UJP - 技術情報2 編集 : MacOSX/HigiSierra/snmpd の編集

MacOSX/HigiSierra/snmpd の編集

詳細な入力項目を表示

ページタイトル( 空白で自動設定 ):
ページ頭文字読み: ページ並び順( 0-9 小数可標準:1 ):
ページ別名(複数は[改行]で区切る):

ページ内容:

*macOSでSNMPDが利用できるまで [#q8f51c74]

**はじめに [#vf627a42]

macOSをサーバとして運用するので，SNMPによって性能などの監視を行いたい．SNMPはSNMPDで情報を得ることができるが，macOSはデフォルトではSNMPDが起動してないので，その起動や，諸設定を行う．
　今回は，macOS 10.13.6のHigh Sierraで動作確認した．

**現状確認． [#z5458eb9]

まずは，現在SNMPプロセスが起動してない事を確認．

$ ps -ef|grep snmp🆑
   501 66796 65920   0  4:51PM ttys003    0:00.00 grep snmp
 $
　プロセスは起動してない．
　macOSの場合はLaunchDaemonでサーバプロセスを管理しているが，その設定ファイルを確認する．
 $ locate snmp|grep plist🆑
 /System/Library/LaunchDaemons/org.net-snmp.snmpd.plist
 $
　確認できた設定ファイルの中身を表示．
 $ cat /System/Library/LaunchDaemons/org.net-snmp.snmpd.plist🆑
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
 <plist version="1.0">
 <dict>
 	<key>Disabled</key>
 	<true/>
 	<key>Label</key>
 	<string>org.net-snmp.snmpd</string>
 	<key>KeepAlive</key>
 	<true/>
 	<key>Program</key>
 	<string>/usr/sbin/snmpd</string>
 	<key>ProgramArguments</key>
 	<array>
 		<string>snmpd</string>
 		<string>-f</string>
 	</array>
 	<key>ProcessType</key>
 	<string>Background</string>
 </dict>
 </plist>
 $
　Disabledになっているので，起動してないのかな．
　LaunchDaemonでSNMPDをroot権限で起動する．
 $ sudo launchctl load -w /System/Library/LaunchDaemons/org.net-snmp.snmpd.plist🆑
 Password:🆑
 $
　プロセスを確認．
 $ ps -ef|grep snmp🆑
     0 66808     1   0  4:52PM ??         0:00.23 /usr/libexec/snmpd -f🈁
   501 66812 65920   0  4:52PM ttys003    0:00.00 grep snmp
 $
　稼働確認できた．

**SNMPで接続してみる [#pf2a6ed7]

SNMPDプロセスが起動したので，次はsnmpwalkコマンドを使って，SNMPで接続して情報を取得する．
　コマンドの場所を確認．
 $ which snmpwalk🆑
 /usr/bin/snmpwalk🈁
 $
　snmpwalkコマンドで接続してみる．
 $ snmpwalk -v 2c -c public localhost🆑
 SNMPv2-MIB::sysContact.0 = STRING: Administrator <postmaster@example.com>
 SNMPv2-MIB::sysContact.0 = No more variables left in this MIB View (It is past the end of the MIB tree)
 $
　何の情報も出てないが，Timeoutとかのエラーになってないので，想定内と言える．

**snmpd.confをsnmpconfコマンドを使って対話的に設定する [#rc84f469]

***snmpd.confファイルを確認 [#w7647ece]

snmpconfコマンドを使うと，/usr/share/snmp/snmpd.confが作成されるが，現在存在しているか確認する．

$ ls -lat  /usr/share/snmp🆑
 total 60
 drwxr-xr-x 47 root wheel  1504  4  3  2018 ..
 drwxr-xr-x 65 root wheel  2080  7 16  2017 mibs
 drwxr-xr-x 28 root wheel   896  7 16  2017 .
 -rw-r--r--  1 root wheel 16218  7 16  2017 SensorDat.xml
 drwxr-xr-x 69 root wheel  2208  7 16  2017 mib2c-data
 -rw-r--r--  1 root wheel  6531  7 16  2017 mib2c.access_functions.conf
 -rw-r--r--  1 root wheel  2391  7 16  2017 mib2c.check_values_local.conf
 -rw-r--r--  1 root wheel 28202  7 16  2017 mib2c.container.conf
 -rw-r--r--  1 root wheel  8498  7 16  2017 mib2c.genhtml.conf
 -rw-r--r--  1 root wheel  3088  7 16  2017 mib2c.int_watch.conf
 -rw-r--r--  1 root wheel  2027  7 16  2017 mib2c.notify.conf
 -rw-r--r--  1 root wheel  8777  7 16  2017 mib2c.perl.conf
 -rw-r--r--  1 root wheel 19509  7 16  2017 mib2c.raw-table.conf
 -rw-r--r--  1 root wheel 22905  7 16  2017 mib2c.table_data.conf
 drwxr-xr-x  5 root wheel   160  7 16  2017 snmpconf-data
 -rw-r--r--  1 root wheel 37700  7 16  2017 mib2c.array-user.conf
 -rw-r--r--  1 root wheel  4646  7 16  2017 mib2c.check_values.conf
 -rw-r--r--  1 root wheel   330  7 16  2017 mib2c.column_defines.conf
 -rw-r--r--  1 root wheel   602  7 16  2017 mib2c.column_enums.conf
 -rw-r--r--  1 root wheel   728  7 16  2017 mib2c.column_storage.conf
 -rw-r--r--  1 root wheel 11942  7 16  2017 mib2c.conf
 -rw-r--r--  1 root wheel  3471  7 16  2017 mib2c.create-dataset.conf
 -rw-r--r--  1 root wheel 22345  7 16  2017 mib2c.iterate.conf
 -rw-r--r--  1 root wheel 15095  7 16  2017 mib2c.iterate_access.conf
 -rw-r--r--  1 root wheel   948  7 16  2017 mib2c.mfd.conf
 -rw-r--r--  1 root wheel  9182  7 16  2017 mib2c.old-api.conf
 -rw-r--r--  1 root wheel  4455  7 16  2017 mib2c.scalar.conf
 -rw-r--r--  1 root wheel   431  7 16  2017 snmp_perl_trapd.pl
 $
　snmpd.confは存在しなかった．

***snmpconfのコマンドヘルプの確認 [#u37b09c6]

sndmpdは，snmpd.confで設定を制御するが，まずは/usr/bin/snmpconfコマンドを使ってカスタマイズする．
　まずは，コマンドヘルプを．

$ /usr/bin/snmpconf -h🆑
 /usr/bin/snmpconf [options] [FILETOCREATE...]
 options:
   -f           overwrite existing files without prompting
   -i           install created files into /usr/share/snmp.
   -p           install created files into /Users/ujpadmin/.snmp.
   -I DIR       install created files into DIR.
   -a           Don't ask any questions, just read in current
                    current .conf files and comment them
   -r all|none  Read in all or none of the .conf files found.
   -R file,...  Read in a particular list of .conf files.
   -g GROUP     Ask a series of GROUPed questions.
   -G           List known GROUPs.
   -c conf_dir  use alternate configuration directory.
   -q           run more quietly with less advice.
   -d           turn on debugging output.
   -D           turn on debugging dumper output.
 $
　新しいファイルを/usr/share/snmp以下に作成するのでiオプションをつけて実行する．
 $ sudo /usr/bin/snmpconf -i🆑
 Password:🆑
 
 The following installed configuration files were found:
 
    1:  ./snmpd.conf
    2:  /etc/snmp/snmpd.conf🈁
 
 Would you like me to read them in?  Their content will be merged with the
 output files created by this session.
 
 Valid answer examples: "all", "none","3","1,2,5"
 
 Read in which (default = all):🈁

他にsnmpd.confファイルが見つかったので，マージするか問い合わせされている．
　今回はマージしないので，noneを選択．

Read in which (default = all): none🆑
 
 I can create the following types of configuration files for you.
 Select the file type you wish to create:
 (you can create more than one as you run this program)
 
    1:  snmp.conf
    2:  snmptrapd.conf
    3:  snmpd.conf
 
 Other options: quit
 
 Select File:

ファイルタイプは，snmpd.confにしたいので，３を選択．

Select File: 3🆑
 
 The configuration information which can be put into snmpd.conf is divided
 into sections.  Select a configuration section for snmpd.conf
 that you wish to create:
 
    1:  Agent Operating Mode
    2:  Monitor Various Aspects of the Running Host
    3:  Trap Destinations
    4:  System Information Setup🈁
    5:  Extending the Agent
    6:  Access Control Setup
 
 Other options: finished🈁
 
 Select section:

今回は，ここまでで一旦終了するので，finishedと入力．

Select section: finished🆑
 
 I can create the following types of configuration files for you.
 Select the file type you wish to create:
 (you can create more than one as you run this program)
 
    1:  snmp.conf
    2:  snmptrapd.conf
    3:  snmpd.conf
 
 Other options: quit🈁
 
 Select File:
　
　終了するのでquitを入力．

Select File: quit🆑
 
 Error: An snmpd.conf file already exists in this directory.
 
 'overwrite', 'skip', 'rename' or 'append'? :

さっきファイルはなかったのに？overwriteを選択．

'overwrite', 'skip', 'rename' or 'append'? : overwrite🆑
 
 
 The following files were created:
 
   snmpd.conf installed in /usr/share/snmp
 
 $
　ファイルができたようなので，中身を確認．
 $ cat /usr/share/snmp/snmpd.conf🆑
 ###########################################################################
 #
 # snmpd.conf
 #
 #   - created by the snmpconf configuration program
 #
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 $
　何も設定してないので，何もないね．

***snmpd.confにシステム情報を設定する [#reb77aaa]

snmpconfを実行．

$ sudo /usr/bin/snmpconf -i🆑
 Password:🆑
 
 The following installed configuration files were found:
 
    1:  /etc/snmp/snmpd.conf
    2:  /usr/share/snmp/snmpd.conf
 
 Would you like me to read them in?  Their content will be merged with the
 output files created by this session.
 
 Valid answer examples: "all", "none","3","1,2,5"
 
 Read in which (default = all): 
　２番の設定をマージするので２を選択．

Read in which (default = all): 2🆑
 
 I can create the following types of configuration files for you.
 Select the file type you wish to create:
 (you can create more than one as you run this program)
 
    1:  snmptrapd.conf
    2:  snmp.conf
    3:  snmpd.conf
 
 Other options: quit
 
 Select File: 
　３番を選択．

今回のセットアップはシステム情報になるので，4を選択．

Select section: 4🆑
 
 Section: System Information Setup
 Description:
   This section defines some of the information reported in
   the "system" mib group in the mibII tree.
 
 Select from:
 
    1:  The [typically physical] location of the system.🈁
    2:  The contact information for the administrator
    3:  The proper value for the sysServices object.
 
 Other options: finished, list
 
 Select section:

****syslocationの設定 [#w2fc92a6]

最初は，物理的な場所を設定するので，１を選択．

Select section: 1🆑
 
 Configuring: syslocation
 Description:
   The [typically physical] location of the system.
     Note that setting this value here means that when trying to
     perform an snmp SET operation to the sysLocation.0 variable will make
     the agent return the "notWritable" error code.  IE, including
     this token in the snmpd.conf file will disable write access to
     the variable.
     arguments:  location_string
 
 The location of the system:

任意のロケーション情報を入力する．ここでは，BCPセンタ用なのでBCPと入力．

The location of the system: BCP🆑
 
 Finished Output: syslocation  BCP🈁
 
 Section: System Information Setup
 Description:
   This section defines some of the information reported in
   the "system" mib group in the mibII tree.
 
 Select from:
 
    1:  The [typically physical] location of the system.
    2:  The contact information for the administrator🈁
    3:  The proper value for the sysServices object.
 
 Other options: finished, list
 
 Select section:

****syscontactの設定 [#teb84fdc]

次に，管理者の連絡先を入力するために２を選択．

Select section: 2🆑
 
 Configuring: syscontact
 Description:
   The contact information for the administrator
     Note that setting this value here means that when trying to
     perform an snmp SET operation to the sysContact.0 variable will make
     the agent return the "notWritable" error code.  IE, including
     this token in the snmpd.conf file will disable write access to
     the variable.
     arguments:  contact_string
 
 The contact information:

メールアドレスを設定．

The contact information: 管理者メールアドレス
 
 Finished Output: syscontact  管理者メールアドレス
 
 Section: System Information Setup
 Description:
   This section defines some of the information reported in
   the "system" mib group in the mibII tree.
 
 Select from:
 
    1:  The [typically physical] location of the system.
    2:  The contact information for the administrator
    3:  The proper value for the sysServices object.🈁
 
 Other options: finished, list
 
 Select section:

****sysservicesの設定 [#x8794139]

sysServices Objectの設定を行うので，３を入力．

Select section: 3🆑
 
 Configuring: sysservices
 Description:
   The proper value for the sysServices object.
     arguments:  sysservices_number
 
 does this host offer physical services (eg, like a repeater) [answer 0 or 1]:🈁

Yesの場合1を，Noの場合0を入力．

does this host offer physical services (eg, like a repeater) [answer 0 or 1]: 0🈁
 does this host offer datalink/subnetwork services (eg, like a bridge): 0🈁
 does this host offer internet services (eg, supports IP): 1🈁
 does this host offer end-to-end services (eg, supports TCP): 1🈁
 does this host offer application services (eg, supports SMTP): 1🈁

-物理層でのサービスをしてないので，0を選択．
-データリンク層でのサービスをしてないので，0を入力．
-IP層でサービスをしているので1を入力．
-TCP層でサービスをしているので1を入力．
-アプリケーション層でサービスをしているので1を入力．

このように答えると，sysservicesは76となる．

Finished Output: sysservices 76🈁
 
 Section: System Information Setup
 Description:
   This section defines some of the information reported in
   the "system" mib group in the mibII tree.
 
 Select from:
 
    1:  The [typically physical] location of the system.
    2:  The contact information for the administrator
    3:  The proper value for the sysServices object.
 
 Other options: finished, list
 
 Select section:

****設定を確認し保存する [#n06770c9]

これまで設定した内容を確認するのでlistと入力．

Select section: list🆑
 Lines defined for section "System Information Setup" so far:
   syslocation  BCP🈁
   syscontact  管理者メールアドレス🈁
   sysservices 76🈁
 
 Section: System Information Setup
 Description:
   This section defines some of the information reported in
   the "system" mib group in the mibII tree.
 
 Select from:
 
    1:  The [typically physical] location of the system.
    2:  The contact information for the administrator
    3:  The proper value for the sysServices object.
 
 Other options: finished, list
 
 Select section:

ここまでの内容で保存するのでfinishedやquitを入力して終了する．

Select section: finished🆑
 
 The configuration information which can be put into snmpd.conf is divided
 into sections.  Select a configuration section for snmpd.conf
 that you wish to create:
 
    1:  Agent Operating Mode
    2:  Monitor Various Aspects of the Running Host
    3:  Trap Destinations
    4:  System Information Setup
    5:  Extending the Agent
    6:  Access Control Setup
 
 Other options: finished
 
 Select section: finished🆑
 
 I can create the following types of configuration files for you.
 Select the file type you wish to create:
 (you can create more than one as you run this program)
 
    1:  snmptrapd.conf
    2:  snmpd.conf
    3:  snmp.conf
 
 Other options: quit🆑
 
 Select File: quit
 
 
 The following files were created:
 
   snmpd.conf installed in /usr/share/snmp
 $
　保存されたsnmpd.confファイルを確認する．

設定が保存されていることを確認．

**監視設定を定義する [#u5bc4e3e]

プロセス，ディスク容量，ロードアベレージ，ファイルサイズなどの監視を行う設定を行う．
　まずは，サイド編集モードまで．

$ sudo /usr/bin/snmpconf -i🆑
 Password:🆑
 
 The following installed configuration files were found:
 
    1:  /etc/snmp/snmpd.conf
    2:  /usr/share/snmp/snmpd.conf🈁
 
 Would you like me to read them in?  Their content will be merged with the
 output files created by this session.
 
 Valid answer examples: "all", "none","3","1,2,5"
 
 Read in which (default = all): 2🆑
 
 I can create the following types of configuration files for you.
 Select the file type you wish to create:
 (you can create more than one as you run this program)
 
    1:  snmp.conf
    2:  snmptrapd.conf
    3:  snmpd.conf🈁
 
 Other options: quit
 
 Select File: 3🆑
 
 The configuration information which can be put into snmpd.conf is divided
 into sections.  Select a configuration section for snmpd.conf
 that you wish to create:
 
    1:  Agent Operating Mode
    2:  Monitor Various Aspects of the Running Host🈁
    3:  Trap Destinations
    4:  System Information Setup
    5:  Extending the Agent
    6:  Access Control Setup
 
 Other options: finished
 
 Select section: 2🆑
 
 Section: Monitor Various Aspects of the Running Host
 Description:
   The following check up on various aspects of a host.
 
 Select from:
 
    1:  Check for processes that should be running.🈁
    2:  Check for disk space usage of a partition.
    3:  Check for unreasonable load average values.
    4:  Check on the size of a file.
 
 Other options: finished, list
 
 Select section:

ここから先は，メニューを順番に選んでいく．

***プロセスの監視を行う [#i3914a34]

Check for processes that should be running.を選択する．

Select section: 1🆑
 
 Configuring: proc🈁
 Description:
   Check for processes that should be running.
       proc NAME [MAX=0] [MIN=0]
 
       NAME:  the name of the process to check for.  It must match
              exactly (ie, http will not find httpd processes).
       MAX:   the maximum number allowed to be running.  Defaults to 0.
       MIN:   the minimum number to be running.  Defaults to 0.
 
     The results are reported in the prTable section of the UCD-SNMP-MIB tree
     Special Case:  When the min and max numbers are both 0, it assumes
     you want a max of infinity and a min of 1.
 
 Name of the process you want to check on:

ここでは，Sambaのプロセスを監視する．プロセス名はsmbd．
　単純にプロセス名だけを指定する．

Name of the process you want to check on: smbd🆑
 Maximum number of processes named 'smbd' that should be running [default = 0]:🆑
 Minimum number of processes named 'smbd' that should be running [default = 0]:🆑
 
 Finished Output: proc  smbd
 
 Section: Monitor Various Aspects of the Running Host
 Description:
   The following check up on various aspects of a host.
 
 Select from:
 
    1:  Check for processes that should be running.
    2:  Check for disk space usage of a partition.
    3:  Check for unreasonable load average values.
    4:  Check on the size of a file.
 
 Other options: finished, list
 
 Select section:

今回は，プロセス数をmaxもminも，何も指定しないで0(ゼロ)とした．こういう指定をすると，プロセスが１つ以上起動してないとエラーという設定となる．

***ディスクの空き容量の監視を行う [#dbd4165a]

今回は，例として/Volumes/RAID0_12TBというボリュームが95%を超えるかどうかを監視する．

select section: 2🆑
 
  Configuring: disk🈁
  Description:
    Check for disk space usage of a partition.
      The agent can check the amount of available disk space, and make
      sure it is above a set limit.
  
       disk PATH [MIN=100000]
  
       PATH:  mount path to the disk in question.
       MIN:   Disks with space below this value will have the Mib's errorFlag set.
              Can be a raw integer value (units of kB) or a percentage followed by the %
              symbol.  Default value = 100000.
  
      The results are reported in the dskTable section of the UCD-SNMP-MIB tree
  
  Enter the mount point for the disk partion to be checked on: /Volumes/RAID0_12TB🆑
  Enter the minimum amount of space that should be available on /Volumes/RAID0_12TB: 95%🆑
 
 Finished Output: disk  /Volumes/RAID0_12TB 95%🈁
 
 Section: Monitor Various Aspects of the Running Host
 Description:
   The following check up on various aspects of a host.
 
 Select from:
 
    1:  Check for processes that should be running.
    2:  Check for disk space usage of a partition.
    3:  Check for unreasonable load average values.
    4:  Check on the size of a file.
 
 Other options: finished, list
 
 Select section:

システムドライブを指定する場合は，70%くらいが良いのだと思う．大量にエラーがでたら急激に増えるものだしね．

***ロードアベレージを監視する [#b1853029]

ロードアベレージは，CPU1つがビジー状態だと1なので，今回は4coreマシンなので，４の倍数で値を設定した．

Select section: 3🆑
 
 Configuring: load
 Description:
   Check for unreasonable load average values.
     Watch the load average levels on the machine.
 
      load [1MAX=12.0] [5MAX=12.0] [15MAX=12.0]
 
      1MAX:   If the 1 minute load average is above this limit at query
              time, the errorFlag will be set.
      5MAX:   Similar, but for 5 min average.
      15MAX:  Similar, but for 15 min average.
 
     The results are reported in the laTable section of the UCD-SNMP-MIB tree
 
 Enter the maximum allowable value for the 1 minute load average: 12🆑
 Enter the maximum allowable value for the 5 minute load average: 8🆑
 Enter the maximum allowable value for the 15 minute load average: 4🆑
 
 Finished Output: load  12 8 4🈁
 
 Section: Monitor Various Aspects of the Running Host
 Description:
   The following check up on various aspects of a host.
 
 Select from:
 
    1:  Check for processes that should be running.
    2:  Check for disk space usage of a partition.
    3:  Check for unreasonable load average values.
    4:  Check on the size of a file.
 
 Other options: finished, list
 
 Select section:

一旦はこれで．

***ファイルサイズの監視 [#qfe8128e]

継続することで大きくなるファイルを監視する．ここではmacosなので，system.logとしている．Linuxだと/var/log/messagesになる．
　ファイルサイズは30000KB(30Mbyte)とした．

Select section: 4🆑
 
 Configuring: file
 Description:
   Check on the size of a file.
     Display a files size statistics.
     If it grows to be too large, report an error about it.
 
      file /path/to/file [maxsize_in_kilobytes]
 
        if maxsize is not specified, assume only size reporting is needed.
 
     The results are reported in the fileTable section of the UCD-SNMP-MIB tree
 
 Enter the path to the file you wish to monitor: /var/log/system.log🆑
 Enter the maximum size (in kilobytes) allowable for /var/log/system.log: 30000🆑
 
 Finished Output: file  /var/log/system.log 30000
 
 Section: Monitor Various Aspects of the Running Host
 Description:
   The following check up on various aspects of a host.
 
 Select from:
 
    1:  Check for processes that should be running.
    2:  Check for disk space usage of a partition.
    3:  Check for unreasonable load average values.
    4:  Check on the size of a file.
 
 Other options: finished, list
 
 Select section:

ここまでで一通り終了．

****設定を確認し，終了する． [#o7dd07a1]

これまで設定した内容を確認するために，listコマンドを実行．

Select section: list🆑
 Lines defined for section "Monitor Various Aspects of the Running Host" so far:
   proc  smbd
   disk  /Volumes/RAID0_12TB 95%
   load  12 8 4
   file  /var/log/system.log 30000
 
 Section: Monitor Various Aspects of the Running Host
 Description:
   The following check up on various aspects of a host.
 
 Select from:
 
    1:  Check for processes that should be running.
    2:  Check for disk space usage of a partition.
    3:  Check for unreasonable load average values.
    4:  Check on the size of a file.
 
 Other options: finished, list

問題ないので，finishedやquitで終了．

Select section: finished🆑
 
 The configuration information which can be put into snmpd.conf is divided
 into sections.  Select a configuration section for snmpd.conf
 that you wish to create:
 
    1:  Agent Operating Mode
    2:  Monitor Various Aspects of the Running Host
    3:  Trap Destinations
    4:  System Information Setup
    5:  Extending the Agent
    6:  Access Control Setup
 
 Other options: finished🈁
 
 Select section: finished🆑
 
 I can create the following types of configuration files for you.
 Select the file type you wish to create:
 (you can create more than one as you run this program)
 
    1:  snmp.conf
    2:  snmptrapd.conf
    3:  snmpd.conf
 
 Other options: quit🈁
 
 Select File: quit🆑
 
 
 The following files were created:
 
   snmpd.conf installed in /usr/share/snmp🈁
 $

設定ファイルが書き出された模様．

****snmpd.confファイルを確認する [#u0726cb5]

ここまでで設定されたsnmpd.confファイルを確認する．

$ cat /usr/share/snmp/snmpd.conf🆑
 ###########################################################################
 #
 # snmpd.conf
 #
 #   - created by the snmpconf configuration program
 #
 
 
 
 ###########################################################################
 # SECTION: Monitor Various Aspects of the Running Host
 #
 #   The following check up on various aspects of a host.
 
 # proc: Check for processes that should be running.
 #     proc NAME [MAX=0] [MIN=0]
 #
 #     NAME:  the name of the process to check for.  It must match
 #            exactly (ie, http will not find httpd processes).
 #     MAX:   the maximum number allowed to be running.  Defaults to 0.
 #     MIN:   the minimum number to be running.  Defaults to 0.
 #
 #   The results are reported in the prTable section of the UCD-SNMP-MIB tree
 #   Special Case:  When the min and max numbers are both 0, it assumes
 #   you want a max of infinity and a min of 1.
 
 proc  smbd🈁
 
 # disk: Check for disk space usage of a partition.
 #   The agent can check the amount of available disk space, and make
 #   sure it is above a set limit.
 #
 #    disk PATH [MIN=100000]
 #
 #    PATH:  mount path to the disk in question.
 #    MIN:   Disks with space below this value will have the Mib's errorFlag set.
 #           Can be a raw integer value (units of kB) or a percentage followed by the %
 #           symbol.  Default value = 100000.
 #
 #   The results are reported in the dskTable section of the UCD-SNMP-MIB tree
 
 disk  /Volumes/RAID0_12TB 95%🈁
 
 # load: Check for unreasonable load average values.
 #   Watch the load average levels on the machine.
 #
 #    load [1MAX=12.0] [5MAX=12.0] [15MAX=12.0]
 #
 #    1MAX:   If the 1 minute load average is above this limit at query
 #            time, the errorFlag will be set.
 #    5MAX:   Similar, but for 5 min average.
 #    15MAX:  Similar, but for 15 min average.
 #
 #   The results are reported in the laTable section of the UCD-SNMP-MIB tree
 
 load  12 8 4🈁
 
 # file: Check on the size of a file.
 #   Display a files size statistics.
 #   If it grows to be too large, report an error about it.
 #
 #    file /path/to/file [maxsize_in_kilobytes]
 #
 #      if maxsize is not specified, assume only size reporting is needed.
 #
 #   The results are reported in the fileTable section of the UCD-SNMP-MIB tree
 
 file  /var/log/system.log 30000🈁
 
 
 
 
 
 
 ###########################################################################
 # SECTION: System Information Setup
 #
 #   This section defines some of the information reported in
 #   the "system" mib group in the mibII tree.
 
 # syslocation: The [typically physical] location of the system.
 #   Note that setting this value here means that when trying to
 #   perform an snmp SET operation to the sysLocation.0 variable will make
 #   the agent return the "notWritable" error code.  IE, including
 #   this token in the snmpd.conf file will disable write access to
 #   the variable.
 #   arguments:  location_string
 
 syslocation  BCP🈁
 
 # syscontact: The contact information for the administrator
 #   Note that setting this value here means that when trying to
 #   perform an snmp SET operation to the sysContact.0 variable will make
 #   the agent return the "notWritable" error code.  IE, including
 #   this token in the snmpd.conf file will disable write access to
 #   the variable.
 #   arguments:  contact_string
 
 syscontact  管理者メールアドレス
 
 # sysservices: The proper value for the sysServices object.
 #   arguments:  sysservices_number
 
 sysservices 76🈁
 
 
 
 
 
 
 
 
 
 $

コメントとかが多い．．．
　シンプルに書き直す．

$ cat /usr/share/snmp/snmpd.conf🆑
 syslocation  BCP
 syscontact  管理者メールアドレス
 sysservices 76
 
 proc  smbd
 disk  /Volumes/RAID0_12TB 95%
 disk  /Volumes/zeusHD 80%
 load  12 8 4
 file  /var/log/system.log 30000
 
 $

たくさん書いてきたけれど，これだけ．

**監視設定を有効化する [#u1340869]

今回設定した内容を反映させる．
　HUPシグナルをsnmpdプロセスに送ることで，反映させる．

$ ps -ef|grep snmpd🆑
     0 66808🈁     1   0 17 519  ??         3:22.25 /usr/libexec/snmpd -f
   501 43526 42924   0  6:38PM ttys003    0:00.01 grep snmpd
 $ sudo kill -HUP 66808🆑
 $ ps -ef|grep snmpd🆑
     0 66808     1   0 17 519  ??         3:22.27 /usr/libexec/snmpd -f
   501 43533 42924   0  6:39PM ttys003    0:00.00 grep snmpd
 $

設定した内容が反映されているか確認．

$ snmpwalk -v 2c -c public localhost🆑
 SNMPv2-MIB::sysContact.0 = STRING: 管理者メールアドレス
 SNMPv2-MIB::sysContact.0 = No more variables left in this MIB View (It is past the end of the MIB tree)
 $

メールアドレスが出てきたから，正しく設定された模様．ただし，最後にNo more variablesとでている．これはアクセス権限がないから．

**セキュリティ設定を行う [#k6bbc64f]

com2secパラメータを設定して，アクセス制御を行う．

まずは，デフォルトのsnmpd.confを確認．（コメントを外して）

$ cat /etc/snmp/snmpd.conf|grep -v -e '^#'|grep -v -e '^$'🆑
 com2sec local     localhost       COMMUNITY🈁
 com2sec mynetwork NETWORK/24      COMMUNITY🈁
 group MyRWGroup	v1         local
 group MyRWGroup	v2c        local
 group MyRWGroup	usm        local
 group MyROGroup v1         mynetwork
 group MyROGroup v2c        mynetwork
 group MyROGroup usm        mynetwork
 view all    included  .1                               80
 access MyROGroup ""      any       noauth    exact  all    none   none
 access MyRWGroup ""      any       noauth    exact  all    all    none
 rwuser  admin
 rocommunity  public default .1.3.6.1.2.1.1.4🈁
 syslocation Right here, right now.
 syscontact Administrator <postmaster@example.com>
 sysservices 76
 proc httpd
 exec echotest /bin/echo hello world
 exec web_status /Applications/Server.app/Contents/ServerRoot/usr/sbin/serveradmin status web
 exec netboot /Applications/Server.app/Contents/ServerRoot/usr/sbin/serveradmin status netboot
 disk / 10000
 $

macOSの場合，execの以降の部分がついている模様．Server.appをインストールしているか否かに依存しない．
　今回は com2sec local にprivate，com2sec mynetworkにpublicを設定する．
　また，mibのノードは，.1.3.6.1.2.1.1.4となっているが，最上位を解放する．
　まずはオリジナルのファイルをバックアップ．

$ sudo cp -p /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.v00🆑
 $

変更後の差分を確認．

$ diff /etc/snmp/snmpd.conf.v00 /etc/snmp/snmpd.conf🆑
 61,62c61,62
 < com2sec local     localhost       COMMUNITY
 < com2sec mynetwork NETWORK/24      COMMUNITY
 ---
 > com2sec local     localhost       private
 > com2sec mynetwork NETWORK/24      public
 98c98,99
 < rocommunity  public default .1.3.6.1.2.1.1.4
 ---
 > #rocommunity  public default .1.3.6.1.2.1.1.4
 > rocommunity  public default .1
 103c104
 < #rwcommunity  private
 ---
 > rwcommunity  private
 $
　rwcommunity，rwなので書き込みを，privateのコミュニティに許可をする．
　これで設定完了．

**snmpwalkでMIB情報を取得 [#a8bfcabd]

snmpd.confを変更したので，SNMPDを再起動して反映させる．

$ sudo launchctl unload -w /System/Library/LaunchDaemons/org.net-snmp.snmpd.plist🆑
 Password:🆑
 $ ps -ef|grep snmpd🆑
   501 62844 61321   0  8:02PM ttys003    0:00.00 grep snmpd
 $ sudo launchctl load -w /System/Library/LaunchDaemons/org.net-snmp.snmpd.plist🆑
 $ ps -ef|grep snmpd🆑
     0 62848     1   0  8:03PM ??         0:00.20 /usr/libexec/snmpd -f
   501 62851 61321   0  8:03PM ttys003    0:00.00 grep snmpd
 $
　情報が取得できるようになったか，確認する．

$ snmpwalk -v 2c -c public localhost|head -n 10🆑
 SNMPv2-MIB::sysDescr.0 = STRING: Darwin zeus.local 17.7.0 Darwin Kernel Version 17.7.0:
  Wed Feb 27 00:43:23 PST 2019; root:xnu-4570.71.35~1/RELEASE_X86_64 x86_64
 SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAgentOIDs.255
 DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (9626) 0:01:36.26
 SNMPv2-MIB::sysContact.0 = STRING: 管理者メールアドレス
 SNMPv2-MIB::sysName.0 = STRING: zeus.local
 SNMPv2-MIB::sysLocation.0 = STRING: BCP
 SNMPv2-MIB::sysServices.0 = INTEGER: 76
 SNMPv2-MIB::sysORLastChange.0 = Timeticks: (0) 0:00:00.00
 SNMPv2-MIB::sysORID.1 = OID: SNMP-MPD-MIB::snmpMPDMIBObjects.3.1.1
 SNMPv2-MIB::sysORID.2 = OID: SNMP-USER-BASED-SM-MIB::usmMIBCompliance
 $

データ取得ができた．

**おさらい [#f57bec1a]

今回，設定した内容を整理．

$ cat /etc/snmp/snmpd.conf|grep -v -e '^#'|grep -v -e '^$'🆑
 com2sec local     localhost       private
 com2sec mynetwork NETWORK/24      public
 group MyRWGroup	v1         local
 group MyRWGroup	v2c        local
 group MyRWGroup	usm        local
 group MyROGroup v1         mynetwork
 group MyROGroup v2c        mynetwork
 group MyROGroup usm        mynetwork
 view all    included  .1                               80
 access MyROGroup ""      any       noauth    exact  all    none   none
 access MyRWGroup ""      any       noauth    exact  all    all    none
 rwuser  admin
 rocommunity  public default .1
 rwcommunity  private
 syslocation Right here, right now.
 syscontact Administrator <postmaster@example.com>
 sysservices 76
 proc httpd
 exec echotest /bin/echo hello world
 exec web_status /Applications/Server.app/Contents/ServerRoot/usr/sbin/serveradmin status web
 exec netboot /Applications/Server.app/Contents/ServerRoot/usr/sbin/serveradmin status netboot
 disk / 10000
 $
 $ cat /usr/share/snmp/snmpd.conf|grep -v -e '^#'|grep -v -e '^$'🆑
 syslocation  BCP
 syscontact  管理者メールアドレス
 syslocation  BCP
 sysservices 76
 proc  smbd
 disk  /Volumes/RAID0_12TB 95%
 disk  /Volumes/zeusHD 80%
 load  12 8 4
 file  /var/log/system.log 30000
 $

編集の要約:

Q & A 認証: ページ更新時は次の質問にお答えください。(プレビュー時は必要ありません)
Q: 「京都」の読みがな？(ひらがなで)
A:

お名前: タイムスタンプを変更しない