SNMP stands for "Simple Network Management Protocol" and can be used to monitor any device that supports snmp, among which there are very few servers, routers, network printers, and firewalls. SNMP can monitor various parameters of these devices, such as server performance, network usage, and disk usage.
Check the package
to check whether the package has been installed, to check the status of the installation package, run the following command;
RPM -qa | grep snmp NET-NET-snmp-utils
installation package
after package installation status check, whether is not installed Software package. Install the software package to install and run the command;
yum install net-snmp net-snmp-utils -y
verify installation
After installing the net-snmp software package, please verify that the software package is installed, to check the installation status of the software package, please run the following Command:
rpm -qa | grep net-snmp*
SNMP-configuration file
#vi /etc/snmp/snmpd.conf
modify the following fields
# sec.name source community
com2sec notConfigUser default public
Modify the community string defined by public for yourself
Modify view device node permissions
Find the following location in the configuration file /etc/snmp/snmpd.conf
####
# Third, create a view for us to let the group have rights to:
# Make at least snmpwalk -v 1 localhost -c public system fast again.
# name incl/excl subtree mask(optional)
view systemview included .1.3.6.1.2.1.1
view systemview included .1.3.6.1.2.1.25.1.1
view: defines which node device information can be viewed.
The default configuration of snmp can only view the device information under the .1.3.6.1.2.1.1 and .1.3.6.1.2.1.25.1.1 nodes,
and the host CPU and memory devices are not under these nodes, so these data cannot be obtained.
Therefore, you can modify this configuration as follows:
####
# Third, create a view for us to let the group have rights to:
# Make at least snmpwalk -v 1 localhost -c public system fast again.
# name incl/excl subtree mask(optional)
view systemview included .1
view systemview included .1.3.6.1.2.1.1
view systemview included .1.3.6.1.2.1.25.1.1
A line is added here:
view systemview included .1
means that you can view all device information under the .1 node.
Enable and start the service
systemctl enable snmpd
systemctl restart snmpd
systemctl status snmpd
The firewall configures the
SNMP protocol to work on UDP port "161", and this port needs to be opened to listen and scan reports from remote servers, and for the latest version of snmp service support, the TCP port runs on "161" again.
Firewall configuration-open UDP port After
installing and checking the default configuration, the next step is to open the firewall port, which is the snmp protocol running on UDP port 161.
firewall-cmd --permanent --add-port=161/udp
firewall configuration-
reload to reload the firewall configuration.
firewall-cmd --reload
firewall configuration-list
After reloading the firewall daemon, list the current rule set.
firewall-cmd --list-alll
snmpwalk – local host query After
configuring the firewall, you can continue to test snmp query data on the local host, and it should be able to retrieve the OID value when it is running. To retrieve information, please run the command;
snmpwalk -v 1 -c public -O e 127.0.0.1
snmpwalk-remote query Query
from the remote client during runtime to retrieve the OID value. To retrieve information, run the command; in this case, we are querying from a Windows computer.
snmpwalk -r:54.165.245.172 -q -c:public