一. 交换机开启SNMP协议

snmp-agent sys-info version v2 #v2为snmp协议版本 snmp-agent community read ci test1234 #团体名 snmp-agent trap enable snmp-agent target-host trap address udp-domain 192.168.1.9 params securityname Public123456 #允许向snmp服务器发送trap报文

二. 部署snmp_exporter

github官方地址: https://github.com/prometheus/snmp_exporter

1、下载snmp_exporter

wget https://github.com/prometheus/snmp_exporter/releases/download/v0.19.0/snmp_exporter-0.19.0.linux-amd64.tar.gz tar xf snmp_exporter-0.19.0.linux-amd64.tar.gz -C /opt/

2、编译安装generator，生成snmp_exporter配置文件snmp.yml

generator：使用netsnmp解析mibs，通过它为snmp_exporter生成配置文件信息

2.1 安装Go环境

golang官方下载地址：https://golang.org/dl/

wget https://dl.google.com/go/go1.11.5.linux-amd64.tar.gz tar xf go1.11.5.linux-amd64.tar.gz -C /usr/local/ vim /etc/profile export GOROOT=/usr/local/go export PATH=$PATH:$GOROOT/bin source /etc/profile go version #显示版本号即安装成功

2.2 编译安装generator

yum install gcc gcc-g++ make net-snmp net-snmp-utils net-snmp-libs net-snmp-devel -y go get github.com/prometheus/snmp_exporter/generator cd ${GOPATH-$HOME/go}/src/github.com/prometheus/snmp_exporter/generator go build make mibs #如果已下载相关设备厂家提供的mib文件则无需再次生成mib库，跳过此步

2.3 获取需要监控的硬件设备mib库

去相关交换机厂商官方地址下载相关mib文件

APC

Servertech

Palo Alto PanOS 7.0 enterprise MIBs

Arista Networks

Arista Networks

Arista Networks

Synology

MikroTik

UCD-SNMP-MIB(Net-SNMP)

Ubiquiti Networks

Ubiquiti Networks

Ubiquiti Networks

Cisco

将获取的mib文件上传至${GOPATH-$HOME/go}/src/github.com/prometheus/snmp_exporter/generator

2.4 编写generator配置文件

generator.yml提供模块列表。最简单的模块只是一个name和一组walk的oid

github官方地址:

modules: module_name: # The module name. You can have as many modules as you want. walk: # List of OIDs to walk. Can also be SNMP object names or specific instances. - 1.3.6.1.2.1.2 # Same as "interfaces" - sysUpTime # Same as "1.3.6.1.2.1.1.3" - 1.3.6.1.2.1.31.1.1.1.6.40 # Instance of "ifHCInOctets" with index "40" version: 2 # SNMP version to use. Defaults to 2. # 1 will use GETNEXT, 2 and 3 use GETBULK. max_repetitions: 25 # How many objects to request with GET/GETBULK, defaults to 25. # May need to be reduced for buggy devices. retries: 3 # How many times to retry a failed request, defaults to 3. timeout: 5s # Timeout for each individual SNMP request, defaults to 5s. auth: # Community string is used with SNMP v1 and v2. Defaults to "public". community: public # v3 has different and more complex settings. # Which are required depends on the security_level. # The equivalent options on NetSNMP commands like snmpbulkwalk # and snmpget are also listed. See snmpcmd(1). username: user # Required, no default. -u option to NetSNMP. security_level: noAuthNoPriv # Defaults to noAuthNoPriv. -l option to NetSNMP. # Can be noAuthNoPriv, authNoPriv or authPriv. password: pass # Has no default. Also known as authKey, -A option to NetSNMP. # Required if security_level is authNoPriv or authPriv. auth_protocol: MD5 # MD5, SHA, SHA224, SHA256, SHA384, or SHA512. Defaults to MD5. -a option to NetSNMP. # Used if security_level is authNoPriv or authPriv. priv_protocol: DES # DES, AES, AES192, or AES256. Defaults to DES. -x option to NetSNMP. # Used if security_level is authPriv. priv_password: otherPass # Has no default. Also known as privKey, -X option to NetSNMP. # Required if security_level is authPriv. context_name: context # Has no default. -n option to NetSNMP. # Required if context is configured on the device. lookups: # Optional list of lookups to perform. # The default for `keep_source_indexes` is false. Indexes must be unique for this option to be used. # If the index of a table is bsnDot11EssIndex, usually that'd be the label # on the resulting metrics from that table. Instead, use the index to # lookup the bsnDot11EssSsid table entry and create a bsnDot11EssSsid label # with that value. - source_indexes: [bsnDot11EssIndex] lookup: bsnDot11EssSsid drop_source_indexes: false # If true, delete source index labels for this lookup. # This avoids label clutter when the new index is unique. overrides: # Allows for per-module overrides of bits of MIBs metricName: ignore: true # Drops the metric from the output. regex_extracts: Temp: # A new metric will be created appending this to the metricName to become metricNameTemp. - regex: '(.*)' # Regex to extract a value from the returned SNMP walks's value. value: '$1' # The result will be parsed as a float64, defaults to $1. Status: - regex: '.*Example' value: '1' # The first entry whose regex matches and whose value parses wins. - regex: '.*' value: '0' type: DisplayString # Override the metric type, possible types are: # gauge: An integer with type gauge. # counter: An integer with type counter. # OctetString: A bit string, rendered as 0xff34. # DateAndTime: An RFC 2579 DateAndTime byte sequence. If the device has no time zone data, UTC is used. # DisplayString: An ASCII or UTF-8 string. # PhysAddress48: A 48 bit MAC address, rendered as 00:01:02:03:04:ff. # Float: A 32 bit floating-point value with type gauge. # Double: A 64 bit floating-point value with type gauge. # InetAddressIPv4: An IPv4 address, rendered as 1.2.3.4. # InetAddressIPv6: An IPv6 address, rendered as 0102:0304:0506:0708:090A:0B0C:0D0E:0F10. # InetAddress: An InetAddress per RFC 4001. Must be preceded by an InetAddressType. # InetAddressMissingSize: An InetAddress that violates section 4.1 of RFC 4001 by # not having the size in the index. Must be preceded by an InetAddressType. # EnumAsInfo: An enum for which a single timeseries is created. Good for constant values. # EnumAsStateSet: An enum with a time series per state. Good for variable low-cardinality enums. # Bits: An RFC 2578 BITS construct, which produces a StateSet with a time series per bit. modules: if_mib: walk: - 1.3.6.1.2.1.1.3 # sysuptime - 1.3.6.1.2.1.2.2.1.8 # 接口当前状态 - 1.3.6.1.2.1.31.1.1.1.1 # 是采集端口名称列表的oid - 1.3.6.1.2.1.31.1.1.1.6 # 是采集端口流入流量的oid - 1.3.6.1.2.1.31.1.1.1.10 # 是采集端口流出流量的oid - 1.3.6.1.2.1.31.1.1.1.15 # 是采集端口总带宽的oid - 1.3.6.1.4.1.2021.10.1.3.1 # cpu一分钟负载 - 1.3.6.1.4.1.2021.11.11 # CPU idle率 - 1.3.6.1.4.1.2021.11.9 # CPU user率 - 1.3.6.1.4.1.2021.11.10 # CPU system率 - 1.3.6.1.4.1.2021.4.5 # 内存总数 - 1.3.6.1.4.1.2021.4.6 # 内存可用量 - 1.3.6.1.4.1.2021.4.14 # 内存buffered - 1.3.6.1.4.1.2021.4.15 # 内存Cached version: 2 auth: community: # snmp密码 lookups: - source_indexes: [ifIndex] lookup: ifAlias - source_indexes: [ifIndex] lookup: ifDescr - source_indexes: [ifIndex] lookup: ifName overrides: ifAlias: ignore: true ifDescr: ignore: true ifName: ignore: true ifType: type: EnumAsInfo

这里generator.yml需要注意两点

2.4.1 walk下面写的是你需要查询的信息对应的oid，这个像华为交换机都是可以在原厂文档上查的到的；要监控交换机的端口流量、状态，CPU使用率，内存状态，温度等，关键是找出与之相对应的oidoid信息可参考如下地址：http://oid-info.com/

获取到的监控信息相关的oid可通过snmpwalk过滤查询

snmpwalk命令格式如下：

snmpwalk -v "snmp版本" -c "coummunity" IP oid(可选) #通过snmpwalk查询过滤出有值的数据，获取子节点值 snmpwalk -v 2c -c test1234 192.168.1.100 1.3.6.1.4.1.2011.5.25.31.1.1.1.1.11|grep -v 0$

2.4.2 还有一点就是community这个要写自己设置的团体名，如果不知道可以自己手动设置一个，我这里设置的是test1234

其他的地方基本不需要修改，模块名也可以改，后面使用snmp查的时候、写prometheus配置文件的时候对应也写自己刚刚修改的mib名称就好。

numAsInfo和EnumAsStateSet

SNMP包含整数索引枚举（枚举）的概念。在Prometheus中有两种表示这些字符串的方法。它们可以是“信息”指标，也可以是“状态集”。SNMP没有指定应使用的内容，这取决于数据的使用情况。一些用户可能更喜欢原始整数值，而不是字符串。

为了将枚举整数设置为字符串映射，必须使用两个替代之一。

EnumAsInfo应该用于提供类似库存数据的属性。例如设备类型，颜色名称等。此值必须恒定。

EnumAsStateSet应该用于表示状态或您可能需要警惕的事物。例如，链接状态是打开还是关闭，处于错误状态，面板是打开还是关闭等。请注意不要将其用于高基数值，因为它将为每个可能的值生成1个时间序列。

2.5 运行generator生成snmp.yml

export MIBDIRS=mibs #指定mib库路径 ./generator generate cp snmp.yml /usr/local/snmp_exporter/ #将生成的snmp配置移到snmp_exporter目录下

3、运行snmp_exporter

./snmp_exporter --config.file=/usr/local/snmp_exporter/snmp.yml

比较大的counter类型数据的值如何处理

为了为Counter64较大的值提供准确的计数器，snmp_exporter将每2 ^ 53自动包装该值，以避免64位浮点舍入，

要禁用此功能，可使用命令行参数-no-snmp.wrap-large-counters

4、测试

访问192.168.1.9:9116

traget:192.168.1.222 #snmp设备

module：huawei_mib #模块名，与generator.yml中设置的模块名保持一致

点击提交，可获取snmp数据

三、配置prometheus

1、修改prometheus.yml

在scrape_configs数据抓取配置中加入以下配置信息

scrape_configs: - job_name: 'snmp' static_configs: - targets: - 192.168.1.222 # SNMP device. metrics_path: /snmp params: module: [if_mib] relabel_configs: - source_labels: [__address__] target_label: __param_target - source_labels: [__param_target] target_label: instance - target_label: __address__ replacement: 127.0.0.1:9116 # The SNMP exporter's real hostname:port.

2、重启prometheus

curl -X POST http://localhost:9090/-/reload #如果prometheus启动参数有--web.enable-lifecycle，可通过此命令平滑重启

四、grafana数据可视化

根据snmp_exporter查询到的HELP后查到的参数信息，进行图形化显示。大家可以根据自己的需要去查相应的参数信息，如果想查更多的信息，基本上的流程就是：

效果图

1、将需要查询的交换机信息oid加入到generator.yml文件

2、重新编译generator.yml文件生成snmp.yml文件

3、替换原来的snmp.yml文件

4、重启snmp_exporter