elaine.pitty
(usa Fedora)
Enviado em 09/11/2011 - 11:31h
ah... uma outra configuração... do snmp alguém pode me ajudar??
vou postar o conf... eu não sei onde eu coloco o ip para monitorar :(
para resumir vou deixar só as linhas utilizadas... sem os comentários
###############################################################################
#
# snmpd.conf:
###############################################################################
# Access Control
###############################################################################
# First, map the community name "public" into a "security name"
# sec.name source community
com2sec notConfigUser default public
####
# Second, map the security name into a group name:
# groupName securityModel securityName
group notConfigGroup v1 notConfigUser
group notConfigGroup v2c notConfigUser
####
# Third, create a view for us to let the group have rights to:
# Make at least snmpwalk -v 1 localhost -c public system fast again.
# name incl/excl subtree mask(optional)
view systemview included .1.3.6.1.2.1.1
view systemview included .1.3.6.1.2.1.25.1.1
####
# Finally, grant the group read-only access to the systemview view.
# group context sec.model sec.level prefix read write notif
access notConfigGroup "" any noauth exact systemview none none
# Here is a commented out example configuration that allows less
# restrictive access.
# YOU SHOULD CHANGE THE "COMMUNITY" TOKEN BELOW TO A NEW KEYWORD ONLY
# KNOWN AT YOUR SITE. YOU *MUST* CHANGE THE NETWORK TOKEN BELOW TO
# SOMETHING REFLECTING YOUR LOCAL NETWORK ADDRESS SPACE.
## sec.name source community
com2sec local localhost COMMUNITY
#com2sec mynetwork NETWORK/24 COMMUNITY
## group.name sec.model sec.name
#group MyRWGroup any local
#group MyROGroup any mynetwork
#
#group MyRWGroup any otherv3user
#...
## incl/excl subtree mask
#view all included .1 80
## -or just the mib2 tree-
#view mib2 included .iso.org.dod.internet.mgmt.mib-2 fc
## context sec.model sec.level prefix read write notif
#access MyROGroup "" any noauth 0 all none none
#access MyRWGroup "" any noauth 0 all all all
###############################################################################
# Sample configuration to make net-snmpd RFC 1213.
# Unfortunately v1 and v2c don't allow any user based authentification, so
# opening up the default config is not an option from a security point.
#
# WARNING: If you uncomment the following lines you allow write access to your
# snmpd daemon from any source! To avoid this use different names for your
# community or split out the write access to a different community and
# restrict it to your local network.
# Also remember to comment the syslocation and syscontact parameters later as
# otherwise they are still read only (see FAQ for net-snmp).
#
# First, map the community name "public" into a "security name"
# sec.name source community
#com2sec notConfigUser default public
# Second, map the security name into a group name:
# groupName securityModel securityName
#group notConfigGroup v1 notConfigUser
#group notConfigGroup v2c notConfigUser
# Third, create a view for us to let the group have rights to:
# Open up the whole tree for ro, make the RFC 1213 required ones rw.
# name incl/excl subtree mask(optional)
#view roview included .1
#view rwview included system.sysContact
#view rwview included system.sysName
#view rwview included system.sysLocation
#view rwview included interfaces.ifTable.ifEntry.ifAdminStatus
#view rwview included at.atTable.atEntry.atPhysAddress
#view rwview included at.atTable.atEntry.atNetAddress
#view rwview included ip.ipForwarding
#view rwview included ip.ipDefaultTTL
#view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteDest
#view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteIfIndex
#view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteMetric1
#view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteMetric2
#view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteMetric3
#view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteMetric4
#view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteType
# Finally, grant the group read-only access to the systemview view.
# group context sec.model sec.level prefix read write notif
#access notConfigGroup "" any noauth exact roview rwview none
###############################################################################
# System contact information
#
# It is also possible to set the sysContact and sysLocation system
# variables through the snmpd.conf file:
syslocation nome
syscontact nome <email>
# Example output of snmpwalk:
# % snmpwalk -v 1 localhost -c public system
# system.sysDescr.0 = "SunOS name sun4c"
# system.sysObjectID.0 = OID: enterprises.ucdavis.ucdSnmpAgent.sunos4
# system.sysUpTime.0 = Timeticks: (595637548) 68 days, 22:32:55
# system.sysContact.0 = "Me <me@somewhere.org>"
# system.sysName.0 = "name"
# system.sysLocation.0 = "Right here, right now."
# system.sysServices.0 = 72
###############################################################################
# disk checks
#
# The agent can check the amount of available disk space, and make
# sure it is above a set limit.
# disk PATH [MIN=100000]
#
# PATH: mount path to the disk in question.
# MIN: Disks with space below this value will have the Mib's errorFlag set.
# Default value = 100000.
# Check the / partition and make sure it contains at least 10 megs.
disk / 10000
# Added for support of bcm5820 cards.
pass .1.3.6.1.4.1.4413.4.1 /usr/bin/ucd5820stat
localmente a máquina responde, remotamente não...
Obrigada...