UJP - 技術情報2 : MacOSX/HigiSierra/snmpd をテンプレートにして作成
Life is fun and easy!
不正IP報告数
Okan Sensor
Home
Information
Service
Tech(Free)
Tech(Member)
Blog
FAQ
メイン
ホーム
お知らせ
技術新着情報
組織
サービス
技術情報2
新規ページ作成
最新ページ一覧
全ページ一覧
ヘルプ
技術情報1
技術情報
ブログ
RSSサイト更新
旧ブログ
FAQ
画像ファイル管理
ログイン
ユーザー名:
パスワード:
パスワード再発行手続き
|
無料会員入会手続へ...
ブログ カテゴリ一覧
雑記
(221)
時事
(460)
テレビ・ドラマ
(405)
映画
(895)
007シリーズ
(33)
刑事コロンボ
(62)
災害
(207)
スキルチャージ
(37)
放送大学
(23)
Python
(10)
検定・試験
(32)
セキュリティ
(5)
ニュース・徒然
(315)
攻撃/ブルートフォース
(22)
脆弱性情報/注意喚起
(109)
ツール
(123)
スパム・フィッシング
(516)
事故・事件
(103)
ベンダ・サービス
(3)
文献・統計・参考資料
(124)
事故被害者記録
(44)
あとで確認
(1)
システム障害事故
(53)
サイト構築
(74)
Apple
(17)
Mac Pro 2013
(8)
MacBook Pro
(0)
2011 13inch
(30)
2015 15inch
(5)
2007 15inch
(1)
2008 17inch
(22)
Apple Watch
(69)
mac mini
(0)
2011 server
(4)
2010 server
(5)
2014
(14)
2010
(36)
2005
(8)
MacBook Air
(0)
2011 13inch
(8)
2011 11inch
(31)
2011 13inch/BCP
(9)
2013 13inch/US
(5)
MacBook
(0)
2017 12inch
(8)
2008 13inch 2
(26)
2008 13inch 1
(15)
Macソフト
(131)
Mac周辺機器
(35)
PowerBook
(5)
iPod touch/iOS
(57)
iPhone
(175)
iPad
(75)
ガジェット
(127)
fire tv
(1)
監視・防犯・みまもり
(32)
HUAWEI Watch FIT
(10)
カメラ/デジカメ
(40)
タイムラプス
(6)
ネットワーク機器
(17)
ネットワークケーブル
(4)
ネットワークその他
(6)
ネットワークスピード
(13)
YAMAHA/ヤマハ
(1)
FWX120
(2)
RTX1200
(14)
RTX1100/RTX1000
(10)
RT107e
(2)
NETGEAR WAC510
(11)
NERGEAR Orbi
(1)
Panasonic MNOseries
(3)
マウス&キーボード
(57)
AV機器・レグザ
(99)
ハウツー
(105)
GPS/地図
(69)
ビジネス
(169)
新規ビジネス
(18)
お仕事
(63)
ケータイビジネス
(41)
PC
(11)
EndeavorTN40
(4)
DynabookPT45
(8)
CF-RZ6
(7)
PN-ZP30
(5)
CF-LX4
(9)
Raspberry Pi
(58)
ML110 G5
(20)
LIFEBOOK
(11)
Surface
(50)
ThinkPad R61
(5)
モバイル
(16)
スマホアプリ
(73)
ケータイスマホ機種
(34)
データ通信・契約
(78)
EMONSTER
(5)
IDEOS
(12)
Galaxy Note
(38)
Windows Phone
(20)
Nexus
(22)
コンピュータ
(10)
Windows
(90)
クライアントソフト
(73)
サーバソフト
(32)
Db2
(16)
インターネット
(66)
Google
(111)
ネットサービス
(157)
ハードウェア
(19)
ディスプレイ
(11)
プリンタ
(8)
ストレージ
(5)
情報システム
(95)
趣味
(3)
ポケモンGO
(627)
寝台特急カシオペア/カシオペア紀行
(34)
TOKYO2020
(85)
食べた
(207)
たべた(駅弁)
(30)
飲んだ
(33)
調理した
(21)
ラーメン・麺類
(202)
鉄道
(234)
農園
(157)
アクアリウム
(159)
ホテル・旅館
(42)
書評
(37)
演劇
(21)
車・バイク
(72)
自然・星
(35)
散策・近代建築
(18)
神社・寺
(50)
高層ビル
(24)
現代建築
(15)
建築物
(6)
観光・名所
(87)
イベント
(72)
散策:城
(33)
ディズニー
(24)
モーターショー
(16)
鳥
(9)
美術館
(28)
コンサート/ライブ
(64)
船
(3)
スポーツ
(118)
音楽
(73)
サマリ
(6)
ミニカー
(4)
ピンバッチ
(3)
Nゲージダイキャスト
(8)
Nゲージ
(0)
サイト運営
(39)
人生
(51)
お金の話
(89)
体・病気
(116)
投資で凍死
(162)
相続・土地売買
(9)
コンテンツ更新情報
(2)
macOSでSNMPDが利用できるまで
をテンプレートにして作成
技術情報2
MacOSX/HigiSierra/snmpd をテンプレートにして作成
開始行:
*macOSでSNMPDが利用できるまで
**はじめに
macOSをサーバとして運用するので,SNMPによって性能などの...
今回は,macOS 10.13.6のHigh Sierraで動作確認した.
**現状確認.
まずは,現在SNMPプロセスが起動してない事を確認.
$ ps -ef|grep snmp🆑
501 66796 65920 0 4:51PM ttys003 0:00.00 grep snmp
$
プロセスは起動してない.
macOSの場合はLaunchDaemonでサーバプロセスを管理している...
$ locate snmp|grep plist🆑
/System/Library/LaunchDaemons/org.net-snmp.snmpd.plist
$
確認できた設定ファイルの中身を表示.
$ cat /System/Library/LaunchDaemons/org.net-snmp.snmpd.p...
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0...
<plist version="1.0">
<dict>
<key>Disabled</key>
<true/>
<key>Label</key>
<string>org.net-snmp.snmpd</string>
<key>KeepAlive</key>
<true/>
<key>Program</key>
<string>/usr/sbin/snmpd</string>
<key>ProgramArguments</key>
<array>
<string>snmpd</string>
<string>-f</string>
</array>
<key>ProcessType</key>
<string>Background</string>
</dict>
</plist>
$
Disabledになっているので,起動してないのかな.
LaunchDaemonでSNMPDをroot権限で起動する.
$ sudo launchctl load -w /System/Library/LaunchDaemons/o...
Password:🆑
$
プロセスを確認.
$ ps -ef|grep snmp🆑
0 66808 1 0 4:52PM ?? 0:00.23 /usr/li...
501 66812 65920 0 4:52PM ttys003 0:00.00 grep snmp
$
稼働確認できた.
**SNMPで接続してみる
SNMPDプロセスが起動したので,次はsnmpwalkコマンドを使っ...
コマンドの場所を確認.
$ which snmpwalk🆑
/usr/bin/snmpwalk🈁
$
snmpwalkコマンドで接続してみる.
$ snmpwalk -v 2c -c public localhost🆑
SNMPv2-MIB::sysContact.0 = STRING: Administrator <postma...
SNMPv2-MIB::sysContact.0 = No more variables left in thi...
$
何の情報も出てないが,Timeoutとかのエラーになってないの...
**snmpd.confをsnmpconfコマンドを使って対話的に設定する
***snmpd.confファイルを確認
snmpconfコマンドを使うと,/usr/share/snmp/snmpd.confが...
$ ls -lat /usr/share/snmp🆑
total 60
drwxr-xr-x 47 root wheel 1504 4 3 2018 ..
drwxr-xr-x 65 root wheel 2080 7 16 2017 mibs
drwxr-xr-x 28 root wheel 896 7 16 2017 .
-rw-r--r-- 1 root wheel 16218 7 16 2017 SensorDat.xml
drwxr-xr-x 69 root wheel 2208 7 16 2017 mib2c-data
-rw-r--r-- 1 root wheel 6531 7 16 2017 mib2c.access_...
-rw-r--r-- 1 root wheel 2391 7 16 2017 mib2c.check_v...
-rw-r--r-- 1 root wheel 28202 7 16 2017 mib2c.contain...
-rw-r--r-- 1 root wheel 8498 7 16 2017 mib2c.genhtml...
-rw-r--r-- 1 root wheel 3088 7 16 2017 mib2c.int_wat...
-rw-r--r-- 1 root wheel 2027 7 16 2017 mib2c.notify....
-rw-r--r-- 1 root wheel 8777 7 16 2017 mib2c.perl.conf
-rw-r--r-- 1 root wheel 19509 7 16 2017 mib2c.raw-tab...
-rw-r--r-- 1 root wheel 22905 7 16 2017 mib2c.table_d...
drwxr-xr-x 5 root wheel 160 7 16 2017 snmpconf-data
-rw-r--r-- 1 root wheel 37700 7 16 2017 mib2c.array-u...
-rw-r--r-- 1 root wheel 4646 7 16 2017 mib2c.check_v...
-rw-r--r-- 1 root wheel 330 7 16 2017 mib2c.column_...
-rw-r--r-- 1 root wheel 602 7 16 2017 mib2c.column_...
-rw-r--r-- 1 root wheel 728 7 16 2017 mib2c.column_...
-rw-r--r-- 1 root wheel 11942 7 16 2017 mib2c.conf
-rw-r--r-- 1 root wheel 3471 7 16 2017 mib2c.create-...
-rw-r--r-- 1 root wheel 22345 7 16 2017 mib2c.iterate...
-rw-r--r-- 1 root wheel 15095 7 16 2017 mib2c.iterate...
-rw-r--r-- 1 root wheel 948 7 16 2017 mib2c.mfd.conf
-rw-r--r-- 1 root wheel 9182 7 16 2017 mib2c.old-api...
-rw-r--r-- 1 root wheel 4455 7 16 2017 mib2c.scalar....
-rw-r--r-- 1 root wheel 431 7 16 2017 snmp_perl_tra...
$
snmpd.confは存在しなかった.
***snmpconfのコマンドヘルプの確認
sndmpdは,snmpd.confで設定を制御するが,まずは/usr/bin/...
まずは,コマンドヘルプを.
$ /usr/bin/snmpconf -h🆑
/usr/bin/snmpconf [options] [FILETOCREATE...]
options:
-f overwrite existing files without prompting
-i install created files into /usr/share/snmp.
-p install created files into /Users/ujpadmi...
-I DIR install created files into DIR.
-a Don't ask any questions, just read in cur...
current .conf files and comment them
-r all|none Read in all or none of the .conf files fo...
-R file,... Read in a particular list of .conf files.
-g GROUP Ask a series of GROUPed questions.
-G List known GROUPs.
-c conf_dir use alternate configuration directory.
-q run more quietly with less advice.
-d turn on debugging output.
-D turn on debugging dumper output.
$
新しいファイルを/usr/share/snmp以下に作成するのでiオプ...
$ sudo /usr/bin/snmpconf -i🆑
Password:🆑
The following installed configuration files were found:
1: ./snmpd.conf
2: /etc/snmp/snmpd.conf🈁
Would you like me to read them in? Their content will b...
output files created by this session.
Valid answer examples: "all", "none","3","1,2,5"
Read in which (default = all):🈁
他にsnmpd.confファイルが見つかったので,マージするか問...
今回はマージしないので,noneを選択.
Read in which (default = all): none🆑
I can create the following types of configuration files ...
Select the file type you wish to create:
(you can create more than one as you run this program)
1: snmp.conf
2: snmptrapd.conf
3: snmpd.conf
Other options: quit
Select File:
ファイルタイプは,snmpd.confにしたいので,3を選択.
Select File: 3🆑
The configuration information which can be put into snmp...
into sections. Select a configuration section for snmpd...
that you wish to create:
1: Agent Operating Mode
2: Monitor Various Aspects of the Running Host
3: Trap Destinations
4: System Information Setup🈁
5: Extending the Agent
6: Access Control Setup
Other options: finished🈁
Select section:
今回は,ここまでで一旦終了するので,finishedと入力.
Select section: finished🆑
I can create the following types of configuration files ...
Select the file type you wish to create:
(you can create more than one as you run this program)
1: snmp.conf
2: snmptrapd.conf
3: snmpd.conf
Other options: quit🈁
Select File:
終了するのでquitを入力.
Select File: quit🆑
Error: An snmpd.conf file already exists in this directo...
'overwrite', 'skip', 'rename' or 'append'? :
さっきファイルはなかったのに?overwriteを選択.
'overwrite', 'skip', 'rename' or 'append'? : overwrite🆑
The following files were created:
snmpd.conf installed in /usr/share/snmp
$
ファイルができたようなので,中身を確認.
$ cat /usr/share/snmp/snmpd.conf🆑
########################################################...
#
# snmpd.conf
#
# - created by the snmpconf configuration program
#
$
何も設定してないので,何もないね.
***snmpd.confにシステム情報を設定する
snmpconfを実行.
$ sudo /usr/bin/snmpconf -i🆑
Password:🆑
The following installed configuration files were found:
1: /etc/snmp/snmpd.conf
2: /usr/share/snmp/snmpd.conf
Would you like me to read them in? Their content will b...
output files created by this session.
Valid answer examples: "all", "none","3","1,2,5"
Read in which (default = all):
2番の設定をマージするので2を選択.
Read in which (default = all): 2🆑
I can create the following types of configuration files ...
Select the file type you wish to create:
(you can create more than one as you run this program)
1: snmptrapd.conf
2: snmp.conf
3: snmpd.conf
Other options: quit
Select File:
3番を選択.
Select File: 3🆑
The configuration information which can be put into snmp...
into sections. Select a configuration section for snmpd...
that you wish to create:
1: Agent Operating Mode
2: Monitor Various Aspects of the Running Host
3: Trap Destinations
4: System Information Setup🈁
5: Extending the Agent
6: Access Control Setup
Other options: finished
Select section:
今回のセットアップはシステム情報になるので,4を選択.
Select section: 4🆑
Section: System Information Setup
Description:
This section defines some of the information reported in
the "system" mib group in the mibII tree.
Select from:
1: The [typically physical] location of the system.🈁
2: The contact information for the administrator
3: The proper value for the sysServices object.
Other options: finished, list
Select section:
****syslocationの設定
最初は,物理的な場所を設定するので,1を選択.
Select section: 1🆑
Configuring: syslocation
Description:
The [typically physical] location of the system.
Note that setting this value here means that when tr...
perform an snmp SET operation to the sysLocation.0 v...
the agent return the "notWritable" error code. IE, ...
this token in the snmpd.conf file will disable write...
the variable.
arguments: location_string
The location of the system:
任意のロケーション情報を入力する.ここでは,BCPセンタ用...
The location of the system: BCP🆑
Finished Output: syslocation BCP🈁
Section: System Information Setup
Description:
This section defines some of the information reported in
the "system" mib group in the mibII tree.
Select from:
1: The [typically physical] location of the system.
2: The contact information for the administrator🈁
3: The proper value for the sysServices object.
Other options: finished, list
Select section:
****syscontactの設定
次に,管理者の連絡先を入力するために2を選択.
Select section: 2🆑
Configuring: syscontact
Description:
The contact information for the administrator
Note that setting this value here means that when tr...
perform an snmp SET operation to the sysContact.0 va...
the agent return the "notWritable" error code. IE, ...
this token in the snmpd.conf file will disable write...
the variable.
arguments: contact_string
The contact information:
メールアドレスを設定.
The contact information: 管理者メールアドレス
Finished Output: syscontact 管理者メールアドレス
Section: System Information Setup
Description:
This section defines some of the information reported in
the "system" mib group in the mibII tree.
Select from:
1: The [typically physical] location of the system.
2: The contact information for the administrator
3: The proper value for the sysServices object.🈁
Other options: finished, list
Select section:
****sysservicesの設定
sysServices Objectの設定を行うので,3を入力.
Select section: 3🆑
Configuring: sysservices
Description:
The proper value for the sysServices object.
arguments: sysservices_number
does this host offer physical services (eg, like a repea...
Yesの場合1を,Noの場合0を入力.
does this host offer physical services (eg, like a repea...
does this host offer datalink/subnetwork services (eg, l...
does this host offer internet services (eg, supports IP)...
does this host offer end-to-end services (eg, supports T...
does this host offer application services (eg, supports ...
-物理層でのサービスをしてないので,0を選択.
-データリンク層でのサービスをしてないので,0を入力.
-IP層でサービスをしているので1を入力.
-TCP層でサービスをしているので1を入力.
-アプリケーション層でサービスをしているので1を入力.
このように答えると,sysservicesは76となる.
Finished Output: sysservices 76🈁
Section: System Information Setup
Description:
This section defines some of the information reported in
the "system" mib group in the mibII tree.
Select from:
1: The [typically physical] location of the system.
2: The contact information for the administrator
3: The proper value for the sysServices object.
Other options: finished, list
Select section:
****設定を確認し保存する
これまで設定した内容を確認するのでlistと入力.
Select section: list🆑
Lines defined for section "System Information Setup" so ...
syslocation BCP🈁
syscontact 管理者メールアドレス🈁
sysservices 76🈁
Section: System Information Setup
Description:
This section defines some of the information reported in
the "system" mib group in the mibII tree.
Select from:
1: The [typically physical] location of the system.
2: The contact information for the administrator
3: The proper value for the sysServices object.
Other options: finished, list
Select section:
ここまでの内容で保存するのでfinishedやquitを入力して終...
Select section: finished🆑
The configuration information which can be put into snmp...
into sections. Select a configuration section for snmpd...
that you wish to create:
1: Agent Operating Mode
2: Monitor Various Aspects of the Running Host
3: Trap Destinations
4: System Information Setup
5: Extending the Agent
6: Access Control Setup
Other options: finished
Select section: finished🆑
I can create the following types of configuration files ...
Select the file type you wish to create:
(you can create more than one as you run this program)
1: snmptrapd.conf
2: snmpd.conf
3: snmp.conf
Other options: quit🆑
Select File: quit
The following files were created:
snmpd.conf installed in /usr/share/snmp
$
保存されたsnmpd.confファイルを確認する.
$ cat /usr/share/snmp/snmpd.conf🆑
########################################################...
#
# snmpd.conf
#
# - created by the snmpconf configuration program
#
########################################################...
# SECTION: System Information Setup
#
# This section defines some of the information reporte...
# the "system" mib group in the mibII tree.
# syslocation: The [typically physical] location of the ...
# Note that setting this value here means that when tr...
# perform an snmp SET operation to the sysLocation.0 v...
# the agent return the "notWritable" error code. IE, ...
# this token in the snmpd.conf file will disable write...
# the variable.
# arguments: location_string
syslocation BCP
# syscontact: The contact information for the administra...
# Note that setting this value here means that when tr...
# perform an snmp SET operation to the sysContact.0 va...
# the agent return the "notWritable" error code. IE, ...
# this token in the snmpd.conf file will disable write...
# the variable.
# arguments: contact_string
syscontact 管理者メールアドレス
# sysservices: The proper value for the sysServices obje...
# arguments: sysservices_number
sysservices 76
$
設定が保存されていることを確認.
**監視設定を定義する
プロセス,ディスク容量,ロードアベレージ,ファイルサイ...
まずは,サイド編集モードまで.
$ sudo /usr/bin/snmpconf -i🆑
Password:🆑
The following installed configuration files were found:
1: /etc/snmp/snmpd.conf
2: /usr/share/snmp/snmpd.conf🈁
Would you like me to read them in? Their content will b...
output files created by this session.
Valid answer examples: "all", "none","3","1,2,5"
Read in which (default = all): 2🆑
I can create the following types of configuration files ...
Select the file type you wish to create:
(you can create more than one as you run this program)
1: snmp.conf
2: snmptrapd.conf
3: snmpd.conf🈁
Other options: quit
Select File: 3🆑
The configuration information which can be put into snmp...
into sections. Select a configuration section for snmpd...
that you wish to create:
1: Agent Operating Mode
2: Monitor Various Aspects of the Running Host🈁
3: Trap Destinations
4: System Information Setup
5: Extending the Agent
6: Access Control Setup
Other options: finished
Select section: 2🆑
Section: Monitor Various Aspects of the Running Host
Description:
The following check up on various aspects of a host.
Select from:
1: Check for processes that should be running.🈁
2: Check for disk space usage of a partition.
3: Check for unreasonable load average values.
4: Check on the size of a file.
Other options: finished, list
Select section:
ここから先は,メニューを順番に選んでいく.
***プロセスの監視を行う
Check for processes that should be running.を選択する.
Select section: 1🆑
Configuring: proc🈁
Description:
Check for processes that should be running.
proc NAME [MAX=0] [MIN=0]
NAME: the name of the process to check for. It m...
exactly (ie, http will not find httpd proce...
MAX: the maximum number allowed to be running. ...
MIN: the minimum number to be running. Defaults...
The results are reported in the prTable section of t...
Special Case: When the min and max numbers are both...
you want a max of infinity and a min of 1.
Name of the process you want to check on:
ここでは,Sambaのプロセスを監視する.プロセス名はsmbd.
単純にプロセス名だけを指定する.
Name of the process you want to check on: smbd🆑
Maximum number of processes named 'smbd' that should be ...
Minimum number of processes named 'smbd' that should be ...
Finished Output: proc smbd
Section: Monitor Various Aspects of the Running Host
Description:
The following check up on various aspects of a host.
Select from:
1: Check for processes that should be running.
2: Check for disk space usage of a partition.
3: Check for unreasonable load average values.
4: Check on the size of a file.
Other options: finished, list
Select section:
今回は,プロセス数をmaxもminも,何も指定しないで0(ゼロ)...
***ディスクの空き容量の監視を行う
今回は,例として/Volumes/RAID0_12TBというボリュームが95...
select section: 2🆑
Configuring: disk🈁
Description:
Check for disk space usage of a partition.
The agent can check the amount of available disk sp...
sure it is above a set limit.
disk PATH [MIN=100000]
PATH: mount path to the disk in question.
MIN: Disks with space below this value will have...
Can be a raw integer value (units of kB) or...
symbol. Default value = 100000.
The results are reported in the dskTable section of...
Enter the mount point for the disk partion to be checke...
Enter the minimum amount of space that should be availa...
Finished Output: disk /Volumes/RAID0_12TB 95%🈁
Section: Monitor Various Aspects of the Running Host
Description:
The following check up on various aspects of a host.
Select from:
1: Check for processes that should be running.
2: Check for disk space usage of a partition.
3: Check for unreasonable load average values.
4: Check on the size of a file.
Other options: finished, list
Select section:
システムドライブを指定する場合は,70%くらいが良いのだと...
***ロードアベレージを監視する
ロードアベレージは,CPU1つがビジー状態だと1なので,今回...
Select section: 3🆑
Configuring: load
Description:
Check for unreasonable load average values.
Watch the load average levels on the machine.
load [1MAX=12.0] [5MAX=12.0] [15MAX=12.0]
1MAX: If the 1 minute load average is above this ...
time, the errorFlag will be set.
5MAX: Similar, but for 5 min average.
15MAX: Similar, but for 15 min average.
The results are reported in the laTable section of t...
Enter the maximum allowable value for the 1 minute load ...
Enter the maximum allowable value for the 5 minute load ...
Enter the maximum allowable value for the 15 minute load...
Finished Output: load 12 8 4🈁
Section: Monitor Various Aspects of the Running Host
Description:
The following check up on various aspects of a host.
Select from:
1: Check for processes that should be running.
2: Check for disk space usage of a partition.
3: Check for unreasonable load average values.
4: Check on the size of a file.
Other options: finished, list
Select section:
一旦はこれで.
***ファイルサイズの監視
継続することで大きくなるファイルを監視する.ここではmac...
ファイルサイズは30000KB(30Mbyte)とした.
Select section: 4🆑
Configuring: file
Description:
Check on the size of a file.
Display a files size statistics.
If it grows to be too large, report an error about it.
file /path/to/file [maxsize_in_kilobytes]
if maxsize is not specified, assume only size rep...
The results are reported in the fileTable section of...
Enter the path to the file you wish to monitor: /var/log...
Enter the maximum size (in kilobytes) allowable for /var...
Finished Output: file /var/log/system.log 30000
Section: Monitor Various Aspects of the Running Host
Description:
The following check up on various aspects of a host.
Select from:
1: Check for processes that should be running.
2: Check for disk space usage of a partition.
3: Check for unreasonable load average values.
4: Check on the size of a file.
Other options: finished, list
Select section:
ここまでで一通り終了.
****設定を確認し,終了する.
これまで設定した内容を確認するために,listコマンドを実...
Select section: list🆑
Lines defined for section "Monitor Various Aspects of th...
proc smbd
disk /Volumes/RAID0_12TB 95%
load 12 8 4
file /var/log/system.log 30000
Section: Monitor Various Aspects of the Running Host
Description:
The following check up on various aspects of a host.
Select from:
1: Check for processes that should be running.
2: Check for disk space usage of a partition.
3: Check for unreasonable load average values.
4: Check on the size of a file.
Other options: finished, list
問題ないので,finishedやquitで終了.
Select section: finished🆑
The configuration information which can be put into snmp...
into sections. Select a configuration section for snmpd...
that you wish to create:
1: Agent Operating Mode
2: Monitor Various Aspects of the Running Host
3: Trap Destinations
4: System Information Setup
5: Extending the Agent
6: Access Control Setup
Other options: finished🈁
Select section: finished🆑
I can create the following types of configuration files ...
Select the file type you wish to create:
(you can create more than one as you run this program)
1: snmp.conf
2: snmptrapd.conf
3: snmpd.conf
Other options: quit🈁
Select File: quit🆑
The following files were created:
snmpd.conf installed in /usr/share/snmp🈁
$
設定ファイルが書き出された模様.
****snmpd.confファイルを確認する
ここまでで設定されたsnmpd.confファイルを確認する.
$ cat /usr/share/snmp/snmpd.conf🆑
########################################################...
#
# snmpd.conf
#
# - created by the snmpconf configuration program
#
########################################################...
# SECTION: Monitor Various Aspects of the Running Host
#
# The following check up on various aspects of a host.
# proc: Check for processes that should be running.
# proc NAME [MAX=0] [MIN=0]
#
# NAME: the name of the process to check for. It m...
# exactly (ie, http will not find httpd proce...
# MAX: the maximum number allowed to be running. ...
# MIN: the minimum number to be running. Defaults...
#
# The results are reported in the prTable section of t...
# Special Case: When the min and max numbers are both...
# you want a max of infinity and a min of 1.
proc smbd🈁
# disk: Check for disk space usage of a partition.
# The agent can check the amount of available disk spa...
# sure it is above a set limit.
#
# disk PATH [MIN=100000]
#
# PATH: mount path to the disk in question.
# MIN: Disks with space below this value will have ...
# Can be a raw integer value (units of kB) or ...
# symbol. Default value = 100000.
#
# The results are reported in the dskTable section of ...
disk /Volumes/RAID0_12TB 95%🈁
# load: Check for unreasonable load average values.
# Watch the load average levels on the machine.
#
# load [1MAX=12.0] [5MAX=12.0] [15MAX=12.0]
#
# 1MAX: If the 1 minute load average is above this ...
# time, the errorFlag will be set.
# 5MAX: Similar, but for 5 min average.
# 15MAX: Similar, but for 15 min average.
#
# The results are reported in the laTable section of t...
load 12 8 4🈁
# file: Check on the size of a file.
# Display a files size statistics.
# If it grows to be too large, report an error about it.
#
# file /path/to/file [maxsize_in_kilobytes]
#
# if maxsize is not specified, assume only size rep...
#
# The results are reported in the fileTable section of...
file /var/log/system.log 30000🈁
########################################################...
# SECTION: System Information Setup
#
# This section defines some of the information reporte...
# the "system" mib group in the mibII tree.
# syslocation: The [typically physical] location of the ...
# Note that setting this value here means that when tr...
# perform an snmp SET operation to the sysLocation.0 v...
# the agent return the "notWritable" error code. IE, ...
# this token in the snmpd.conf file will disable write...
# the variable.
# arguments: location_string
syslocation BCP🈁
# syscontact: The contact information for the administra...
# Note that setting this value here means that when tr...
# perform an snmp SET operation to the sysContact.0 va...
# the agent return the "notWritable" error code. IE, ...
# this token in the snmpd.conf file will disable write...
# the variable.
# arguments: contact_string
syscontact 管理者メールアドレス
# sysservices: The proper value for the sysServices obje...
# arguments: sysservices_number
sysservices 76🈁
$
コメントとかが多い...
シンプルに書き直す.
$ cat /usr/share/snmp/snmpd.conf🆑
syslocation BCP
syscontact 管理者メールアドレス
sysservices 76
proc smbd
disk /Volumes/RAID0_12TB 95%
disk /Volumes/zeusHD 80%
load 12 8 4
file /var/log/system.log 30000
$
たくさん書いてきたけれど,これだけ.
**監視設定を有効化する
今回設定した内容を反映させる.
HUPシグナルをsnmpdプロセスに送ることで,反映させる.
$ ps -ef|grep snmpd🆑
0 66808🈁 1 0 17 519 ?? 3:22.25 /usr/l...
501 43526 42924 0 6:38PM ttys003 0:00.01 grep sn...
$ sudo kill -HUP 66808🆑
$ ps -ef|grep snmpd🆑
0 66808 1 0 17 519 ?? 3:22.27 /usr/li...
501 43533 42924 0 6:39PM ttys003 0:00.00 grep sn...
$
設定した内容が反映されているか確認.
$ snmpwalk -v 2c -c public localhost🆑
SNMPv2-MIB::sysContact.0 = STRING: 管理者メールアドレス
SNMPv2-MIB::sysContact.0 = No more variables left in thi...
$
メールアドレスが出てきたから,正しく設定された模様.た...
**セキュリティ設定を行う
com2secパラメータを設定して,アクセス制御を行う.
まずは,デフォルトのsnmpd.confを確認.(コメントを外し...
$ cat /etc/snmp/snmpd.conf|grep -v -e '^#'|grep -v -e '^...
com2sec local localhost COMMUNITY🈁
com2sec mynetwork NETWORK/24 COMMUNITY🈁
group MyRWGroup v1 local
group MyRWGroup v2c local
group MyRWGroup usm local
group MyROGroup v1 mynetwork
group MyROGroup v2c mynetwork
group MyROGroup usm mynetwork
view all included .1 80
access MyROGroup "" any noauth exact all ...
access MyRWGroup "" any noauth exact all ...
rwuser admin
rocommunity public default .1.3.6.1.2.1.1.4🈁
syslocation Right here, right now.
syscontact Administrator <postmaster@example.com>
sysservices 76
proc httpd
exec echotest /bin/echo hello world
exec web_status /Applications/Server.app/Contents/Server...
exec netboot /Applications/Server.app/Contents/ServerRoo...
disk / 10000
$
macOSの場合,execの以降の部分がついている模様.Server.a...
今回は com2sec local にprivate,com2sec mynetworkにpubl...
また,mibのノードは,.1.3.6.1.2.1.1.4となっているが,最...
まずはオリジナルのファイルをバックアップ.
$ sudo cp -p /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.v...
$
変更後の差分を確認.
$ diff /etc/snmp/snmpd.conf.v00 /etc/snmp/snmpd.conf🆑
61,62c61,62
< com2sec local localhost COMMUNITY
< com2sec mynetwork NETWORK/24 COMMUNITY
---
> com2sec local localhost private
> com2sec mynetwork NETWORK/24 public
98c98,99
< rocommunity public default .1.3.6.1.2.1.1.4
---
> #rocommunity public default .1.3.6.1.2.1.1.4
> rocommunity public default .1
103c104
< #rwcommunity private
---
> rwcommunity private
$
rwcommunity,rwなので書き込みを,privateのコミュニティ...
これで設定完了.
**snmpwalkでMIB情報を取得
snmpd.confを変更したので,SNMPDを再起動して反映させる.
$ sudo launchctl unload -w /System/Library/LaunchDaemons...
Password:🆑
$ ps -ef|grep snmpd🆑
501 62844 61321 0 8:02PM ttys003 0:00.00 grep sn...
$ sudo launchctl load -w /System/Library/LaunchDaemons/o...
$ ps -ef|grep snmpd🆑
0 62848 1 0 8:03PM ?? 0:00.20 /usr/li...
501 62851 61321 0 8:03PM ttys003 0:00.00 grep sn...
$
情報が取得できるようになったか,確認する.
$ snmpwalk -v 2c -c public localhost|head -n 10🆑
SNMPv2-MIB::sysDescr.0 = STRING: Darwin zeus.local 17.7....
Wed Feb 27 00:43:23 PST 2019; root:xnu-4570.71.35~1/REL...
SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAg...
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (9626) ...
SNMPv2-MIB::sysContact.0 = STRING: 管理者メールアドレス
SNMPv2-MIB::sysName.0 = STRING: zeus.local
SNMPv2-MIB::sysLocation.0 = STRING: BCP
SNMPv2-MIB::sysServices.0 = INTEGER: 76
SNMPv2-MIB::sysORLastChange.0 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORID.1 = OID: SNMP-MPD-MIB::snmpMPDMIBObj...
SNMPv2-MIB::sysORID.2 = OID: SNMP-USER-BASED-SM-MIB::usm...
$
データ取得ができた.
**おさらい
今回,設定した内容を整理.
$ cat /etc/snmp/snmpd.conf|grep -v -e '^#'|grep -v -e '^...
com2sec local localhost private
com2sec mynetwork NETWORK/24 public
group MyRWGroup v1 local
group MyRWGroup v2c local
group MyRWGroup usm local
group MyROGroup v1 mynetwork
group MyROGroup v2c mynetwork
group MyROGroup usm mynetwork
view all included .1 80
access MyROGroup "" any noauth exact all ...
access MyRWGroup "" any noauth exact all ...
rwuser admin
rocommunity public default .1
rwcommunity private
syslocation Right here, right now.
syscontact Administrator <postmaster@example.com>
sysservices 76
proc httpd
exec echotest /bin/echo hello world
exec web_status /Applications/Server.app/Contents/Server...
exec netboot /Applications/Server.app/Contents/ServerRoo...
disk / 10000
$
$ cat /usr/share/snmp/snmpd.conf|grep -v -e '^#'|grep -v...
syslocation BCP
syscontact 管理者メールアドレス
syslocation BCP
sysservices 76
proc smbd
disk /Volumes/RAID0_12TB 95%
disk /Volumes/zeusHD 80%
load 12 8 4
file /var/log/system.log 30000
$
終了行:
*macOSでSNMPDが利用できるまで
**はじめに
macOSをサーバとして運用するので,SNMPによって性能などの...
今回は,macOS 10.13.6のHigh Sierraで動作確認した.
**現状確認.
まずは,現在SNMPプロセスが起動してない事を確認.
$ ps -ef|grep snmp🆑
501 66796 65920 0 4:51PM ttys003 0:00.00 grep snmp
$
プロセスは起動してない.
macOSの場合はLaunchDaemonでサーバプロセスを管理している...
$ locate snmp|grep plist🆑
/System/Library/LaunchDaemons/org.net-snmp.snmpd.plist
$
確認できた設定ファイルの中身を表示.
$ cat /System/Library/LaunchDaemons/org.net-snmp.snmpd.p...
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0...
<plist version="1.0">
<dict>
<key>Disabled</key>
<true/>
<key>Label</key>
<string>org.net-snmp.snmpd</string>
<key>KeepAlive</key>
<true/>
<key>Program</key>
<string>/usr/sbin/snmpd</string>
<key>ProgramArguments</key>
<array>
<string>snmpd</string>
<string>-f</string>
</array>
<key>ProcessType</key>
<string>Background</string>
</dict>
</plist>
$
Disabledになっているので,起動してないのかな.
LaunchDaemonでSNMPDをroot権限で起動する.
$ sudo launchctl load -w /System/Library/LaunchDaemons/o...
Password:🆑
$
プロセスを確認.
$ ps -ef|grep snmp🆑
0 66808 1 0 4:52PM ?? 0:00.23 /usr/li...
501 66812 65920 0 4:52PM ttys003 0:00.00 grep snmp
$
稼働確認できた.
**SNMPで接続してみる
SNMPDプロセスが起動したので,次はsnmpwalkコマンドを使っ...
コマンドの場所を確認.
$ which snmpwalk🆑
/usr/bin/snmpwalk🈁
$
snmpwalkコマンドで接続してみる.
$ snmpwalk -v 2c -c public localhost🆑
SNMPv2-MIB::sysContact.0 = STRING: Administrator <postma...
SNMPv2-MIB::sysContact.0 = No more variables left in thi...
$
何の情報も出てないが,Timeoutとかのエラーになってないの...
**snmpd.confをsnmpconfコマンドを使って対話的に設定する
***snmpd.confファイルを確認
snmpconfコマンドを使うと,/usr/share/snmp/snmpd.confが...
$ ls -lat /usr/share/snmp🆑
total 60
drwxr-xr-x 47 root wheel 1504 4 3 2018 ..
drwxr-xr-x 65 root wheel 2080 7 16 2017 mibs
drwxr-xr-x 28 root wheel 896 7 16 2017 .
-rw-r--r-- 1 root wheel 16218 7 16 2017 SensorDat.xml
drwxr-xr-x 69 root wheel 2208 7 16 2017 mib2c-data
-rw-r--r-- 1 root wheel 6531 7 16 2017 mib2c.access_...
-rw-r--r-- 1 root wheel 2391 7 16 2017 mib2c.check_v...
-rw-r--r-- 1 root wheel 28202 7 16 2017 mib2c.contain...
-rw-r--r-- 1 root wheel 8498 7 16 2017 mib2c.genhtml...
-rw-r--r-- 1 root wheel 3088 7 16 2017 mib2c.int_wat...
-rw-r--r-- 1 root wheel 2027 7 16 2017 mib2c.notify....
-rw-r--r-- 1 root wheel 8777 7 16 2017 mib2c.perl.conf
-rw-r--r-- 1 root wheel 19509 7 16 2017 mib2c.raw-tab...
-rw-r--r-- 1 root wheel 22905 7 16 2017 mib2c.table_d...
drwxr-xr-x 5 root wheel 160 7 16 2017 snmpconf-data
-rw-r--r-- 1 root wheel 37700 7 16 2017 mib2c.array-u...
-rw-r--r-- 1 root wheel 4646 7 16 2017 mib2c.check_v...
-rw-r--r-- 1 root wheel 330 7 16 2017 mib2c.column_...
-rw-r--r-- 1 root wheel 602 7 16 2017 mib2c.column_...
-rw-r--r-- 1 root wheel 728 7 16 2017 mib2c.column_...
-rw-r--r-- 1 root wheel 11942 7 16 2017 mib2c.conf
-rw-r--r-- 1 root wheel 3471 7 16 2017 mib2c.create-...
-rw-r--r-- 1 root wheel 22345 7 16 2017 mib2c.iterate...
-rw-r--r-- 1 root wheel 15095 7 16 2017 mib2c.iterate...
-rw-r--r-- 1 root wheel 948 7 16 2017 mib2c.mfd.conf
-rw-r--r-- 1 root wheel 9182 7 16 2017 mib2c.old-api...
-rw-r--r-- 1 root wheel 4455 7 16 2017 mib2c.scalar....
-rw-r--r-- 1 root wheel 431 7 16 2017 snmp_perl_tra...
$
snmpd.confは存在しなかった.
***snmpconfのコマンドヘルプの確認
sndmpdは,snmpd.confで設定を制御するが,まずは/usr/bin/...
まずは,コマンドヘルプを.
$ /usr/bin/snmpconf -h🆑
/usr/bin/snmpconf [options] [FILETOCREATE...]
options:
-f overwrite existing files without prompting
-i install created files into /usr/share/snmp.
-p install created files into /Users/ujpadmi...
-I DIR install created files into DIR.
-a Don't ask any questions, just read in cur...
current .conf files and comment them
-r all|none Read in all or none of the .conf files fo...
-R file,... Read in a particular list of .conf files.
-g GROUP Ask a series of GROUPed questions.
-G List known GROUPs.
-c conf_dir use alternate configuration directory.
-q run more quietly with less advice.
-d turn on debugging output.
-D turn on debugging dumper output.
$
新しいファイルを/usr/share/snmp以下に作成するのでiオプ...
$ sudo /usr/bin/snmpconf -i🆑
Password:🆑
The following installed configuration files were found:
1: ./snmpd.conf
2: /etc/snmp/snmpd.conf🈁
Would you like me to read them in? Their content will b...
output files created by this session.
Valid answer examples: "all", "none","3","1,2,5"
Read in which (default = all):🈁
他にsnmpd.confファイルが見つかったので,マージするか問...
今回はマージしないので,noneを選択.
Read in which (default = all): none🆑
I can create the following types of configuration files ...
Select the file type you wish to create:
(you can create more than one as you run this program)
1: snmp.conf
2: snmptrapd.conf
3: snmpd.conf
Other options: quit
Select File:
ファイルタイプは,snmpd.confにしたいので,3を選択.
Select File: 3🆑
The configuration information which can be put into snmp...
into sections. Select a configuration section for snmpd...
that you wish to create:
1: Agent Operating Mode
2: Monitor Various Aspects of the Running Host
3: Trap Destinations
4: System Information Setup🈁
5: Extending the Agent
6: Access Control Setup
Other options: finished🈁
Select section:
今回は,ここまでで一旦終了するので,finishedと入力.
Select section: finished🆑
I can create the following types of configuration files ...
Select the file type you wish to create:
(you can create more than one as you run this program)
1: snmp.conf
2: snmptrapd.conf
3: snmpd.conf
Other options: quit🈁
Select File:
終了するのでquitを入力.
Select File: quit🆑
Error: An snmpd.conf file already exists in this directo...
'overwrite', 'skip', 'rename' or 'append'? :
さっきファイルはなかったのに?overwriteを選択.
'overwrite', 'skip', 'rename' or 'append'? : overwrite🆑
The following files were created:
snmpd.conf installed in /usr/share/snmp
$
ファイルができたようなので,中身を確認.
$ cat /usr/share/snmp/snmpd.conf🆑
########################################################...
#
# snmpd.conf
#
# - created by the snmpconf configuration program
#
$
何も設定してないので,何もないね.
***snmpd.confにシステム情報を設定する
snmpconfを実行.
$ sudo /usr/bin/snmpconf -i🆑
Password:🆑
The following installed configuration files were found:
1: /etc/snmp/snmpd.conf
2: /usr/share/snmp/snmpd.conf
Would you like me to read them in? Their content will b...
output files created by this session.
Valid answer examples: "all", "none","3","1,2,5"
Read in which (default = all):
2番の設定をマージするので2を選択.
Read in which (default = all): 2🆑
I can create the following types of configuration files ...
Select the file type you wish to create:
(you can create more than one as you run this program)
1: snmptrapd.conf
2: snmp.conf
3: snmpd.conf
Other options: quit
Select File:
3番を選択.
Select File: 3🆑
The configuration information which can be put into snmp...
into sections. Select a configuration section for snmpd...
that you wish to create:
1: Agent Operating Mode
2: Monitor Various Aspects of the Running Host
3: Trap Destinations
4: System Information Setup🈁
5: Extending the Agent
6: Access Control Setup
Other options: finished
Select section:
今回のセットアップはシステム情報になるので,4を選択.
Select section: 4🆑
Section: System Information Setup
Description:
This section defines some of the information reported in
the "system" mib group in the mibII tree.
Select from:
1: The [typically physical] location of the system.🈁
2: The contact information for the administrator
3: The proper value for the sysServices object.
Other options: finished, list
Select section:
****syslocationの設定
最初は,物理的な場所を設定するので,1を選択.
Select section: 1🆑
Configuring: syslocation
Description:
The [typically physical] location of the system.
Note that setting this value here means that when tr...
perform an snmp SET operation to the sysLocation.0 v...
the agent return the "notWritable" error code. IE, ...
this token in the snmpd.conf file will disable write...
the variable.
arguments: location_string
The location of the system:
任意のロケーション情報を入力する.ここでは,BCPセンタ用...
The location of the system: BCP🆑
Finished Output: syslocation BCP🈁
Section: System Information Setup
Description:
This section defines some of the information reported in
the "system" mib group in the mibII tree.
Select from:
1: The [typically physical] location of the system.
2: The contact information for the administrator🈁
3: The proper value for the sysServices object.
Other options: finished, list
Select section:
****syscontactの設定
次に,管理者の連絡先を入力するために2を選択.
Select section: 2🆑
Configuring: syscontact
Description:
The contact information for the administrator
Note that setting this value here means that when tr...
perform an snmp SET operation to the sysContact.0 va...
the agent return the "notWritable" error code. IE, ...
this token in the snmpd.conf file will disable write...
the variable.
arguments: contact_string
The contact information:
メールアドレスを設定.
The contact information: 管理者メールアドレス
Finished Output: syscontact 管理者メールアドレス
Section: System Information Setup
Description:
This section defines some of the information reported in
the "system" mib group in the mibII tree.
Select from:
1: The [typically physical] location of the system.
2: The contact information for the administrator
3: The proper value for the sysServices object.🈁
Other options: finished, list
Select section:
****sysservicesの設定
sysServices Objectの設定を行うので,3を入力.
Select section: 3🆑
Configuring: sysservices
Description:
The proper value for the sysServices object.
arguments: sysservices_number
does this host offer physical services (eg, like a repea...
Yesの場合1を,Noの場合0を入力.
does this host offer physical services (eg, like a repea...
does this host offer datalink/subnetwork services (eg, l...
does this host offer internet services (eg, supports IP)...
does this host offer end-to-end services (eg, supports T...
does this host offer application services (eg, supports ...
-物理層でのサービスをしてないので,0を選択.
-データリンク層でのサービスをしてないので,0を入力.
-IP層でサービスをしているので1を入力.
-TCP層でサービスをしているので1を入力.
-アプリケーション層でサービスをしているので1を入力.
このように答えると,sysservicesは76となる.
Finished Output: sysservices 76🈁
Section: System Information Setup
Description:
This section defines some of the information reported in
the "system" mib group in the mibII tree.
Select from:
1: The [typically physical] location of the system.
2: The contact information for the administrator
3: The proper value for the sysServices object.
Other options: finished, list
Select section:
****設定を確認し保存する
これまで設定した内容を確認するのでlistと入力.
Select section: list🆑
Lines defined for section "System Information Setup" so ...
syslocation BCP🈁
syscontact 管理者メールアドレス🈁
sysservices 76🈁
Section: System Information Setup
Description:
This section defines some of the information reported in
the "system" mib group in the mibII tree.
Select from:
1: The [typically physical] location of the system.
2: The contact information for the administrator
3: The proper value for the sysServices object.
Other options: finished, list
Select section:
ここまでの内容で保存するのでfinishedやquitを入力して終...
Select section: finished🆑
The configuration information which can be put into snmp...
into sections. Select a configuration section for snmpd...
that you wish to create:
1: Agent Operating Mode
2: Monitor Various Aspects of the Running Host
3: Trap Destinations
4: System Information Setup
5: Extending the Agent
6: Access Control Setup
Other options: finished
Select section: finished🆑
I can create the following types of configuration files ...
Select the file type you wish to create:
(you can create more than one as you run this program)
1: snmptrapd.conf
2: snmpd.conf
3: snmp.conf
Other options: quit🆑
Select File: quit
The following files were created:
snmpd.conf installed in /usr/share/snmp
$
保存されたsnmpd.confファイルを確認する.
$ cat /usr/share/snmp/snmpd.conf🆑
########################################################...
#
# snmpd.conf
#
# - created by the snmpconf configuration program
#
########################################################...
# SECTION: System Information Setup
#
# This section defines some of the information reporte...
# the "system" mib group in the mibII tree.
# syslocation: The [typically physical] location of the ...
# Note that setting this value here means that when tr...
# perform an snmp SET operation to the sysLocation.0 v...
# the agent return the "notWritable" error code. IE, ...
# this token in the snmpd.conf file will disable write...
# the variable.
# arguments: location_string
syslocation BCP
# syscontact: The contact information for the administra...
# Note that setting this value here means that when tr...
# perform an snmp SET operation to the sysContact.0 va...
# the agent return the "notWritable" error code. IE, ...
# this token in the snmpd.conf file will disable write...
# the variable.
# arguments: contact_string
syscontact 管理者メールアドレス
# sysservices: The proper value for the sysServices obje...
# arguments: sysservices_number
sysservices 76
$
設定が保存されていることを確認.
**監視設定を定義する
プロセス,ディスク容量,ロードアベレージ,ファイルサイ...
まずは,サイド編集モードまで.
$ sudo /usr/bin/snmpconf -i🆑
Password:🆑
The following installed configuration files were found:
1: /etc/snmp/snmpd.conf
2: /usr/share/snmp/snmpd.conf🈁
Would you like me to read them in? Their content will b...
output files created by this session.
Valid answer examples: "all", "none","3","1,2,5"
Read in which (default = all): 2🆑
I can create the following types of configuration files ...
Select the file type you wish to create:
(you can create more than one as you run this program)
1: snmp.conf
2: snmptrapd.conf
3: snmpd.conf🈁
Other options: quit
Select File: 3🆑
The configuration information which can be put into snmp...
into sections. Select a configuration section for snmpd...
that you wish to create:
1: Agent Operating Mode
2: Monitor Various Aspects of the Running Host🈁
3: Trap Destinations
4: System Information Setup
5: Extending the Agent
6: Access Control Setup
Other options: finished
Select section: 2🆑
Section: Monitor Various Aspects of the Running Host
Description:
The following check up on various aspects of a host.
Select from:
1: Check for processes that should be running.🈁
2: Check for disk space usage of a partition.
3: Check for unreasonable load average values.
4: Check on the size of a file.
Other options: finished, list
Select section:
ここから先は,メニューを順番に選んでいく.
***プロセスの監視を行う
Check for processes that should be running.を選択する.
Select section: 1🆑
Configuring: proc🈁
Description:
Check for processes that should be running.
proc NAME [MAX=0] [MIN=0]
NAME: the name of the process to check for. It m...
exactly (ie, http will not find httpd proce...
MAX: the maximum number allowed to be running. ...
MIN: the minimum number to be running. Defaults...
The results are reported in the prTable section of t...
Special Case: When the min and max numbers are both...
you want a max of infinity and a min of 1.
Name of the process you want to check on:
ここでは,Sambaのプロセスを監視する.プロセス名はsmbd.
単純にプロセス名だけを指定する.
Name of the process you want to check on: smbd🆑
Maximum number of processes named 'smbd' that should be ...
Minimum number of processes named 'smbd' that should be ...
Finished Output: proc smbd
Section: Monitor Various Aspects of the Running Host
Description:
The following check up on various aspects of a host.
Select from:
1: Check for processes that should be running.
2: Check for disk space usage of a partition.
3: Check for unreasonable load average values.
4: Check on the size of a file.
Other options: finished, list
Select section:
今回は,プロセス数をmaxもminも,何も指定しないで0(ゼロ)...
***ディスクの空き容量の監視を行う
今回は,例として/Volumes/RAID0_12TBというボリュームが95...
select section: 2🆑
Configuring: disk🈁
Description:
Check for disk space usage of a partition.
The agent can check the amount of available disk sp...
sure it is above a set limit.
disk PATH [MIN=100000]
PATH: mount path to the disk in question.
MIN: Disks with space below this value will have...
Can be a raw integer value (units of kB) or...
symbol. Default value = 100000.
The results are reported in the dskTable section of...
Enter the mount point for the disk partion to be checke...
Enter the minimum amount of space that should be availa...
Finished Output: disk /Volumes/RAID0_12TB 95%🈁
Section: Monitor Various Aspects of the Running Host
Description:
The following check up on various aspects of a host.
Select from:
1: Check for processes that should be running.
2: Check for disk space usage of a partition.
3: Check for unreasonable load average values.
4: Check on the size of a file.
Other options: finished, list
Select section:
システムドライブを指定する場合は,70%くらいが良いのだと...
***ロードアベレージを監視する
ロードアベレージは,CPU1つがビジー状態だと1なので,今回...
Select section: 3🆑
Configuring: load
Description:
Check for unreasonable load average values.
Watch the load average levels on the machine.
load [1MAX=12.0] [5MAX=12.0] [15MAX=12.0]
1MAX: If the 1 minute load average is above this ...
time, the errorFlag will be set.
5MAX: Similar, but for 5 min average.
15MAX: Similar, but for 15 min average.
The results are reported in the laTable section of t...
Enter the maximum allowable value for the 1 minute load ...
Enter the maximum allowable value for the 5 minute load ...
Enter the maximum allowable value for the 15 minute load...
Finished Output: load 12 8 4🈁
Section: Monitor Various Aspects of the Running Host
Description:
The following check up on various aspects of a host.
Select from:
1: Check for processes that should be running.
2: Check for disk space usage of a partition.
3: Check for unreasonable load average values.
4: Check on the size of a file.
Other options: finished, list
Select section:
一旦はこれで.
***ファイルサイズの監視
継続することで大きくなるファイルを監視する.ここではmac...
ファイルサイズは30000KB(30Mbyte)とした.
Select section: 4🆑
Configuring: file
Description:
Check on the size of a file.
Display a files size statistics.
If it grows to be too large, report an error about it.
file /path/to/file [maxsize_in_kilobytes]
if maxsize is not specified, assume only size rep...
The results are reported in the fileTable section of...
Enter the path to the file you wish to monitor: /var/log...
Enter the maximum size (in kilobytes) allowable for /var...
Finished Output: file /var/log/system.log 30000
Section: Monitor Various Aspects of the Running Host
Description:
The following check up on various aspects of a host.
Select from:
1: Check for processes that should be running.
2: Check for disk space usage of a partition.
3: Check for unreasonable load average values.
4: Check on the size of a file.
Other options: finished, list
Select section:
ここまでで一通り終了.
****設定を確認し,終了する.
これまで設定した内容を確認するために,listコマンドを実...
Select section: list🆑
Lines defined for section "Monitor Various Aspects of th...
proc smbd
disk /Volumes/RAID0_12TB 95%
load 12 8 4
file /var/log/system.log 30000
Section: Monitor Various Aspects of the Running Host
Description:
The following check up on various aspects of a host.
Select from:
1: Check for processes that should be running.
2: Check for disk space usage of a partition.
3: Check for unreasonable load average values.
4: Check on the size of a file.
Other options: finished, list
問題ないので,finishedやquitで終了.
Select section: finished🆑
The configuration information which can be put into snmp...
into sections. Select a configuration section for snmpd...
that you wish to create:
1: Agent Operating Mode
2: Monitor Various Aspects of the Running Host
3: Trap Destinations
4: System Information Setup
5: Extending the Agent
6: Access Control Setup
Other options: finished🈁
Select section: finished🆑
I can create the following types of configuration files ...
Select the file type you wish to create:
(you can create more than one as you run this program)
1: snmp.conf
2: snmptrapd.conf
3: snmpd.conf
Other options: quit🈁
Select File: quit🆑
The following files were created:
snmpd.conf installed in /usr/share/snmp🈁
$
設定ファイルが書き出された模様.
****snmpd.confファイルを確認する
ここまでで設定されたsnmpd.confファイルを確認する.
$ cat /usr/share/snmp/snmpd.conf🆑
########################################################...
#
# snmpd.conf
#
# - created by the snmpconf configuration program
#
########################################################...
# SECTION: Monitor Various Aspects of the Running Host
#
# The following check up on various aspects of a host.
# proc: Check for processes that should be running.
# proc NAME [MAX=0] [MIN=0]
#
# NAME: the name of the process to check for. It m...
# exactly (ie, http will not find httpd proce...
# MAX: the maximum number allowed to be running. ...
# MIN: the minimum number to be running. Defaults...
#
# The results are reported in the prTable section of t...
# Special Case: When the min and max numbers are both...
# you want a max of infinity and a min of 1.
proc smbd🈁
# disk: Check for disk space usage of a partition.
# The agent can check the amount of available disk spa...
# sure it is above a set limit.
#
# disk PATH [MIN=100000]
#
# PATH: mount path to the disk in question.
# MIN: Disks with space below this value will have ...
# Can be a raw integer value (units of kB) or ...
# symbol. Default value = 100000.
#
# The results are reported in the dskTable section of ...
disk /Volumes/RAID0_12TB 95%🈁
# load: Check for unreasonable load average values.
# Watch the load average levels on the machine.
#
# load [1MAX=12.0] [5MAX=12.0] [15MAX=12.0]
#
# 1MAX: If the 1 minute load average is above this ...
# time, the errorFlag will be set.
# 5MAX: Similar, but for 5 min average.
# 15MAX: Similar, but for 15 min average.
#
# The results are reported in the laTable section of t...
load 12 8 4🈁
# file: Check on the size of a file.
# Display a files size statistics.
# If it grows to be too large, report an error about it.
#
# file /path/to/file [maxsize_in_kilobytes]
#
# if maxsize is not specified, assume only size rep...
#
# The results are reported in the fileTable section of...
file /var/log/system.log 30000🈁
########################################################...
# SECTION: System Information Setup
#
# This section defines some of the information reporte...
# the "system" mib group in the mibII tree.
# syslocation: The [typically physical] location of the ...
# Note that setting this value here means that when tr...
# perform an snmp SET operation to the sysLocation.0 v...
# the agent return the "notWritable" error code. IE, ...
# this token in the snmpd.conf file will disable write...
# the variable.
# arguments: location_string
syslocation BCP🈁
# syscontact: The contact information for the administra...
# Note that setting this value here means that when tr...
# perform an snmp SET operation to the sysContact.0 va...
# the agent return the "notWritable" error code. IE, ...
# this token in the snmpd.conf file will disable write...
# the variable.
# arguments: contact_string
syscontact 管理者メールアドレス
# sysservices: The proper value for the sysServices obje...
# arguments: sysservices_number
sysservices 76🈁
$
コメントとかが多い...
シンプルに書き直す.
$ cat /usr/share/snmp/snmpd.conf🆑
syslocation BCP
syscontact 管理者メールアドレス
sysservices 76
proc smbd
disk /Volumes/RAID0_12TB 95%
disk /Volumes/zeusHD 80%
load 12 8 4
file /var/log/system.log 30000
$
たくさん書いてきたけれど,これだけ.
**監視設定を有効化する
今回設定した内容を反映させる.
HUPシグナルをsnmpdプロセスに送ることで,反映させる.
$ ps -ef|grep snmpd🆑
0 66808🈁 1 0 17 519 ?? 3:22.25 /usr/l...
501 43526 42924 0 6:38PM ttys003 0:00.01 grep sn...
$ sudo kill -HUP 66808🆑
$ ps -ef|grep snmpd🆑
0 66808 1 0 17 519 ?? 3:22.27 /usr/li...
501 43533 42924 0 6:39PM ttys003 0:00.00 grep sn...
$
設定した内容が反映されているか確認.
$ snmpwalk -v 2c -c public localhost🆑
SNMPv2-MIB::sysContact.0 = STRING: 管理者メールアドレス
SNMPv2-MIB::sysContact.0 = No more variables left in thi...
$
メールアドレスが出てきたから,正しく設定された模様.た...
**セキュリティ設定を行う
com2secパラメータを設定して,アクセス制御を行う.
まずは,デフォルトのsnmpd.confを確認.(コメントを外し...
$ cat /etc/snmp/snmpd.conf|grep -v -e '^#'|grep -v -e '^...
com2sec local localhost COMMUNITY🈁
com2sec mynetwork NETWORK/24 COMMUNITY🈁
group MyRWGroup v1 local
group MyRWGroup v2c local
group MyRWGroup usm local
group MyROGroup v1 mynetwork
group MyROGroup v2c mynetwork
group MyROGroup usm mynetwork
view all included .1 80
access MyROGroup "" any noauth exact all ...
access MyRWGroup "" any noauth exact all ...
rwuser admin
rocommunity public default .1.3.6.1.2.1.1.4🈁
syslocation Right here, right now.
syscontact Administrator <postmaster@example.com>
sysservices 76
proc httpd
exec echotest /bin/echo hello world
exec web_status /Applications/Server.app/Contents/Server...
exec netboot /Applications/Server.app/Contents/ServerRoo...
disk / 10000
$
macOSの場合,execの以降の部分がついている模様.Server.a...
今回は com2sec local にprivate,com2sec mynetworkにpubl...
また,mibのノードは,.1.3.6.1.2.1.1.4となっているが,最...
まずはオリジナルのファイルをバックアップ.
$ sudo cp -p /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.v...
$
変更後の差分を確認.
$ diff /etc/snmp/snmpd.conf.v00 /etc/snmp/snmpd.conf🆑
61,62c61,62
< com2sec local localhost COMMUNITY
< com2sec mynetwork NETWORK/24 COMMUNITY
---
> com2sec local localhost private
> com2sec mynetwork NETWORK/24 public
98c98,99
< rocommunity public default .1.3.6.1.2.1.1.4
---
> #rocommunity public default .1.3.6.1.2.1.1.4
> rocommunity public default .1
103c104
< #rwcommunity private
---
> rwcommunity private
$
rwcommunity,rwなので書き込みを,privateのコミュニティ...
これで設定完了.
**snmpwalkでMIB情報を取得
snmpd.confを変更したので,SNMPDを再起動して反映させる.
$ sudo launchctl unload -w /System/Library/LaunchDaemons...
Password:🆑
$ ps -ef|grep snmpd🆑
501 62844 61321 0 8:02PM ttys003 0:00.00 grep sn...
$ sudo launchctl load -w /System/Library/LaunchDaemons/o...
$ ps -ef|grep snmpd🆑
0 62848 1 0 8:03PM ?? 0:00.20 /usr/li...
501 62851 61321 0 8:03PM ttys003 0:00.00 grep sn...
$
情報が取得できるようになったか,確認する.
$ snmpwalk -v 2c -c public localhost|head -n 10🆑
SNMPv2-MIB::sysDescr.0 = STRING: Darwin zeus.local 17.7....
Wed Feb 27 00:43:23 PST 2019; root:xnu-4570.71.35~1/REL...
SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAg...
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (9626) ...
SNMPv2-MIB::sysContact.0 = STRING: 管理者メールアドレス
SNMPv2-MIB::sysName.0 = STRING: zeus.local
SNMPv2-MIB::sysLocation.0 = STRING: BCP
SNMPv2-MIB::sysServices.0 = INTEGER: 76
SNMPv2-MIB::sysORLastChange.0 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORID.1 = OID: SNMP-MPD-MIB::snmpMPDMIBObj...
SNMPv2-MIB::sysORID.2 = OID: SNMP-USER-BASED-SM-MIB::usm...
$
データ取得ができた.
**おさらい
今回,設定した内容を整理.
$ cat /etc/snmp/snmpd.conf|grep -v -e '^#'|grep -v -e '^...
com2sec local localhost private
com2sec mynetwork NETWORK/24 public
group MyRWGroup v1 local
group MyRWGroup v2c local
group MyRWGroup usm local
group MyROGroup v1 mynetwork
group MyROGroup v2c mynetwork
group MyROGroup usm mynetwork
view all included .1 80
access MyROGroup "" any noauth exact all ...
access MyRWGroup "" any noauth exact all ...
rwuser admin
rocommunity public default .1
rwcommunity private
syslocation Right here, right now.
syscontact Administrator <postmaster@example.com>
sysservices 76
proc httpd
exec echotest /bin/echo hello world
exec web_status /Applications/Server.app/Contents/Server...
exec netboot /Applications/Server.app/Contents/ServerRoo...
disk / 10000
$
$ cat /usr/share/snmp/snmpd.conf|grep -v -e '^#'|grep -v...
syslocation BCP
syscontact 管理者メールアドレス
syslocation BCP
sysservices 76
proc smbd
disk /Volumes/RAID0_12TB 95%
disk /Volumes/zeusHD 80%
load 12 8 4
file /var/log/system.log 30000
$
ページ名:
Counter: 0, today: 0, yesterday: 0
広告スペース
検索用語を入力
検索フォームを送信
Web
www.ujp.jp