取遠程linux主機的流量和tcp連接數
首先配置遠程的linux主機的snmp.conf文件(可以理解為客戶端)
vi /etc/snmp/snmp.conf
只要修改幾處地方即可
####
# First, map the community name "public" into a "security name"
# sec.name source community
com2sec notConfigUser *.*.*.* username #*.*.*.* 是你遠程監控機器的IP username是可信任的團體名
####
# Second, map the security name into a group name:
# groupName securityModel securityName
group notConfigGroup v1 notConfigUser
group notConfigGroup v2c notConfigUser
####
# Third, create a view for us to let the group have rights to:
# Make at least snmpwalk -v 1 localhost -c public system fast again.
# name incl/excl subtree mask(optional)
view systemview included .1.3.6.1.2.1.1
view systemview included .1.3.6.1.2.1.2
view systemview included .1.3.6.1.2.1.25.1.1
view all included .1
####
# Finally, grant the group read-only access to the systemview view.
# group context sec.model sec.level prefix read write notif
#access notConfigGroup "" any noauth exact mib2 none none
access notConfigGroup "" any noauth exact all none none
# Here is a commented out example configuration that allows less
# restrictive access.
# YOU SHOULD CHANGE THE "COMMUNITY" TOKEN BELOW TO A NEW KEYWORD ONLY
# KNOWN AT YOUR SITE. YOU *MUST* CHANGE THE NETWORK TOKEN BELOW TO
# SOMETHING REFLECTING YOUR LOCAL NETWORK ADDRESS SPACE.
## sec.name source community
com2sec notConfigUser default username #username是可信任的團體名
com2sec *.*.*.0 *.*.*.*/24 username #username是可信任的團體名 *.*.*.* 是你遠程監控機器的IP
## group.name sec.model sec.name
group MyRWGroup any local
group MyROGroup any mynetwork
group notConfigUser any zcom
#
#group MyRWGroup any otherv3user
#...
## incl/excl subtree mask
view all included .1 80
## -or just the mib2 tree-
view mib2 included .iso.org.dod.internet.mgmt.mib-2 fc
## context sec.model sec.level prefix read write notif
access MyROGroup "" any noauth 0 all none none
access MyRWGroup "" any noauth 0 all all all
修改完畢後保存退出
/etc/init.d/snmpd restart
監控端(可以理解為server端)
# snmpwalk -v 2c -c username *.*.*.* system
檢查是否能取道遠程的系統數據
# snmpwalk -v 2c -c username *.*.*.*|grep IF-MIB::ifInOctets.1 查看你的網卡流量
在你的mrtg的文件裡寫入IF-MIB::ifInOctets.1 mrtg是不會取道流量的
# mib2c IF-MIB::ifInOctets.1 轉化為mib值,結果類似於
1.3.6.1.2.1.2.2.1.10
在你的mrtg文件中寫進類似於這樣的一句話
Target[*.*.*.*_BW_LAN]: 1:username@*.*.*.* #username是可信任的團體名 *.*.*.* 是你遠程監控機器的IP
Title[*.*.*.*_BW_LAN]: 202.102.251.133
PageTop[*.*.*.*_BW_LAN]: *.*.*.*