python自动化管理和zabbix监控网络设备（zabbix部署监控网络设备以及验证部分）

白帽小丑

于 2024-03-04 19:28:08 发布

阅读量644

点赞数 8

分类专栏： hw 数通路由&交换服务器运维文章标签： python 自动化 zabbix 运维服务器 linux

本文链接：https://blog.csdn.net/bmxch/article/details/136460109

版权

服务器运维同时被 2 个专栏收录

66 篇文章 3 订阅

订阅专栏

hw 数通路由&交换

5 篇文章 1 订阅

订阅专栏

前言

详细配置视频解析访问：白帽小丑的个人空间-白帽小丑个人主页-哔哩哔哩视频

一、Zabbix搭建

sed -i 's/SELINUX=enforcing/SELINUX=disable/' /etc/selinux/config  
systemctl disable --now firewalld    


timedatectl
timedatectl set-timezone Asia/Shanghai

rpm -Uvh https://repo.zabbix.com/zabbix/5.0/rhel/7/x86_64/zabbix-release-5.0-1.el7.noarch.rpm 
ls /etc/yum.repos.d/     
cat /etc/yum.repos.d/zabbix.repo  

yum clean all  
yum makecache 

yum install zabbix-server-mysql zabbix-agent -y


yum install centos-release-scl



yum list rh-php7\*

vim /etc/yum.repos.d/zabbix.repo    //进入配置文件
#使用键盘将光标定位到 [zabbix-frontend] 下 enable=_?_ 位置。
#点击键盘 i 进行编辑，将数值改为 enable=1 。
#按键盘 esc 退出编辑。
#输入 :wq 保存并退出配置文件。


yum install zabbix-web-mysql-scl zabbix-apache-conf-scl -y

ls /opt/rh/

yum install mariadb-server -y  
systemctl status mariadb  

systemctl enable --now mariadb 

mysql_secure_installation

mysql -uroot -p  

create database zabbix character set utf8 collate utf8_bin;     
create user zabbix@localhost identified by 'zabbix@123';      
grant all privileges on zabbix.* to zabbix@localhost;    
flush privileges ;    

zcat /usr/share/doc/zabbix-server-mysql*/create.sql.gz | mysql -uzabbix -p zabbix 

vi /etc/zabbix/zabbix_server.conf  //进入zabbix-server配置文件
#输入 /DBPa 定位到 DBPpassword= 的位置。
#按 i 进行编辑，修改数据库的密码，并将行前的#符号删除。
# esc  然后 :wq 保存并退出。


vim /etc/opt/rh/rh-php72/php-fpm.d/zabbix.conf  
#找到时区，将其修改为 Asia/Shanghai 

systemctl restart zabbix-server zabbix-agent httpd rh-php72-php-fpm  
systemctl enable zabbix-server zabbix-agent httpd rh-php72-php-fpm


yum install wqy-microhei-fonts -y  
\cp /usr/share/fonts/wqy-microhei/wqy-microhei.ttc /usr/share/fonts/dejavu/DejaVuSans.ttf  
yum install zabbix-get -y
yum install net-tools  -y

二、FW1

#注意不要使用本地登录的用户

aaa     
manager-user user1
password cipher Huawei@123
level 15     
service-type ssh     
quit     
quit     


user-interface vty 0 4
 authentication-mode aaa
 protocol inbound all
quit

stelnet server enable   
ssh user user1
ssh user user1 authentication-type password
ssh user user1 service-type stelnet

#注意长度为2048
rsa local-key-pair create
Y
2048


inter gi1/0/3
service-manage ssh permit

security-policy 
 rule name Trust-to-Dmz
  source-zone trust
  destination-zone dmz
  source-address 10.1.0.0 mask 255.255.255.0
  destination-address 4.4.4.4 mask 255.255.255.255
  action permit

security-policy 
 rule name Dmz-to-Trust
  source-zone dmz
  destination-zone trust
  source-address 4.4.4.4 mask 255.255.255.255
  destination-address 10.1.0.0 mask 255.255.255.0
  action permit




system-view
snmp-agent
snmp-agent sys-info version v2c
snmp-agent community read huawei@123
snmp-agent community write huawei@123

snmp-agent target-host trap address udp-domain 10.1.0.100 params securityname huawei@123 v2c
snmp-agent trap enable
Y

三、python脚本

python自动化管理和zabbix监控网络设备（防火墙和python自动化配置部分）-CSDN博客

四、core-sw1

#ssh配置
aaa     

local-user huawei password cipher huawei

local-user huawei service-type ssh telnet

local-user huawei privilege level 15

quit

stelnet server enable

user-interface vty 0 4
authentication-mode aaa
protocol inbound all

quit

rsa local-key-pair create  
Y
2048

ssh user huawei authentication-type password  

ssh user huawei service-type stelnet
quit

#snmp配置

system-view
snmp-agent
snmp-agent sys-info version v2c
snmp-agent community read huawei@123
snmp-agent community write huawei@123

snmp-agent target-host trap address udp-domain 10.1.0.100 params securityname huawei@123 v2c
snmp-agent trap enable
Y

五、core-sw2

#ssh配置
aaa     

local-user huawei password cipher huawei

local-user huawei service-type ssh telnet

local-user huawei privilege level 15

quit

stelnet server enable

user-interface vty 0 4
authentication-mode aaa
protocol inbound all

quit

rsa local-key-pair create  
Y
2048

ssh user huawei authentication-type password  

ssh user huawei service-type stelnet
quit

#snmp配置

system-view
snmp-agent
snmp-agent sys-info version v2c
snmp-agent community read huawei@123
snmp-agent community write huawei@123

snmp-agent target-host trap address udp-domain 10.1.0.100 params securityname huawei@123 v2c
snmp-agent trap enable
Y

六、DMZ-sw1

#ssh配置
aaa     

local-user huawei password cipher huawei

local-user huawei service-type ssh telnet

local-user huawei privilege level 15

quit

stelnet server enable

user-interface vty 0 4
authentication-mode aaa
protocol inbound all

quit

rsa local-key-pair create  
Y
2048

ssh user huawei authentication-type password  

ssh user huawei service-type stelnet
quit

#snmp配置

system-view
snmp-agent
snmp-agent sys-info version v2c
snmp-agent community read huawei@123
snmp-agent community write huawei@123

snmp-agent target-host trap address udp-domain 10.1.0.100 params securityname huawei@123 v2c
snmp-agent trap enable
Y