FastHandle - IT Operations Examples

FastHandle is fast operation tools for infrastructure configurations and tests.

User Tools

Site Tools

os:linux:set:etc:etc_snmp_snmpd.conf



Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision 		Previous revision
os:linux:set:etc:etc_snmp_snmpd.conf [2018/02/26 00:47]
kurihara created 		os:linux:set:etc:etc_snmp_snmpd.conf [2018/02/26 01:01] (current)
kurihara [My /etc/snmp/snmpd.conf]
Line 13: Line 13:
 # -rw-------  root root # -rw-------  root root
 # #
-# man 5 sshd_config+# man 5 snmpd.conf
 #=============================================================================== #===============================================================================
  
-com2sec notConfigUser  default       public +#       sec.name        source        community 
-group   notConfigGroup v1           notConfigUser +com2sec notConfigUser   default       public 
-group   notConfigGroup v2c           notConfigUser + 
-view    systemview    included   .1 +#       groupName       securityModel  securityName 
-access  notConfigGroup ""      any       noauth    exact  systemview none none+group   notConfigGroup  v1             notConfigUser 
 +group   notConfigGroup  v2c            notConfigUser 
 + 
 +#       name           incl/excl     subtree         mask(optional) 
 +view    systemview    included       .1 
 + 
 +#        group           context  sec.model  sec.level  prefix  read        write  notif 
 +access   notConfigGroup  ""       any        noauth     exact   systemview  none   none 
  
 syslocation Unknown (edit /etc/snmp/snmpd.conf) syslocation Unknown (edit /etc/snmp/snmpd.conf)
Line 498: Line 506:
 ===== Ubuntu 16.0.4 Default /etc/security/limits.conf ===== ===== Ubuntu 16.0.4 Default /etc/security/limits.conf =====
 <sxh bash toolbar:false gutter:false> <sxh bash toolbar:false gutter:false>
 +###############################################################################
 +#
 +# EXAMPLE.conf:
 +#   An example configuration file for configuring the Net-SNMP agent ('snmpd')
 +#   See the 'snmpd.conf(5)' man page for details
 +#
 +#  Some entries are deliberately commented out, and will need to be explicitly activated
 +#
 +###############################################################################
 +#
 +#  AGENT BEHAVIOUR
 +#
  
 +#  Listen for connections from the local system only
 +agentAddress  udp:127.0.0.1:161
 +#  Listen for connections on all interfaces (both IPv4 *and* IPv6)
 +#agentAddress udp:161,udp6:[::1]:161
 +
 +
 +
 +###############################################################################
 +#
 +#  SNMPv3 AUTHENTICATION
 +#
 +#  Note that these particular settings don't actually belong here.
 +#  They should be copied to the file /var/lib/snmp/snmpd.conf
 +#     and the passwords changed, before being uncommented in that file *only*.
 +#  Then restart the agent
 +
 +#  createUser authOnlyUser  MD5 "remember to change this password"
 +#  createUser authPrivUser  SHA "remember to change this one too"  DES
 +#  createUser internalUser  MD5 "this is only ever used internally, but still change the password"
 +
 +#  If you also change the usernames (which might be sensible),
 +#  then remember to update the other occurances in this example config file to match.
 +
 +
 +
 +###############################################################################
 +#
 +#  ACCESS CONTROL
 +#
 +
 +                                                 #  system + hrSystem groups only
 +view   systemonly  included   .1.3.6.1.2.1.1
 +view   systemonly  included   .1.3.6.1.2.1.25.1
 +
 +                                                 #  Full access from the local host
 +#rocommunity public  localhost
 +                                                 #  Default access to basic system info
 + rocommunity public  default    -V systemonly
 +                                                 #  rocommunity6 is for IPv6
 + rocommunity6 public  default   -V systemonly
 +
 +                                                 #  Full access from an example network
 +                                                 #     Adjust this network address to match your local
 +                                                 #     settings, change the community string,
 +                                                 #     and check the 'agentAddress' setting above
 +#rocommunity secret  10.0.0.0/16
 +
 +                                                 #  Full read-only access for SNMPv3
 + rouser   authOnlyUser
 +                                                 #  Full write access for encrypted requests
 +                                                 #     Remember to activate the 'createUser' lines above
 +#rwuser   authPrivUser   priv
 +
 +#  It's no longer typically necessary to use the full 'com2sec/group/access' configuration
 +#  r[ow]user and r[ow]community, together with suitable views, should cover most requirements
 +
 +
 +
 +###############################################################################
 +#
 +#  SYSTEM INFORMATION
 +#
 +
 +#  Note that setting these values here, results in the corresponding MIB objects being 'read-only'
 +#  See snmpd.conf(5) for more details
 +sysLocation    Sitting on the Dock of the Bay
 +sysContact     Me <me@example.org>
 +                                                 # Application + End-to-End layers
 +sysServices    72
 +
 +
 +#
 +#  Process Monitoring
 +#
 +                               # At least one  'mountd' process
 +proc  mountd
 +                               # No more than 4 'ntalkd' processes - 0 is OK
 +proc  ntalkd    4
 +                               # At least one 'sendmail' process, but no more than 10
 +proc  sendmail 10 1
 +
 +#  Walk the UCD-SNMP-MIB::prTable to see the resulting output
 +#  Note that this table will be empty if there are no "proc" entries in the snmpd.conf file
 +
 +
 +#
 +#  Disk Monitoring
 +#
 +                               # 10MBs required on root disk, 5% free on /var, 10% free on all other disks
 +disk       /     10000
 +disk       /var  5%
 +includeAllDisks  10%
 +
 +#  Walk the UCD-SNMP-MIB::dskTable to see the resulting output
 +#  Note that this table will be empty if there are no "disk" entries in the snmpd.conf file
 +
 +
 +#
 +#  System Load
 +#
 +                               # Unacceptable 1-, 5-, and 15-minute load averages
 +load   12 10 5
 +
 +#  Walk the UCD-SNMP-MIB::laTable to see the resulting output
 +#  Note that this table *will* be populated, even without a "load" entry in the snmpd.conf file
 +
 +
 +
 +###############################################################################
 +#
 +#  ACTIVE MONITORING
 +#
 +
 +                                    #   send SNMPv1  traps
 + trapsink     localhost public
 +                                    #   send SNMPv2c traps
 +#trap2sink    localhost public
 +                                    #   send SNMPv2c INFORMs
 +#informsink   localhost public
 +
 +#  Note that you typically only want *one* of these three lines
 +#  Uncommenting two (or all three) will result in multiple copies of each notification.
 +
 +
 +#
 +#  Event MIB - automatically generate alerts
 +#
 +                                   # Remember to activate the 'createUser' lines above
 +iquerySecName   internalUser
 +rouser          internalUser
 +                                   # generate traps on UCD error conditions
 +defaultMonitors          yes
 +                                   # generate traps on linkUp/Down
 +linkUpDownNotifications  yes
 +
 +
 +
 +###############################################################################
 +#
 +#  EXTENDING THE AGENT
 +#
 +
 +#
 +#  Arbitrary extension commands
 +#
 + extend    test1   /bin/echo  Hello, world!
 + extend-sh test2   echo Hello, world! ; echo Hi there ; exit 35
 +#extend-sh test3   /bin/sh /tmp/shtest
 +
 +#  Note that this last entry requires the script '/tmp/shtest' to be created first,
 +#    containing the same three shell commands, before the line is uncommented
 +
 +#  Walk the NET-SNMP-EXTEND-MIB tables (nsExtendConfigTable, nsExtendOutput1Table
 +#     and nsExtendOutput2Table) to see the resulting output
 +
 +#  Note that the "extend" directive supercedes the previous "exec" and "sh" directives
 +#  However, walking the UCD-SNMP-MIB::extTable should still returns the same output,
 +#     as well as the fuller results in the above tables.
 +
 +
 +#
 +#  "Pass-through" MIB extension command
 +#
 +#pass .1.3.6.1.4.1.8072.2.255  /bin/sh       PREFIX/local/passtest
 +#pass .1.3.6.1.4.1.8072.2.255  /usr/bin/perl PREFIX/local/passtest.pl
 +
 +# Note that this requires one of the two 'passtest' scripts to be installed first,
 +#    before the appropriate line is uncommented.
 +# These scripts can be found in the 'local' directory of the source distribution,
 +#     and are not installed automatically.
 +
 +#  Walk the NET-SNMP-PASS-MIB::netSnmpPassExamples subtree to see the resulting output
 +
 +
 +#
 +#  AgentX Sub-agents
 +#
 +                                           #  Run as an AgentX master agent
 + master          agentx
 +                                           #  Listen for network connections (from localhost)
 +                                           #    rather than the default named socket /var/agentx/master
 +#agentXSocket    tcp:localhost:705
 </sxh> </sxh>
  


os/linux/set/etc/etc_snmp_snmpd.conf.1519573676.txt.gz · Last modified: 2018/02/26 00:47 by kurihara

Page Tools


Home     About     Contact

Copyright (c) 2024 FastHandle - IT Operations Examples All Rights Reserved.