取远程linux主机的流量和tcp连接数
首先配置远程的linux主机的snmp.conf文件(可以理解为客户端)
vi /etc/snmp/snmp.conf
只要修改几处地方即可
####
# First, map the community name "public" into a "security name"
# sec.name source community
com2sec notConfigUser *.*.*.* username #*.*.*.* 是你远程监控机器的IP username是可信任的团体名
####
# Second, map the security name into a group name:
# groupName securityModel securityName
group notConfigGroup v1 notConfigUser
group notConfigGroup v2c notConfigUser
####
# Third, create a view for us to let the group have rights to:
# Make at least snmpwalk -v 1 localhost -c public system fast again.
# name incl/excl subtree mask(optional)
view systemview included .1.3.6.1.2.1.1
view systemview included .1.3.6.1.2.1.2
view systemview included .1.3.6.1.2.1.25.1.1
view all included .1
####
# Finally, grant the group read-only access to the systemview view.
# group context sec.model sec.level prefix read write notif
#access notConfigGroup "" any noauth exact mib2 none none
access notConfigGroup "" any noauth exact all none none
# Here is a commented out example configuration that allows less
# restrictive access.
# YOU SHOULD CHANGE THE "COMMUNITY" TOKEN BELOW TO A NEW KEYWORD ONLY
# KNOWN AT YOUR SITE. YOU *MUST* CHANGE THE NETWORK TOKEN BELOW TO
# SOMETHING REFLECTING YOUR LOCAL NETWORK ADDRESS SPACE.
## sec.name source community
com2sec notConfigUser default username #username是可信任的团体名
com2sec *.*.*.0 *.*.*.*/24 username #username是可信任的团体名 *.*.*.* 是你远程监控机器的IP
## group.name sec.model sec.name
group MyRWGroup any local
group MyROGroup any mynetwork
group notConfigUser any zcom
#
#group MyRWGroup any otherv3user
#...
## incl/excl subtree mask
view all included .1 80
## -or just the mib2 tree-
view mib2 included .iso.org.dod.internet.mgmt.mib-2 fc
## context sec.model sec.level prefix read write notif
access MyROGroup "" any noauth 0 all none none
access MyRWGroup "" any noauth 0 all all all
修改完毕后保存退出
/etc/init.d/snmpd restart
监控端(可以理解为server端)
# snmpwalk -v 2c -c username *.*.*.* system
检查是否能取道远程的系统数据
# snmpwalk -v 2c -c username *.*.*.*|grep IF-MIB::ifInOctets.1 查看你的网卡流量
在你的mrtg的文件里写入IF-MIB::ifInOctets.1 mrtg是不会取道流量的
# mib2c IF-MIB::ifInOctets.1 转化为mib值,结果类似于
1.3.6.1.2.1.2.2.1.10
在你的mrtg文件中写进类似于这样的一句话
Target[*.*.*.*_BW_LAN]: 1:username@*.*.*.* #username是可信任的团体名 *.*.*.* 是你远程监控机器的IP
Title[*.*.*.*_BW_LAN]: 202.102.251.133
PageTop[*.*.*.*_BW_LAN]: *.*.*.*