check_traffic.sh监控格式为Hex-STRING的解决办法。

作者: 魏延是反贼. 分类: Linux, 系统·安全·调优

这两天算是跟SNMP杠上了……各种监控的自定义资源。伤不起了!

“石头”大神写的使用snmp监控网络接口流量的check_traffic脚本可以说是比较好用和成熟的脚本了,

脚本下载:https://github.com/cloved/check_traffic

但是最近在用的时候却发现了一些问题:

同一个脚本,但是在不同的机器上,去查看Windows被监控的网络参数,却读取到的是16进制的数据,数据的前缀明显的是Hex-STRING,这……让我情何以堪……

[root@mon01 libexec]# ./check_traffic.sh -V 2c -C ubisoft -H 10.199.4.11 -L
List Interface for host 10.199.4.11.
RFC1213-MIB::ifDescr.1 = Hex-STRING: 53 6F 66 74 77 61 72 65 20 4C 6F 6F 70 62 61 63
6B 20 49 6E 74 65 72 66 61 63 65 20 31 00
RFC1213-MIB::ifDescr.2 = Hex-STRING: 57 41 4E 20 4D 69 6E 69 70 6F 72 74 20 28 53 53
54 50 29 00
RFC1213-MIB::ifDescr.3 = Hex-STRING: 57 41 4E 20 4D 69 6E 69 70 6F 72 74 20 28 4C 32
54 50 29 00
RFC1213-MIB::ifDescr.4 = Hex-STRING: 57 41 4E 20 4D 69 6E 69 70 6F 72 74 20 28 50 50
54 50 29 00
RFC1213-MIB::ifDescr.5 = Hex-STRING: 57 41 4E 20 4D 69 6E 69 70 6F 72 74 20 28 50 50
50 4F 45 29 00
RFC1213-MIB::ifDescr.6 = Hex-STRING: 57 41 4E 20 4D 69 6E 69 70 6F 72 74 20 28 49 50
76 36 29 00
RFC1213-MIB::ifDescr.7 = Hex-STRING: 57 41 4E 20 4D 69 6E 69 70 6F 72 74 20 28 4E 65
74 77 6F 72 6B 20 4D 6F 6E 69 74 6F 72 29 00
RFC1213-MIB::ifDescr.8 = Hex-STRING: 57 41 4E 20 4D 69 6E 69 70 6F 72 74 20 28 49 50
29 00
RFC1213-MIB::ifDescr.9 = Hex-STRING: 52 41 53 20 41 73 79 6E 63 20 41 64 61 70 74 65
72 00
RFC1213-MIB::ifDescr.10 = Hex-STRING: 57 41 4E 20 4D 69 6E 69 70 6F 72 74 20 28 49 4B
45 76 32 29 00
RFC1213-MIB::ifDescr.11 = Hex-STRING: 42 72 6F 61 64 63 6F 6D 20 42 43 4D 35 37 31 36
43 20 4E 65 74 58 74 72 65 6D 65 20 49 49 20 47
69 67 45 20 28 4E 44 49 53 20 56 42 44 20 43 6C
69 65 6E 74 29 00
RFC1213-MIB::ifDescr.12 = Hex-STRING: 4D 69 63 72 6F 73 6F 66 74 20 49 53 41 54 41 50
20 41 64 61 70 74 65 72 00
RFC1213-MIB::ifDescr.13 = Hex-STRING: 42 72 6F 61 64 63 6F 6D 20 42 43 4D 35 37 31 36
43 20 4E 65 74 58 74 72 65 6D 65 20 49 49 20 47
69 67 45 20 28 4E 44 49 53 20 56 42 44 20 43 6C
69 65 6E 74 29 20 23 32 00

然后就是各种查google,发现没有民间的解决方法,最后只能去查SNMP的官方文档,于是发现了下面的内容:

The list of valid datatypes can be found at the end of the snmpset help output:

   $ snmpset -h |& tail -4
   type - one of i, u, t, a, o, s, x, d, n
     i: INTEGER, u: unsigned INTEGER, t: TIMETICKS, a: IPADDRESS
     o: OBJID, s: STRING, x: HEX STRING, d: DECIMAL STRING
     U: unsigned int64, I: signed int64, F: float, D: double
于是知道了,输出的字符是可以自定义类型的,那么这货一定是输出了x类型……好吧……我们得改,查看check_traffic.sh的内容,发现之所以能使用-L来查看网络设备的列表,是因为它使用了这个语句:

list_interface(){
        $SNMPWALK -v $Version $Community $Host “IF-MIB::ifDescr” |sed ‘s/IF-MIB::ifDescr./Interface index /g’ | sed ‘s/= STRING:/orresponding to /g’
        exit 3

}

知道了之所以能查出interface的列表,调用的其实是snmpwalk的命令,那么我们查看snmpwalk的help,发现其实也是可以定义输出类型的:

-O OUTOPTS        Toggle various defaults controlling output display:
              0:  print leading 0 for single-digit hex characters
              a:  print all strings in ascii format
              b:  do not break OID indexes down
              e:  print enums numerically
              E:  escape quotes in string indices
              f:  print full OIDs on output
              n:  print OIDs numerically
              q:  quick print for easier parsing
              Q:  quick print with equal-signs
              s:  print only last symbolic element of OID
              S:  print MIB module-id plus last element
              t:  print timeticks unparsed as numeric integers
              T:  print human-readable text along with hex strings
              u:  print OIDs using UCD-style prefix suppression
              U:  don’t print units
              v:  print values only (not OID = value)
              x:  print all strings in hex format
              X:  extended index format

我们注意到,可以使用-O选项,后面跟a即可,让所有的东西都用标准的ASCII来显示,于是我们修改脚本,在查看list的那句里面加上 –Oa 这串内容

list_interface(){
$SNMPWALK -v $Version $Community –Oa $Host “IF-MIB::ifDescr” |sed ‘s/IF-MIB::ifDescr./Interface index /g’ | sed ‘s/= STRING:/orresponding to /g’
exit 3

}

再次使用脚本获取~则……:

[root@mon01 libexec]# ./check_traffic.sh -V 2c -C ubisoft -H 10.199.4.11 –L
List Interface for host 10.199.4.11.
RFC1213-MIB::ifDescr.1 orresponding to  “Software Loopback Interface 1.”
RFC1213-MIB::ifDescr.2 orresponding to  “WAN Miniport (SSTP).”
RFC1213-MIB::ifDescr.3 orresponding to  “WAN Miniport (L2TP).”
RFC1213-MIB::ifDescr.4 orresponding to  “WAN Miniport (PPTP).”
RFC1213-MIB::ifDescr.5 orresponding to  “WAN Miniport (PPPOE).”
RFC1213-MIB::ifDescr.6 orresponding to  “WAN Miniport (IPv6).”
RFC1213-MIB::ifDescr.7 orresponding to  “WAN Miniport (Network Monitor).”
RFC1213-MIB::ifDescr.8 orresponding to  “WAN Miniport (IP).”
RFC1213-MIB::ifDescr.9 orresponding to  “RAS Async Adapter.”
RFC1213-MIB::ifDescr.10 orresponding to  “WAN Miniport (IKEv2).”
RFC1213-MIB::ifDescr.11 orresponding to  “Broadcom BCM5716C NetXtreme II GigE (NDIS VBD Client).”
RFC1213-MIB::ifDescr.12 orresponding to  “Microsoft ISATAP Adapter.”
RFC1213-MIB::ifDescr.13 orresponding to  “Broadcom BCM5716C NetXtreme II GigE (NDIS VBD Client) #2.”

OK,果断搞起。

返回正文

(5)条评论

  • kwe

    |

    这个问题有没有解决,我也遇到了

    回复

  • 匿名

    |

    请教博主一个问题 我用自带的/usr/local/nagios/libexec/check_centreon_snmp_traffic -H 192.168.0.43 -n -i \’Intel(R) 82566MM Gigabit Network Connection\’ -w \’80\’ -c \’90\’ -v 2c -C public
    却报错 Check mod for temporary file : /var/lib/centreon/centplugins/traffic_if11_192.168.0.43 !
    请问下这个是由于哪里权限没有设置好呢, 用ROOT 在命令行下可以执行

    回复

  • 匿名

    |

    请教博主一个问题 我用自带的/usr/local/nagios/libexec/check_centreon_snmp_traffic -H 192.168.0.43 -n -i ‘Intel(R) 82566MM Gigabit Network Connection’ -w ’80’ -c ’90’ -v 2c -C public
    却报错 Check mod for temporary file : /var/lib/centreon/centplugins/traffic_if11_192.168.0.43 !
    请问下这个是由于哪里权限没有设置好呢, 用ROOT 在命令行下可以执行

    回复

    • 哦呦呦呦拳

      |

      将/var/lib/centreon/centplugins/traffic_if***** 这个文件的属主和属组改成nagios应该就没问题了,或者你su到nagios用户下执行这个命令看看结果。

      回复

您的留言是我最大的支持!