Небольшая инструкция по включению SNMP на Cisco IronPort.
- Убедитесь что у вас включен SSH. Для этого в веб-панели управления зайдите в Network > IP Interfaces, выберите свой management интерфейс и проверьте стоит ли галочка возле SSH (как показано на рисунке ниже)
- Подключитесь по SSH
- Настройте параметры SNMP с помощью визарда:
relay.somehost> snmpconfig
Current SNMP settings: SNMP Disabled.
Choose the operation you want to perform:
- SETUP - Configure SNMP. []> SETUP
Do you want to enable SNMP? [Y]>
Please choose an IP interface for SNMP requests.
- dmz-172.27.18.0/24 (172.27.18.131/24: relay.somehost)
- dmz-172.27.28.0/24 (172.27.28.131/24: relay.somehost)
- Management (172.27.8.131/24: relay.somehost) [3]> 3
Which port shall the SNMP daemon listen on interface “Management”? [161]>
Please select SNMPv3 authentication type:
- MD5
- SHA [1]> 2
Please select SNMPv3 privacy protocol:
- DES
- AES [1]> 2
Enter the SNMPv3 authentication passphrase. []> Please enter the SNMPv3 authentication passphrase again to confirm. []> Enter the SNMPv3 privacy passphrase. []> Please enter the SNMPv3 privacy passphrase again to confirm. []> Warning: The same authentication and privacy passwords reduce the security of the system. Do you want to set other passwords? [Y]> n
Service SNMP V1/V2c requests? [N]> y
Enter the SNMP V1/V2c community string. [ironport]> <snmp_community>
Shall SNMP V2c requests be serviced from IPv4 addresses? [Y]>
From which IPv4 networks shall SNMP V1/V2c requests be allowed? Separate multiple networks with commas. [127.0.0.1/32]> 172.27.8.0/24
Enter the Trap target as a host name, IP address or list of IP addresses separated by commas (IP address preferred). Enter “None” to disable traps. [127.0.0.1]>
Enter the Trap Community string. [ironport]>
Enterprise Trap Status
- CPUUtilizationExceeded Disabled
- RAIDStatusChange Enabled
- connectivityFailure Disabled
- fanFailure Enabled
- highTemperature Enabled
- keyExpiration Enabled
- linkUpDown Enabled
- memoryUtilizationExceeded Disabled
- powerSupplyStatusChange Enabled
- resourceConservationMode Enabled
- updateFailure Enabled Do you want to change any of these settings? [N]>
Enter the System Location string. [Unknown: Not Yet Configured]> UA, Kiev
Enter the System Contact string. [snmp@localhost]>
Current SNMP settings: Listening on interface “Management” 172.27.8.131/24 port 161. SNMP v3: Enabled. SNMP v1/v2: Enabled, accepting requests from subnet 172.27.8.0/24 . SNMP v1/v2 Community String: <snmp_community> Trap target: 127.0.0.1 Location: UA, Kiev, D50 System Contact: snmp@localhost
Choose the operation you want to perform:
- SETUP - Configure SNMP. []> commit
Do you want to save the current configuration for rollback? [Y]> y
Changes committed: Sun Aug 21 13:35:53 2016 EEST relay.somehost>
- После этих манипуляций вы можете снимать информацию в вашего IronPort’a при помощи SNMP