net-snmp可以調用外部腳本擴展功能,如:
vi /etc/snmp/snmpd.conf
exec .1.3.6.1.4.1.2021.18 tcpCurrEstab /etc/snmp/tcpconn.sh
exec .1.3.6.1.4.1.2021.19 tcpCurrHttp /etc/snmp/tcphttp.sh
exec .1.3.6.1.4.1.2021.20 tcpCurrPhp-fpm /etc/snmp/tcpphp.sh
exec .1.3.6.1.4.1.2021.21 tcpCurrMemcache /etc/snmp/tcpmemcache.sh
上面是舊版的配置,已經棄用了,新版本用:
extend .1.3.6.1.4.1.2021.18 tcpCurrEstab /etc/snmp/tcpconn.sh
extend .1.3.6.1.4.1.2021.19 tcpCurrHttp /etc/snmp/tcphttp.sh
extend .1.3.6.1.4.1.2021.20 tcpCurrPhp-fpm /etc/snmp/tcpphp.sh
extend .1.3.6.1.4.1.2021.21 tcpCurrMemcache /etc/snmp/tcpmemcache.sh
snmpd想允許一個段訪問,配置為:
com2sec notConfigUser 192.168.1.0/24 public
[root@ha1 log]# cat /etc/snmp/tcpconn.sh
#!/bin/sh
conn=`netstat -s -t | grep connections\ established |awk '{print $1}'`
echo $conn
[root@ha1 log]# cat /etc/snmp/tcphttp.sh
#!/bin/sh
netstat -an | grep ':80 ' | grep ESTABLISHED | wc -l
[root@ha1 log]# cat /etc/snmp/tcpmemcache.sh
#!/bin/sh
netstat -an | grep :11211 | grep ESTABLISHED | wc -l
[root@ha1 log]# cat /etc/snmp/tcpphp.sh
#!/bin/sh
netstat -an | grep :9000 | grep ESTABLISHED | wc -l
重啟net-snmpd:
service snmpd restart
測試:
[root@ha1 log]# snmpwalk -v 2c -c public 192.168.1.4 .1.3.6.1.4.1.2021.18
UCD-SNMP-MIB::ucdavis.18.1.1 = INTEGER: 1
UCD-SNMP-MIB::ucdavis.18.2.1 = STRING: "tcpCurrEstab"
UCD-SNMP-MIB::ucdavis.18.3.1 = STRING: "/etc/snmp/tcpconn.sh"
UCD-SNMP-MIB::ucdavis.18.100.1 = INTEGER: 0
UCD-SNMP-MIB::ucdavis.18.101.1 = STRING: "5023"
UCD-SNMP-MIB::ucdavis.18.102.1 = INTEGER: 0
UCD-SNMP-MIB::ucdavis.18.103.1 = ""
有信息輸出就表明成功了。
默認net-snmpd輸出日志到/var/log/messes,想輸出至一個獨立日志文件,配置為:
vi /etc/sysconfig/snmpd.options
# snmpd command line options
# OPTIONS="-Lsd -Lf /dev/null -p /var/run/snmpd.pid -a"
OPTIONS="-Lf /var/log/snmpd.log"
重啟net-snmpd:
service snmpd restart
cat /var/log/snmpd.log
