[隐藏]

1.必备包

通过YUM直接安装:

net-snmp

从HP官网下载:

hp-snmp-agents

hp-health

hpsmh

hp-smh-templates

2.配置本地YUM

符合以下条件需要做此操作,否则请跳过:

  1. RedHat 系统,并且没购买授权
  2. RedHat或CentOS系统,并且无外网环境

挂载系统镜像:

修改yum源:

可以看到yum源中baseurl部分指向的是外网,需要对此文件编辑先按下i,之后将光标移动到下图位置,按Delete键删除多余部分:

现在将其修改成指向本地系统,如下图修改好后,按ESC键,输入wq并回车即可保存:

PS: Redhat 6或者CentOS 6系列不需要输入后面的Server,在下图红框处输入”file:///iso”即可

 

3.安装&配置

保存完毕后输入以下命令安装SNMP协议:

安装过程,看到下图红框代表安装完成:

此时hp-snmp-agents和hp-health需要同时安装,如下:

#rpm -ivh hp-snmp-agents(此处按下TAB即可自动补全包名) hp-health(此处按下TAB即可自动补全包名)

出现以上过程代表安装成功,现在输入以下命令配置SNMP协议:

#hpsnmpconfig

 

如下图,输入”n”,就会出现下面需要填写的地方,下图红字部分可以自行设定,因为输入的时候是和输入密码一样无显的,所以特意标注。

其他部分请按照下图填写:

填写完毕后会出现下图信息:

此时安装hpsmh和hp-smh-templates包:

#rpm -ivh hpsmh(此处按下TAB即可自动补全包名) hp-smh-templates(此处按下TAB即可自动补全包名):

 

重启hpsmh服务:

#service hpsmhd restart

关闭防火墙,或者给防火墙添加2831端口(如果只是让本机访问可以忽略此设置)

#service iptables stop

4.验证结果

重启服务器后,在本机浏览器中输入

https://127.0.0.1:2381/

输入系统root账户密码:

登录进入可以看到下图,可以看到Management Processor、NIC、Recovery等信息,并且在右上角能看到数据源为SNMP就表示安装成功:

5.附录:

5.1.卸载注意事项:

#rpm -ivh hpsmh(此处按下TAB即可自动补全包名) hp-smh-templates(此处按下TAB即可自动补全包名) hp-snmp-agents(此处按下TAB即可自动补全包名) hp-health(此处按下TAB即可自动补全包名)

卸载时需要同时将四个HP包输入在一个 rpm命令中。

如果使用rpm卸载net-snmp报错请使用以下命令:

yum remove net-snmp

5.2./etc/snmp/snmpd.conf范例:

可以检测一下红字部分是否一致来进行故障排除

# Following entries were added by HP Insight Management Agents at

# Wed Dec 19 05:30:32 CST 2012

dlmod cmaX /usr/lib64/libcmaX64.so

rwcommunity private 127.0.0.1

rocommunity public 127.0.0.1

rwcommunity private 127.0.0.1

rocommunity public 127.0.0.1

trapcommunity public

trapsink 127.0.0.1 public

syscontact

# ———————- END ——————–

###############################################################################

#

# snmpd.conf:

# An example configuration file for configuring the ucd-snmp snmpd agent.

#

###############################################################################

#

# This file is intended to only be as a starting point. Many more

# configuration directives exist than are mentioned in this file. For

# full details, see the snmpd.conf(5) manual page.

#

# All lines beginning with a ‘#’ are comments and are intended for you

# to read. All other lines are configuration commands for the agent.

 

###############################################################################

# Access Control

###############################################################################

 

# As shipped, the snmpd demon will only respond to queries on the

# system mib group until this file is replaced or modified for

# security purposes. Examples are shown below about how to increase the

# level of access.

 

# By far, the most common question I get about the agent is “why won’t

# it work?”, when really it should be “how do I configure the agent to

# allow me to access it?”

#

# By default, the agent responds to the “public” community for read

# only access, if run out of the box without any configuration file in

# place. The following examples show you other ways of configuring

# the agent so that you can change the community names, and give

# yourself write access to the mib tree as well.

#

# For more information, read the FAQ as well as the snmpd.conf(5)

# manual page.

 

####

# First, map the community name “public” into a “security name”

 

# sec.name source community

com2sec notConfigUser default public

 

####

# Second, map the security name into a group name:

 

# groupName securityModel securityName

group notConfigGroup v1 notConfigUser

group notConfigGroup v2c notConfigUser

 

####

# Third, create a view for us to let the group have rights to:

 

# Make at least snmpwalk -v 1 localhost -c public system fast again.

# name incl/excl subtree mask(optional)

view systemview included .1.3.6.1.2.1.1

view systemview included .1.3.6.1.2.1.25.1.1

 

####

# Finally, grant the group read-only access to the systemview view.

 

# group context sec.model sec.level prefix read write notif

access notConfigGroup “” any noauth exact systemview none none

 

# —————————————————————————–

 

# Here is a commented out example configuration that allows less

# restrictive access.

 

# YOU SHOULD CHANGE THE “COMMUNITY” TOKEN BELOW TO A NEW KEYWORD ONLY

# KNOWN AT YOUR SITE. YOU *MUST* CHANGE THE NETWORK TOKEN BELOW TO

# SOMETHING REFLECTING YOUR LOCAL NETWORK ADDRESS SPACE.

 

## sec.name source community

#com2sec local localhost COMMUNITY

#com2sec mynetwork NETWORK/24 COMMUNITY

 

## group.name sec.model sec.name

#group MyRWGroup any local

#group MyROGroup any mynetwork

#

#group MyRWGroup any otherv3user

#…

 

## incl/excl subtree mask

#view all included .1 80

 

## -or just the mib2 tree-

 

#view mib2 included .iso.org.dod.internet.mgmt.mib-2 fc

 

 

## context sec.model sec.level prefix read write notif

#access MyROGroup “” any noauth 0 all none none

#access MyRWGroup “” any noauth 0 all all all

 

 

###############################################################################

# Sample configuration to make net-snmpd RFC 1213.

# Unfortunately v1 and v2c don’t allow any user based authentification, so

# opening up the default config is not an option from a security point.

#

# WARNING: If you uncomment the following lines you allow write access to your

# snmpd daemon from any source! To avoid this use different names for your

# community or split out the write access to a different community and

# restrict it to your local network.

# otherwise they are still read only (see FAQ for net-snmp).

#

 

# First, map the community name “public” into a “security name”

# sec.name source community

#com2sec notConfigUser default public

 

# Second, map the security name into a group name:

# groupName securityModel securityName

#group notConfigGroup v1 notConfigUser

#group notConfigGroup v2c notConfigUser

 

# Third, create a view for us to let the group have rights to:

# Open up the whole tree for ro, make the RFC 1213 required ones rw.

# name incl/excl subtree mask(optional)

#view roview included .1

#view rwview included system.sysContact

#view rwview included system.sysName

#view rwview included system.sysLocation

#view rwview included interfaces.ifTable.ifEntry.ifAdminStatus

#view rwview included at.atTable.atEntry.atPhysAddress

#view rwview included at.atTable.atEntry.atNetAddress

#view rwview included ip.ipForwarding

#view rwview included ip.ipDefaultTTL

#view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteDest

#view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteIfIndex

#view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteMetric1

#view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteMetric2

#view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteMetric3

#view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteMetric4

#view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteType

#view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteAge

#view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteMask

#view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteMetric5

#view rwview included ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaIfIndex

#view rwview included ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaPhysAddress

#view rwview included ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaNetAddress

#view rwview included ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaType

#view rwview included tcp.tcpConnTable.tcpConnEntry.tcpConnState

#view rwview included egp.egpNeighTable.egpNeighEntry.egpNeighEventTrigger

#view rwview included snmp.snmpEnableAuthenTraps

 

# Finally, grant the group read-only access to the systemview view.

# group context sec.model sec.level prefix read write notif

#access notConfigGroup “” any noauth exact roview rwview none

 

 

 

###############################################################################

# System contact information

#

 

# It is also possible to set the sysContact and sysLocation system

# variables through the snmpd.conf file:

 

 

# Example output of snmpwalk:

# % snmpwalk -v 1 localhost -c public system

# system.sysDescr.0 = “SunOS name sun4c”

# system.sysObjectID.0 = OID: enterprises.ucdavis.ucdSnmpAgent.sunos4

# system.sysUpTime.0 = Timeticks: (595637548) 68 days, 22:32:55

# system.sysContact.0 = “Me <[email protected]>”

# system.sysName.0 = “name”

# system.sysLocation.0 = “Right here, right now.”

# system.sysServices.0 = 72

 

 

# —————————————————————————–

 

 

###############################################################################

# Process checks.

#

# The following are examples of how to use the agent to check for

# processes running on the host. The syntax looks something like:

#

# proc NAME [MAX=0] [MIN=0]

#

# NAME: the name of the process to check for. It must match

# exactly (ie, http will not find httpd processes).

# MAX: the maximum number allowed to be running. Defaults to 0.

# MIN: the minimum number to be running. Defaults to 0.

 

#

# Examples (commented out by default):

#

 

# Make sure mountd is running

#proc mountd

 

# Make sure there are no more than 4 ntalkds running, but 0 is ok too.

#proc ntalkd 4

 

# Make sure at least one sendmail, but less than or equal to 10 are running.

#proc sendmail 10 1

 

# A snmpwalk of the process mib tree would look something like this:

#

# % snmpwalk -v 1 localhost -c public .1.3.6.1.4.1.2021.2

# enterprises.ucdavis.procTable.prEntry.prIndex.1 = 1

# enterprises.ucdavis.procTable.prEntry.prIndex.2 = 2

# enterprises.ucdavis.procTable.prEntry.prIndex.3 = 3

# enterprises.ucdavis.procTable.prEntry.prNames.1 = “mountd”

# enterprises.ucdavis.procTable.prEntry.prNames.2 = “ntalkd”

# enterprises.ucdavis.procTable.prEntry.prNames.3 = “sendmail”

# enterprises.ucdavis.procTable.prEntry.prMin.1 = 0

# enterprises.ucdavis.procTable.prEntry.prMin.2 = 0

# enterprises.ucdavis.procTable.prEntry.prMin.3 = 1

# enterprises.ucdavis.procTable.prEntry.prMax.1 = 0

# enterprises.ucdavis.procTable.prEntry.prMax.2 = 4

# enterprises.ucdavis.procTable.prEntry.prMax.3 = 10

# enterprises.ucdavis.procTable.prEntry.prCount.1 = 0

# enterprises.ucdavis.procTable.prEntry.prCount.2 = 0

# enterprises.ucdavis.procTable.prEntry.prCount.3 = 1

# enterprises.ucdavis.procTable.prEntry.prErrorFlag.1 = 1

# enterprises.ucdavis.procTable.prEntry.prErrorFlag.2 = 0

# enterprises.ucdavis.procTable.prEntry.prErrorFlag.3 = 0

# enterprises.ucdavis.procTable.prEntry.prErrMessage.1 = “No mountd process running.”

# enterprises.ucdavis.procTable.prEntry.prErrMessage.2 = “”

# enterprises.ucdavis.procTable.prEntry.prErrMessage.3 = “”

# enterprises.ucdavis.procTable.prEntry.prErrFix.1 = 0

# enterprises.ucdavis.procTable.prEntry.prErrFix.2 = 0

# enterprises.ucdavis.procTable.prEntry.prErrFix.3 = 0

#

# Note that the errorFlag for mountd is set to 1 because one is not

# running (in this case an rpc.mountd is, but thats not good enough),

# and the ErrMessage tells you what’s wrong. The configuration

# imposed in the snmpd.conf file is also shown.

#

# Special Case: When the min and max numbers are both 0, it assumes

# you want a max of infinity and a min of 1.

#

 

 

# —————————————————————————–

 

 

###############################################################################

# Executables/scripts

#

 

#

# You can also have programs run by the agent that return a single

# line of output and an exit code. Here are two examples.

#

# exec NAME PROGRAM [ARGS …]

#

# NAME: A generic name.

# PROGRAM: The program to run. Include the path!

# ARGS: optional arguments to be passed to the program

 

# a simple hello world

 

#exec echotest /bin/echo hello world

 

# Run a shell script containing:

#

# #!/bin/sh

# echo hello world

# echo hi there

# exit 35

#

# Note: this has been specifically commented out to prevent

# accidental security holes due to someone else on your system writing

# a /tmp/shtest before you do. Uncomment to use it.

#

#exec shelltest /bin/sh /tmp/shtest

 

# Then,

# % snmpwalk -v 1 localhost -c public .1.3.6.1.4.1.2021.8

# enterprises.ucdavis.extTable.extEntry.extIndex.1 = 1

# enterprises.ucdavis.extTable.extEntry.extIndex.2 = 2

# enterprises.ucdavis.extTable.extEntry.extNames.1 = “echotest”

# enterprises.ucdavis.extTable.extEntry.extNames.2 = “shelltest”

# enterprises.ucdavis.extTable.extEntry.extCommand.1 = “/bin/echo hello world”

# enterprises.ucdavis.extTable.extEntry.extCommand.2 = “/bin/sh /tmp/shtest”

# enterprises.ucdavis.extTable.extEntry.extResult.1 = 0

# enterprises.ucdavis.extTable.extEntry.extResult.2 = 35

# enterprises.ucdavis.extTable.extEntry.extOutput.1 = “hello world.”

# enterprises.ucdavis.extTable.extEntry.extOutput.2 = “hello world.”

# enterprises.ucdavis.extTable.extEntry.extErrFix.1 = 0

# enterprises.ucdavis.extTable.extEntry.extErrFix.2 = 0

 

# Note that the second line of the /tmp/shtest shell script is cut

# off. Also note that the exit status of 35 was returned.

 

# —————————————————————————–

 

 

###############################################################################

# disk checks

#

 

# The agent can check the amount of available disk space, and make

# sure it is above a set limit.

 

# disk PATH [MIN=100000]

#

# PATH: mount path to the disk in question.

# MIN: Disks with space below this value will have the Mib’s errorFlag set.

# Default value = 100000.

 

# Check the / partition and make sure it contains at least 10 megs.

 

#disk / 10000

 

# % snmpwalk -v 1 localhost -c public .1.3.6.1.4.1.2021.9

# enterprises.ucdavis.diskTable.dskEntry.diskIndex.1 = 0

# enterprises.ucdavis.diskTable.dskEntry.diskPath.1 = “/” Hex: 2F

# enterprises.ucdavis.diskTable.dskEntry.diskDevice.1 = “/dev/dsk/c201d6s0”

# enterprises.ucdavis.diskTable.dskEntry.diskMinimum.1 = 10000

# enterprises.ucdavis.diskTable.dskEntry.diskTotal.1 = 837130

# enterprises.ucdavis.diskTable.dskEntry.diskAvail.1 = 316325

# enterprises.ucdavis.diskTable.dskEntry.diskUsed.1 = 437092

# enterprises.ucdavis.diskTable.dskEntry.diskPercent.1 = 58

# enterprises.ucdavis.diskTable.dskEntry.diskErrorFlag.1 = 0

# enterprises.ucdavis.diskTable.dskEntry.diskErrorMsg.1 = “”

 

# —————————————————————————–

 

 

###############################################################################

# load average checks

#

 

# load [1MAX=12.0] [5MAX=12.0] [15MAX=12.0]

#

# 1MAX: If the 1 minute load average is above this limit at query

# time, the errorFlag will be set.

# 5MAX: Similar, but for 5 min average.

# 15MAX: Similar, but for 15 min average.

 

# Check for loads:

#load 12 14 14

 

# % snmpwalk -v 1 localhost -c public .1.3.6.1.4.1.2021.10

# enterprises.ucdavis.loadTable.laEntry.loadaveIndex.1 = 1

# enterprises.ucdavis.loadTable.laEntry.loadaveIndex.2 = 2

# enterprises.ucdavis.loadTable.laEntry.loadaveIndex.3 = 3

# enterprises.ucdavis.loadTable.laEntry.loadaveNames.1 = “Load-1”

# enterprises.ucdavis.loadTable.laEntry.loadaveNames.2 = “Load-5”

# enterprises.ucdavis.loadTable.laEntry.loadaveNames.3 = “Load-15”

# enterprises.ucdavis.loadTable.laEntry.loadaveLoad.1 = “0.49” Hex: 30 2E 34 39

# enterprises.ucdavis.loadTable.laEntry.loadaveLoad.2 = “0.31” Hex: 30 2E 33 31

# enterprises.ucdavis.loadTable.laEntry.loadaveLoad.3 = “0.26” Hex: 30 2E 32 36

# enterprises.ucdavis.loadTable.laEntry.loadaveConfig.1 = “12.00”

# enterprises.ucdavis.loadTable.laEntry.loadaveConfig.2 = “14.00”

# enterprises.ucdavis.loadTable.laEntry.loadaveConfig.3 = “14.00”

# enterprises.ucdavis.loadTable.laEntry.loadaveErrorFlag.1 = 0

# enterprises.ucdavis.loadTable.laEntry.loadaveErrorFlag.2 = 0

# enterprises.ucdavis.loadTable.laEntry.loadaveErrorFlag.3 = 0

# enterprises.ucdavis.loadTable.laEntry.loadaveErrMessage.1 = “”

# enterprises.ucdavis.loadTable.laEntry.loadaveErrMessage.2 = “”

# enterprises.ucdavis.loadTable.laEntry.loadaveErrMessage.3 = “”

 

# —————————————————————————–

 

 

###############################################################################

# Extensible sections.

#

 

# This alleviates the multiple line output problem found in the

# previous executable mib by placing each mib in its own mib table:

 

# Run a shell script containing:

#

# #!/bin/sh

# echo hello world

# echo hi there

# exit 35

#

# Note: this has been specifically commented out to prevent

# accidental security holes due to someone else on your system writing

# a /tmp/shtest before you do. Uncomment to use it.

#

# exec .1.3.6.1.4.1.2021.50 shelltest /bin/sh /tmp/shtest

 

# % snmpwalk -v 1 localhost -c public .1.3.6.1.4.1.2021.50

# enterprises.ucdavis.50.1.1 = 1

# enterprises.ucdavis.50.2.1 = “shelltest”

# enterprises.ucdavis.50.3.1 = “/bin/sh /tmp/shtest”

# enterprises.ucdavis.50.100.1 = 35

# enterprises.ucdavis.50.101.1 = “hello world.”

# enterprises.ucdavis.50.101.2 = “hi there.”

# enterprises.ucdavis.50.102.1 = 0

 

# Now the Output has grown to two lines, and we can see the ‘hi

# there.’ output as the second line from our shell script.

#

# Note that you must alter the mib.txt file to be correct if you want

# the .50.* outputs above to change to reasonable text descriptions.

 

# Other ideas:

#

# exec .1.3.6.1.4.1.2021.51 ps /bin/ps

# exec .1.3.6.1.4.1.2021.52 top /usr/local/bin/top

# exec .1.3.6.1.4.1.2021.53 mailq /usr/bin/mailq

 

# —————————————————————————–

 

 

###############################################################################

# Pass through control.

#

 

# Usage:

# pass MIBOID EXEC-COMMAND

#

# This will pass total control of the mib underneath the MIBOID

# portion of the mib to the EXEC-COMMAND.

#

# Note: You’ll have to change the path of the passtest script to your

# source directory or install it in the given location.

#

# Example: (see the script for details)

# (commented out here since it requires that you place the

# script in the right location. (its not installed by default))

 

# pass .1.3.6.1.4.1.2021.255 /bin/sh /usr/local/local/passtest

 

# % snmpwalk -v 1 localhost -c public .1.3.6.1.4.1.2021.255

# enterprises.ucdavis.255.1 = “life the universe and everything”

# enterprises.ucdavis.255.2.1 = 42

# enterprises.ucdavis.255.2.2 = OID: 42.42.42

# enterprises.ucdavis.255.3 = Timeticks: (363136200) 42 days, 0:42:42

# enterprises.ucdavis.255.4 = IpAddress: 127.0.0.1

# enterprises.ucdavis.255.5 = 42

# enterprises.ucdavis.255.6 = Gauge: 42

#

# % snmpget -v 1 localhost public .1.3.6.1.4.1.2021.255.5

# enterprises.ucdavis.255.5 = 42

#

# % snmpset -v 1 localhost public .1.3.6.1.4.1.2021.255.1 s “New string”

# enterprises.ucdavis.255.1 = “New string”

#

 

# For specific usage information, see the man/snmpd.conf.5 manual page

# as well as the local/passtest script used in the above example.

 

# Added for support of bcm5820 cards.

pass .1.3.6.1.4.1.4413.4.1 /usr/bin/ucd5820stat

 

###############################################################################

# Further Information

#

# See the snmpd.conf manual page, and the output of “snmpd -H”.

发表评论