关于不法分子以我司名义诈骗的声明

智象运维 | 如何利用snmp trap监控交换机端口状态(Up/Down)

分类:思科交换机
来源:智象科技
作者:智象产研
发布日期:2023-03-23 06:24:19
阅读:871

智象运维 | 如何利用snmp trap监控交换机端口状态(Up/Down)

 


Extra Large备份 4@1x.jpg 

原理:在智象智能运维平台系统配置安装过程中,利用snmp协议在交换机上设置trap陷阱,

当端口状态发生改变时,通知监控主机,监控主机配置snmptrapd进行接收,然后告警给用户。

 

参考文献:http://www.net-snmp.org/wiki/index.php/TUT:Configuring_snmptrapd

 

一、智象运维中交换机配置部分(需要查看具体产品文档,这里以华为S9306为例):

display snmp-agent trap feature-name ifnet all

------------------------------------------------------------------------------

Feature name: IFNET

Trap number : 17

------------------------------------------------------------------------------

Trap name Default switch status Current switch status

hwIfFlowDown off off

hwIfFlowUp off off

hwIfNameChange off off

hwIfNameChangeResume off off

hwIfMonitorInputRateRising off off

hwIfMonitorInputRateResume off off

hwIfMonitorOutputRateRising off off

hwIfMonitorOutputRateResume off off

hwEntityExtCfmOverSlot off off

hwEntityExtCfmOverCard off off

linkDown off off

linkUp off off

hwIfControlFlapSuppress off off

hwIfControlFlapResume off off

hwExtInterfaceDelete off off

hwIfMonitorCrcErrorRising off off

hwIfMonitorCrcErrorResume off off

------------------------------------------------------------------------------

snmp-agent trap enable feature-name ifnet trap-name linkdown

snmp-agent trap enable feature-name ifnet trap-name linkup

snmp-agent target-host trap address udp-domain 192.168.1.172 source Vlanif 4001 params securityname public v2c

dis snmp-agent target-host

Target-host NO. 1

-----------------------------------------------------------

IP-address : 192.168.1.172trap服务器地址

Source interface : Vlanif4001

VPN instance : -

Security name : %@%@Wkz7H#,G'@JZvn-ayZ"Nf2')%@%@

Port : 162

Type : trap

Version : v2c

Level : No authentication and privacy

NMS type : NMS

With ext-vb : No

-----------------------------------------------------------

 

二、trap服务器配置:

1、安装snmptrapd,根据系统类型安装并配置:

Ubuntu:

apt-get install snmptrapd -y

CentOS:

yum install -y net-snmp net-snmp-utils net-snmp-perl

2、配置snmpd

cat /etc/snmp/snmptrapd.conf

# Example configuration file for snmptrapd

#

# No traps are handled by default, you must edit this file!

#

# authCommunity log,execute,net public

# traphandle SNMPv2-MIB::coldStart /usr/bin/bin/my_great_script cold

authCommunity log,execute,net public

traphandle IF-MIB::linkDown /monitor/notification.sh

traphandle IF-MIB::linkUp /monitor/notification.sh

 

三、编写脚本:

1、告警脚本:

[root@monitor monitor]# cat notification.sh

#!/bin/sh

read blank

read ip

switch_ip=`/bin/echo $ip | /bin/awk -F '[' '{print $2}' | /bin/awk -F ']' '{print $1}'`

while read oid val

do

if [ "$oid" = "SNMPv2-MIB::snmpTrapOID.0" ];then

if_status=`/bin/echo $val | /bin/awk -F"link" '{print $2}'`

fi

if /bin/echo $oid | /bin/grep ifDescr;then

if_name=`/bin/echo $val`

fi

done

if [ $if_status = "Up" ];then

msg=`/bin/echo "OK! Switch($switch_ip) -- $if_name -- $if_status"`

else

msg=`/bin/echo "Critical! Switch($switch_ip) -- $if_name -- $if_status"`

fi

/monitor/sendwx.sh "$msg"

 

 

2、编写sendwx.sh告警通知脚本,根据实际情况自行编写,这里暂不作示例。

 

关注智象科技运维,了解更多~