CentOS配置SNMP

<span style="font-size:14px;">本文介绍如何在CentOS环境下配置一个简单的SNMP服务</span>

软件安装

切换到系统管理员帐户

安装snmp
确认snmp代理已安装
rpm -q net-snmp
如果未安装，安装snmp
yum install net-snmp

设置开机自动运行snmp
/sbin/chkconfig snmpd on配置snmp

修改配置文件

将原来的配置文件备份，编辑/etc/snmp/snmpd.conf，简单配置如下

# First, map the community name "public" into a "security name"

#       sec.name  source          community
com2sec notConfigUser  default       public

####
# Second, map the security name into a group name:

#       groupName      securityModel securityName
group   notConfigGroup v1           notConfigUser
group   notConfigGroup v2c           notConfigUser

####
# Third, create a view for us to let the group have rights to:

# Make at least  snmpwalk -v 1 localhost -c public system fast again.
#       name           incl/excl     subtree         mask(optional)
view    systemview    included   .1.3.6.1.2.1.1
view    systemview    included   .1.3.6.1.2.1.25.1.1

####
# Finally, grant the group read-only access to the systemview view.

#       group          context sec.model sec.level prefix read   write  notif
access  notConfigGroup ""      any       noauth    exact  systemview none none

启动snmp

/etc/init.d/snmpd start
如果已启动则重启snmp服务
/etc/init.d/snmpd restart

测试snmp

查看端口是否打开
netstat -ln | grep 161

安装snmp测试工具
yum install net-snmp-utils

本机测试snmp数据（修改monit为配置的团体名）
snmpwalk -v 2c -c public localhost system

snmpwalk -v3 -u username -l auth -a MD5 -A password localhost

创建SNMP（v3）用户

net-snmp-config --create-snmpv3-user -ro -a MD5 lyceemsnmp lyceem.com

远程测试snmp数据（修改ip为服务器ip，snmpwalk命令需要安装net-snmp）
snmpwalk -v 2c -c public ip system

故常处理

错误排除如果本地测试snmp有数据，远程测试snmp无数据则由于服务器防火墙禁止了外部访问服务器udp 161端口，则：
修改 /etc/sysconfig/iptables （或者：/etc/sysconfig/iptables-config ） ，增加如下规则：
-A RH-Firewall-1-INPUT -p udp -m state Cstate NEW -m udp Cdport 161 -j ACCEPT
重启iptables
/etc/init.d/iptables restart