某系统专门监测单位内部服务器的SNMP及WMI参数,期间添加监测设备遇到一些问题及解决思路
Windows操作系统:
一、SNMP参数测试不通
1.检查服务器管理器→功能→是否添加SNMP服务,若没有请安装,安装完毕后打开服务→找到SNMP Services→右键属性→启动类型确认为自动→服务状态确定为已启动→选择安全→配置社区名称(默认public,安全角度不建议使用默认)→配置接收来自下列主机的SNMP数据包(这里写管理地址);
2.检查服务器防火墙→入站规则→新建规则→端口→UDP 161端口→允许连接→完成;
二、WMI参数测试不通
1.服务器管理器→服务→找到WMI Performance Adapter→右键属性→启动类型确认为自动→服务状态确定为已启动;
2.检查服务器防火墙→入站规则→新建规则→预定义中选择Windows Management Instrumentation(WMI)→勾选提示的三个规则→允许连接→完成;
3.检查服务器防火墙→远程桌面(TCP-In)→属性→作用域→确认远程IP地址是否包含管理地址;
配置WMI服务
1.启动Windows Management Instrumentation服务,并设置为自动启动。
2.新建用户
3.对新建的用户添加以下用户组:
Distributed COM Users
Event Log Readers
Performance Monitor Users
4.对新建的用户添加WMI命名空间远程访问权限
注意:如果有防火墙,需要开放TCP 135端口。
CentOS\Linux操作系统:
一、SNMP参数测试不通
检查\etc\snmpd\snmpd.conf配置文件是否正确,如下(借鉴:在RedHat Linux系统中安装和配置snmp服务 - ldxsuanfa - 博客园 )
1.配置SNMP连接字符串 community string
#vi /etc/snmp/snmpd.conf 改动以下字段
# sec.name source community
com2sec notConfigUser default public
改动public为自定义的community string
2.改动查看设备节点权限 在配置文件/etc/snmp/snmpd.conf中找到例如以下位置
####
# Third, create a view for us to let the group have rights to:
# Make at least snmpwalk -v 1 localhost -c public system fast again.
# name incl/excl subtree mask(optional)
view systemview included .1.3.6.1.2.1.1
view systemview included .1.3.6.1.2.1.25.1.1
view:定义了能够查看哪些节点设备的信息。
snmp默认配置仅仅能查看.1.3.6.1.2.1.1和.1.3.6.1.2.1.25.1.1节点下的设备信息,
而主机CPU和内存等设备都不在这些节点下。所以无法获取这些数据。
因此,能够改动这个配置,例如以下:
####
# Third, create a view for us to let the group have rights to:
# Make at least snmpwalk -v 1 localhost -c public system fast again.
# name incl/excl subtree mask(optional)
view systemview included .1
view systemview included .1.3.6.1.2.1.1
view systemview included .1.3.6.1.2.1.25.1.1
在此处加入了一行:
view systemview included .1
表示能够查看.1节点下的全部设备信息。
3.改动Process checks的配置在配置文件/etc/snmp/snmpd.conf中找到例如以下位置
###############################################################################
# Process checks.
#
# The following are examples of how to use the agent to check for
# processes running on the host. The syntax looks something like:
#
# proc NAME [MAX=0] [MIN=0]
#
# NAME: the name of the process to check for. It must match
# exactly (ie, http will not find httpd processes).
# MAX: the maximum number allowed to be running. Defaults to 0.
# MIN: the minimum number to be running. Defaults to 0.
#
# Examples (commented out by default):
#
# Make sure mountd is running
#proc mountd
# Make sure there are no more than 4 ntalkds running, but 0 is ok too.
#proc ntalkd 4
# Make sure at least one sendmail, but less than or equal to 10 are running.
#proc sendmail 10 1
去除
#proc mountd
#proc ntalkd 4
#proc sendmail 10 1
这三行前面的#号,取消注释
4.改动Executables/scripts配置在配置文件/etc/snmp/snmpd.conf中找到例如以下位置
###############################################################################
# Executables/scripts
#
#
# You can also have programs run by the agent that return a single
# line of output and an exit code. Here are two examples.
#
# exec NAME PROGRAM [ARGS ...]
#
# NAME: A generic name.
# PROGRAM: The program to run. Include the path!
# ARGS: optional arguments to be passed to the program
# a simple hello world
#exec echotest /bin/echo hello world
# Run a shell script containing:
将
#exec echotest /bin/echo hello world
前面的#去掉,取消注释
5.改动disk checks配置
在配置文件/etc/snmp/snmpd.conf中找到例如以下位置
###############################################################################
# disk checks
#
# The agent can check the amount of available disk space, and make
# sure it is above a set limit.
# disk PATH [MIN=100000]
#
# PATH: mount path to the disk in question.
# MIN: Disks with space below this value will have the Mib's errorFlag set.
# Default value = 100000.
# Check the / partition and make sure it contains at least 10 megs.
#disk / 10000
将
#disk / 10000
前的#号去掉,取消注释。
6.改动load average checks配置在配置文件/etc/snmp/snmpd.conf中找到例如以下位置
###############################################################################
# load average checks
#
# load [1MAX=12.0] [5MAX=12.0] [15MAX=12.0]
#
# 1MAX: If the 1 minute load average is above this limit at query
# time, the errorFlag will be set.
# 5MAX: Similar, but for 5 min average.
# 15MAX: Similar, but for 15 min average.
# Check for loads:
#load 12 14 14
将
#load 12 14 14
前的#去掉,取消注释。
上述配置完毕后,将snmpd服务设置为自启动
#chkconfig snmpd on
重新启动snmp服务
#service snmpd restart
验证改动配置后的snmp服务
# snmpwalk -v 2c -c public localhost 1.3.6.1.4.1.2021.11.11.0
# snmpwalk -v 2c -c public localhost .1(国产服务器验证命令)
若监控系统还是无法访问服务器的SNMP端口,请检查服务器防火墙状态:
firewall-cmd --state 若为running状态,则防火墙为开启模式。
放行命令如下:
iptables -I INPUT -s 管理IP地址 -p udp --dport 161 -j ACCEPT 防火墙放行管理IP及udp161端口
iptables-save 保存配置