取遠程linux主機的流量和tcp連接數(shù)

字號:

取遠程linux主機的流量和tcp連接數(shù)
    首先配置遠程的linux主機的snmp.conf文件(可以理解為客戶端)
    vi /etc/snmp/snmp.conf
    只要修改幾處地方即可
    ####
    # First, map the community name "public" into a "security name"
    # sec.name source community
    com2sec notConfigUser *.*.*.* username #*.*.*.* 是你遠程監(jiān)控機器的IP username是可信任的團體名
    ####
    # Second, map the security name into a group name:
    # groupName securityModel securityName
    group notConfigGroup v1 notConfigUser
    group notConfigGroup v2c notConfigUser
    ####
    # Third, create a view for us to let the group have rights to:
    # Make at least snmpwalk -v 1 localhost -c public system fast again.
    # name incl/excl subtree mask(optional)
    view systemview included .1.3.6.1.2.1.1
    view systemview included .1.3.6.1.2.1.2
    view systemview included .1.3.6.1.2.1.25.1.1
    view all included .1
    ####
    # Finally, grant the group read-only access to the systemview view.
    # group context sec.model sec.level prefix read write notif
    #access notConfigGroup "" any noauth exact mib2 none none
    access notConfigGroup "" any noauth exact all none none
    # Here is a commented out example configuration that allows less
    # restrictive access.
    # YOU SHOULD CHANGE THE "COMMUNITY" TOKEN BELOW TO A NEW KEYWORD ONLY
    # KNOWN AT YOUR SITE. YOU *MUST* CHANGE THE NETWORK TOKEN BELOW TO
    # SOMETHING REFLECTING YOUR LOCAL NETWORK ADDRESS SPACE.
    ## sec.name source community
    com2sec notConfigUser default username #username是可信任的團體名
    com2sec *.*.*.0 *.*.*.*/24 username #username是可信任的團體名 *.*.*.* 是你遠程監(jiān)控機器的IP
    ## group.name sec.model sec.name
    group MyRWGroup any local
    group MyROGroup any mynetwork
    group notConfigUser any zcom
    #
    #group MyRWGroup any otherv3user
    #...
    ## incl/excl subtree mask
    view all included .1 80
    ## -or just the mib2 tree-
    view mib2 included .iso.org.dod.internet.mgmt.mib-2 fc
    ## context sec.model sec.level prefix read write notif
    access MyROGroup "" any noauth 0 all none none
    access MyRWGroup "" any noauth 0 all all all
    修改完畢后保存退出
    /etc/init.d/snmpd restart
    監(jiān)控端(可以理解為server端)
    # snmpwalk -v 2c -c username *.*.*.* system
    檢查是否能取道遠程的系統(tǒng)數(shù)據(jù)
    # snmpwalk -v 2c -c username *.*.*.*|grep IF-MIB::ifInOctets.1 查看你的網(wǎng)卡流量
    在你的mrtg的文件里寫入IF-MIB::ifInOctets.1 mrtg是不會取道流量的
    # mib2c IF-MIB::ifInOctets.1 轉(zhuǎn)化為mib值,結(jié)果類似于
    1.3.6.1.2.1.2.2.1.10
    在你的mrtg文件中寫進類似于這樣的一句話
    Target[*.*.*.*_BW_LAN]: 1:username@*.*.*.* #username是可信任的團體名 *.*.*.* 是你遠程監(jiān)控機器的IP
    Title[*.*.*.*_BW_LAN]: 202.102.251.133
    PageTop[*.*.*.*_BW_LAN]: *.*.*.*。