SNMP V3配置

#########################snmpV3#########################

yum install net-snmp*

service snmpd start

net-snmp-config  --create-snmpv3-user -ro -a XUKEQIANG -x DES -X ZHANGQING xkq

snmpwalk -c public -v 2c -On 192.168.1.161

[root@redaht69 snmp]# grep -v "#" snmpd.conf |grep -v "^$"

com2sec notConfigUser  default       public

group   notConfigGroup v1           notConfigUser

group   notConfigGroup v2c           notConfigUser

view    systemview    included   .1.3.6.1.2.1.1

view    systemview    included   .1.3.6.1.2.1.25.1.1

view    systemview    included   .1

access  notConfigGroup ""      any       noauth    exact  systemview none none

syslocation Unknown (edit /etc/snmp/snmpd.conf)

syscontact Root <root@localhost> (configure /etc/snmp/snmp.local.conf)

dontLogTCPWrappersConnects yes

proc mountd

proc sendmail 10 1

disk / 10000

load 12 14 14

rouser xkq

[root@redaht69 snmp]# 

snmpwalk -v 3 -u xkq -a MD5 -A XUKEQIANG -x DES -X ZHANGQING -l authpriv 192.168.1.161 IF-MIB::ifOperStatus.2

snmpwalk -v 3 -u xkq -a MD5 -A XUKEQIANG -x DES -X ZHANGQING -l authpriv 192.168.1.161 1.3.6.1.2.1.2.2.1.8

snmpwalk -c public -v 2c -On 192.168.1.161 .1.3.6.1.2.1.25.2.3.1.3.37

snmpwalk -c public -v 2c -On 192.168.1.161 hrStorageAllocationUnits

#########################snmpV3 trap#########################

[root@node1 ~]# systemctl stop snmptrapd

[root@node1 ~]# tail -200f /etc/snmp/snmptrapd.conf 

# Example configuration file for snmptrapd

#

# No traps are handled by default, you must edit this file!

#

# authCommunity   log,execute,net public

authCommunity   log,execute,net zabbix2019

#traphandle SNMPv2-MIB::coldStart    /usr/bin/bin/my_great_script cold

#snmpV3

authuser log,execute,net traptest

authuser log,execute,net traptest1

perl do  "/usr/sbin/zabbix_trap_receiver.pl"

[root@node1 ~]# vi /var/lib/net-snmp/snmptrapd.conf 

engineBoots 12

oldEngineID 0x80001f888033f867110d88415d00000000

createUser -e 0x80001f8880321a1d3b7b84415d00000000 traptest SHA mypassword AES

[root@node1 ~]# systemctl start snmptrapd

[root@node1 ~]#snmptrap -v 3 -n "" -a SHA -A mypassword -x AES -X mypassword -l authPriv -u traptest -e 0x80001f8880321a1d3b7b84415d00000000 192.168.1.11 0 IfDescr

[root@node1 ~]# snmpwalk -v 3 -u xkq -a MD5 -A XUKEQIANG -x DES -X ZHANGQING -l authpriv 192.168.1.161 IF-MIB::ifOperStatus.2

IF-MIB::ifOperStatus.2 = INTEGER: up(1)

[root@node1 ~]# snmpwalk -c public -v 2c -On 192.168.1.161 IF-MIB::ifOperStatus.2

.1.3.6.1.2.1.2.2.1.8.2 = INTEGER: up(1)

######################################################################

#####################################

写到/var/lib/net-snmp/snmptrapd.conf中如果不行，则写到/etc/snmp/snmptrapd.conf

[root@redaht69 snmp]#  vi /etc/snmp/snmptrapd.conf

# Example configuration file for snmptrapd

#

# No traps are handled by default, you must edit this file!

#

# authCommunity   log,execute,net public

# traphandle SNMPv2-MIB::coldStart    /usr/bin/bin/my_great_script cold

createUser -e 0x80001f888021858e47cd763c5d00000000  traptest SHA mypassword AES

authCommunity   log,execute,net public

authCommunity   log,execute,net zabbix2017

authCommunity   log,execute,net storage_public

authCommunity   log,execute,net xkq

authuser log,execute,net zabbix2019

authuser log,execute,net traptest

perl do  "/usr/sbin/zabbix_trap_receiver.pl"

You have new mail in /var/spool/mail/root

[root@redaht69 snmp]# 

snmptrapd -f -C -c /etc/snmp/snmptrapd.conf -Le#启动一下，然后就可正常启动service  snmptrapd restart

######################################################################################3

[root@redaht69 ~]# tail -20000  /usr/sbin/zabbix_trap_receiver.pl

#!/usr/bin/perl

#

# Zabbix

# Copyright (C) 2001-2016 Zabbix SIA

#

# This program is free software; you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation; either version 2 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program; if not, write to the Free Software

# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

#

#########################################

#### ABOUT ZABBIX SNMP TRAP RECEIVER ####

#########################################

# This is an embedded perl SNMP trapper receiver designed for sending data to the server.

# The receiver will pass the received SNMP traps to Zabbix server or proxy running on the

# same machine. Please configure the server/proxy accordingly.

#

# Read more about using embedded perl with Net-SNMP:

#       http://net-snmp.sourceforge.net/wiki/index.php/Tut:Extending_snmpd_using_perl

#################################################

#### ZABBIX SNMP TRAP RECEIVER CONFIGURATION ####

#################################################

### Option: SNMPTrapperFile

#       Temporary file used for passing data to the server (or proxy). Must be the same

#       as in the server (or proxy) configuration file.

#

# Mandatory: yes

# Default:

$SNMPTrapperFile = '/var/log/zabbix/snmptrap.log';

### Option: DateTimeFormat

#       The date time format in strftime() format. Please make sure to have a corresponding

#       log time format for the SNMP trap items.

#

# Mandatory: yes

# Default:

$DateTimeFormat = '%H:%M:%S %Y/%m/%d';

###################################

#### ZABBIX SNMP TRAP RECEIVER ####

###################################

use Fcntl qw(O_WRONLY O_APPEND O_CREAT);

use POSIX qw(strftime);

sub zabbix_receiver

{

        my (%pdu_info) = %{$_[0]};

        my (@varbinds) = @{$_[1]};

        # open the output file

        unless (sysopen(OUTPUT_FILE, $SNMPTrapperFile, O_WRONLY|O_APPEND|O_CREAT, 0666))

        {

                print STDERR "Cannot open [$SNMPTrapperFile]: $!\n";

                return NETSNMPTRAPD_HANDLER_FAIL;

        }

        # get the host name

        my $hostname = $pdu_info{'receivedfrom'} || 'unknown';

        if ($hostname ne 'unknown') {

                $hostname =~ /\[(.*?)\].*/;                    # format: "UDP: [127.0.0.1]:41070->[127.0.0.1]"

                $hostname = $1 || 'unknown';

        }

        # print trap header

        #       timestamp must be placed at the beggining of the first line (can be omitted)

        #       the first line must include the header "ZBXTRAP [IP/DNS address] "

        #              * IP/DNS address is the used to find the corresponding SNMP trap items

        #              * this header will be cut during processing (will not appear in the item value)

        printf OUTPUT_FILE "%s ZBXTRAP %s\n", strftime($DateTimeFormat, localtime), $hostname;

        # print the PDU info

        #print OUTPUT_FILE "PDU INFO:\n";

        #foreach my $key(keys(%pdu_info))

        #{

        #       printf OUTPUT_FILE "  %-30s %s\n", $key, $pdu_info{$key};

        #}

        # print the variable bindings:

        print OUTPUT_FILE "VARBINDS:\n";

        #foreach my $x (@varbinds)

        #{

        #       printf OUTPUT_FILE "  %-30s type=%-2d value=%s\n", $x->[0], $x->[2], $x->[1];

        #}

        foreach my $x (@varbinds)

        {

                printf OUTPUT_FILE "  %-30s %s\n", $x->[0], $x->[1];

        }

        close (OUTPUT_FILE);

        return NETSNMPTRAPD_HANDLER_OK;

}

NetSNMP::TrapReceiver::register("all", \&zabbix_receiver) or

        die "failed to register Zabbix SNMP trap receiver\n";

print STDOUT "Loaded Zabbix SNMP trap receiver\n";