacceptable 1-, 5-, and 15-minute load averages
load 12 10 5
Walk the UCD-SNMP-MIB::laTable to see the resulting output
Note that this table will be populated, even without a "load" entry in the snmpd.conf file
###############################################################################
ACTIVE MONITORING
# send SNMPv1 traps
trapsink localhost public
# send SNMPv2c traps
#trap2sink localhost public
# send SNMPv2c INFORMs
#informsink localhost public
Note that you typically only want one of these three lines
Uncommenting two (or all three) will result in multiple copies of each notification.
Event MIB - automatically generate alerts
# Remember to activate the 'createUser' lines above
iquerySecName internalUser
rouser internalUser
# generate traps on UCD error conditions
defaultMonitors yes
# generate traps on linkUp/Down
linkUpDownNotifications yes
###############################################################################
EXTENDING THE AGENT
Arbitrary extension commands
extend test1 /bin/echo Hello, world!
extend-sh test2 echo Hello, world! ; echo Hi there ; exit 35
#extend-sh test3 /bin/sh /tmp/shtest
Note that this last entry requires the script ‘/tmp/shtest’ to be created first,
containing the same three shell commands, before the line is uncommented
Walk the NET-SNMP-EXTEND-MIB tables (nsExtendConfigTable, nsExtendOutput1Table
and nsExtendOutput2Table) to see the resulting output
Note that the "extend" directive supercedes the previous "exec" and "sh" directives
However, walking the UCD-SNMP-MIB::extTable should still returns the same output,
as well as the fuller results in the above tables.
"Pass-through" MIB extension command
#pass .1.3.6.1.4.1.8072.2.255 /bin/sh PREFIX/local/passtest
#pass .1.3.6.1.4.1.8072.2.255 /usr/bin/perl PREFIX/local/passtest.pl
Note that this requires one of the two ‘passtest’ scripts to be installed first,
before the appropriate line is uncommented.
These scripts can be found in the ‘local’ directory of the source distribution,
and are not installed automatically.
Walk the NET-SNMP-PASS-MIB::netSnmpPassExamples subtree to see the resulting output
AgentX Sub-agents
# Run as an AgentX master agent
master agentx
# Listen for network connections (from localhost)
# rather than the default named socket /var/agentx/master
#agentXSocket tcp:localhost:705