一. 交换机开启SNMP协议
snmp-agent sys-info version v2 #v2为snmp协议版本
snmp-agent community read ci test1234 #团体名
snmp-agent trap enable
snmp-agent target-host trap address udp-domain 192.168.1.9 params securityname Public123456 #允许向snmp服务器发送trap报文二. 部署snmp_exporter
github官方地址: https://github.com/prometheus/snmp_exporter
1、下载snmp_exporter
wget https://github.com/prometheus/snmp_exporter/releases/download/v0.19.0/snmp_exporter-0.19.0.linux-amd64.tar.gz
tar xf snmp_exporter-0.19.0.linux-amd64.tar.gz -C /opt/2、编译安装generator,生成snmp_exporter配置文件snmp.yml
generator:使用netsnmp解析mibs,通过它为snmp_exporter生成配置文件信息
2.1 安装Go环境
golang官方下载地址:https://golang.org/dl/
wget https://dl.google.com/go/go1.11.5.linux-amd64.tar.gz
tar xf go1.11.5.linux-amd64.tar.gz -C /usr/local/
vim /etc/profile
export GOROOT=/usr/local/go
export PATH=$PATH:$GOROOT/bin
EOF
source /etc/profile
go version #显示版本号即安装成功
2.2 编译安装generator
yum install gcc gcc-g++ make net-snmp net-snmp-utils net-snmp-libs net-snmp-devel -y
go get github.com/prometheus/snmp_exporter/generator
cd ${GOPATH-$HOME/go}/src/github.com/prometheus/snmp_exporter/generator
go build
make mibs #如果已下载相关设备厂家提供的mib文件则无需再次生成mib库,跳过此步
2.3 获取需要监控的硬件设备mib库
去相关交换机厂商官方地址下载相关mib文件
Palo Alto PanOS 7.0 enterprise MIBs
将获取的mib文件上传至${GOPATH-$HOME/go}/src/github.com/prometheus/snmp_exporter/generator
2.4 编写generator配置文件
generator.yml提供模块列表。最简单的模块只是一个name和一组walk的oid
modules:
module_name: # The module name. You can have as many modules as you want.
walk: # List of OIDs to walk. Can also be SNMP object names or specific instances.
- 1.3.6.1.2.1.2 # Same as "interfaces"
- sysUpTime # Same as "1.3.6.1.2.1.1.3"
- 1.3.6.1.2.1.31.1.1.1.6.40 # Instance of "ifHCInOctets" with index "40"
version: 2 # SNMP version to use. Defaults to 2.
# 1 will use GETNEXT, 2 and 3 use GETBULK.
max_repetitions: 25 # How many objects to request with GET/GETBULK, defaults to 25.
# May need to be reduced for buggy devices.
retries: 3 # How many times to retry a failed request, defaults to 3.
timeout: 5s # Timeout for each individual SNMP request, defaults to 5s.
auth:
# Community string is used with SNMP v1 and v2. Defaults to "public".
community: public
# v3 has different and more complex settings.
# Which are required depends on the security_level.
# The equivalent options on NetSNMP commands like snmpbulkwalk
# and snmpget are also listed. See snmpcmd(1).
username: user # Required, no default. -u option to NetSNMP.
security_level: noAuthNoPriv # Defaults to noAuthNoPriv. -l option to NetSNMP.
# Can be noAuthNoPriv, authNoPriv or authPriv.
password: pass # Has no default. Also known as authKey, -A option to NetSNMP.
# Required if security_level is authNoPriv or authPriv.
auth_protocol: MD5 # MD5, SHA, SHA224, SHA256, SHA384, or SHA512. Defaults to MD5. -a option to NetSNMP.
# Used if security_level is authNoPriv or authPriv.
priv_protocol: DES # DES, AES, AES192, or AES256. Defaults to DES. -x option to NetSNMP.
# Used if security_level is authPriv.
priv_password: otherPass # Has no default. Also known as privKey, -X option to NetSNMP.
# Required if security_level is authPriv.
context_name: context # Has no default. -n option to NetSNMP.
# Required if context is configured on the device.
lookups: # Optional list of lookups to perform.
# The default for `keep_source_indexes` is false. Indexes must be unique for this option to be used.
# If the index of a table is bsnDot11EssIndex, usually that'd be the label
# on the resulting metrics from that table. Instead, use the index to
# lookup the bsnDot11EssSsid table entry and create a bsnDot11EssSsid label
# with that value.
- source_indexes: [bsnDot11EssIndex]
lookup: bsnDot11EssSsid
drop_source_indexes: false # If true, delete source index labels for this lookup.
# This avoids label clutter when the new index is unique.
overrides: # Allows for per-module overrides of bits of MIBs
metricName:
ignore: true # Drops the metric from the output.
regex_extracts:
Temp: # A new metric will be created appending this to the metricName to become metricNameTemp.
- regex: '(.*)' # Regex to extract a value from the returned SNMP walks's value.
value: '$1' # The result will be parsed as a float64, defaults to $1.
Status:
- regex: '.*Example'
value: '1' # The first entry whose regex matches and whose value parses wins.
- regex: '.*'
value: '0'
type: DisplayString # Override the metric type, possible types are:
# gauge: An integer with type gauge.
# counter: An integer with type counter.
# OctetString: A bit string, rendered as 0xff34.
# DateAndTime: An RFC 2579 DateAndTime byte sequence. If the device has no time zone data, UTC is used.
# DisplayString: An ASCII or UTF-8 string.
# PhysAddress48: A 48 bit MAC address, rendered as 00:01:02:03:04:ff.
# Float: A 32 bit floating-point value with type gauge.
# Double: A 64 bit floating-point value with type gauge.
# InetAddressIPv4: An IPv4 address, rendered as 1.2.3.4.
# InetAddressIPv6: An IPv6 address, rendered as 0102:0304:0506:0708:090A:0B0C:0D0E:0F10.
# InetAddress: An InetAddress per RFC 4001. Must be preceded by an InetAddressType.
# InetAddressMissingSize: An InetAddress that violates section 4.1 of RFC 4001 by
# not having the size in the index. Must be preceded by an InetAddressType.
# EnumAsInfo: An enum for which a single timeseries is created. Good for constant values.
# EnumAsStateSet: An enum with a time series per state. Good for variable low-cardinality enums.
# Bits: An RFC 2578 BITS construct, which produces a StateSet with a time series per bit.
这里generator.yml需要注意两点
2.4.1 walk下面写的是你需要查询的信息对应的oid,这个像华为交换机都是可以在原厂文档上查的到的;要监控交换机的端口流量、状态,CPU使用率,内存状态,温度等,关键是找出与之相对应的oid
oid信息可参考如下地址:http://oid-info.com/获取到的监控信息相关的oid可通过snmpwalk过滤查询
snmpwalk命令格式如下:
snmpwalk -v "snmp版本" -c "coummunity" IP oid(可选)
#通过snmpwalk查询过滤出有值的数据,获取子节点值
snmpwalk -v 2c -c test1234 192.168.1.100 1.3.6.1.4.1.2011.5.25.31.1.1.1.1.11|grep -v 0$
2.4.2 还有一点就是community这个要写自己设置的团体名,如果不知道可以自己手动设置一个,我这里设置的是test1234
其他的地方基本不需要修改,模块名也可以改,后面使用snmp查的时候、写prometheus配置文件的时候对应也写自己刚刚修改的mib名称就好。
numAsInfo和EnumAsStateSet
SNMP包含整数索引枚举(枚举)的概念。在Prometheus中有两种表示这些字符串的方法。它们可以是“信息”指标,也可以是“状态集”。SNMP没有指定应使用的内容,这取决于数据的使用情况。一些用户可能更喜欢原始整数值,而不是字符串。
为了将枚举整数设置为字符串映射,必须使用两个替代之一。
EnumAsInfo应该用于提供类似库存数据的属性。例如设备类型,颜色名称等。此值必须恒定。
EnumAsStateSet应该用于表示状态或您可能需要警惕的事物。例如,链接状态是打开还是关闭,处于错误状态,面板是打开还是关闭等。请注意不要将其用于高基数值,因为它将为每个可能的值生成1个时间序列。
2.5 运行generator生成snmp.yml
export MIBDIRS=mibs #指定mib库路径
./generator generate
cp snmp.yml /usr/local/snmp_exporter/ #将生成的snmp配置移到snmp_exporter目录下
3、运行snmp_exporter
./snmp_exporter --config.file=/usr/local/snmp_exporter/snmp.yml
比较大的counter类型数据的值如何处理
为了为Counter64较大的值提供准确的计数器,snmp_exporter将每2 ^ 53自动包装该值,以避免64位浮点舍入,
要禁用此功能,可使用命令行参数-no-snmp.wrap-large-counters
4、测试
访问192.168.1.9:9116traget:192.168.1.222 #snmp设备
module:huawei_mib #模块名,与generator.yml中设置的模块名保持一致
点击提交,可获取snmp数据
三、配置prometheus
1、修改prometheus.yml
在scrape_configs数据抓取配置中加入以下配置信息
scrape_configs:
- job_name: 'snmp'
static_configs:
- targets:
- 192.168.1.222 # SNMP device.
metrics_path: /snmp
params:
module: [if_mib]
relabel_configs:
- source_labels: [__address__]
target_label: __param_target
- source_labels: [__param_target]
target_label: instance
- target_label: __address__
replacement: 192.168.1.9:9116 # The SNMP exporter's real hostname:port.
2、重启prometheus
curl -X POST http://localhost:9090/-/reload #如果prometheus启动参数有--web.enable-lifecycle,可通过此命令平滑重启
四、grafana数据可视化
根据snmp_exporter查询到的HELP后查到的参数信息,进行图形化显示。大家可以根据自己的需要去查相应的参数信息,如果想查更多的信息,基本上的流程就是:
1、将需要查询的交换机信息oid加入到generator.yml文件
2、重新编译generator.yml文件生成snmp.yml文件
3、替换原来的snmp.yml文件
4、重启snmp_exporter
原创文章,作者:ItWorker,如若转载,请注明出处:https://blog.ytso.com/175119.html