工作前准备:
1、将snmp安装包上传至/root 目录下,可以使用u盘,也可以使用传输软件SCP、flashxp 等
2、提高权限
cd /root chmod 777 install-snmp-syslog-auditor.sh
3、删除脚本中的空白行和多余的符号
sed -i 's/\r$//' install-snmp-syslog-auditor.sh
4、执行脚本
./install-snmp-syslog-auditor.sh
(1)角色判断
判断当前登录的用时是否为root用户,防止安装软件时不能进行安装。如果不是root用户将退出脚本执行,否则将继续进行脚本执行。
#!/bin/bash
#进行一键安装SNMP创建Shell脚本
#
#判断当前用户是否为root
if [ "$(id -u)" != "0" ]
then
echo "This Shell must be run as root" 1>&2
exit
else
echo "This is running as root"
fi
(2)检查snmp软件是否安装
if rpm -qa |grep snmp &>/dev/null;
then
echo "snmpd is already installed."
exit
else
echo "snmpd is not installed!"
fi
(3)安装snmp服务包
#安装snmp脚本
echo "安装perl依赖"
rpm -ivh /root/Linux_snmp/perl-Data-Dumper-2.145-3.el7.x86_64.rpm
echo "安装mysql-compat"
rpm -ivh /root/Linux_snmp/mysql-community-libs-compat-5.7.33-1.el7.x86_64.rpm
echo "--------------安装net-snmp--------------"
rpm -ivh /root/Linux_snmp/net-snmp*.rpm --force
echo "--------------安装lm--------------"
rpm -ivh /root/Linux_snmp/lm_sensors*.rpm --force
(4)修改snmp配置文件
snmpd.conf
echo "-----gredit snmp.conf----"
cd /etc/snmp
cp /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.bak
echo "give profile permission"
chmod 777 snmpd.conf
echo "gredit snmp1"
sed -i 's/com2sec notConfigUser default public/com2sec notConfigUser 10.225.206.103 tsgz@2018/g' snmpd.conf
echo "gredit snmp2"
sed -i 's/access notConfigGroup "" any noauth exact systemview none none/access notConfigGroup "" any noauth exact all none none/g' snmpd.conf
echo "gredit snmp3"
sed -i '56a view all included .1' snmpd.conf
echo "gredit snmp4"
sed -i '63a rocommunity tsgz@2018 10.225.106.103 -V systemonly' snmpd.conf
echo "gredit snmp5"
sed -i '64a trap2sink 10.225.206.103 tsgz@2018' snmpd.conf
echo "---snmp.conf gredit Successful---"
sleep 3s
systemctl start snmpd
echo "---Service snmpd start---"
systemctl enable snmpd
echo "--------------'systemctl enable snmpd --------------"
systemctl restart snmpd
echo "---snmpd restart successful---"
echo "--------------chkconfig snmpd on--------------"
chkconfig snmpd on
systemctl status snmpd
sleep 5s
(5)修改syslog配置文件
rsyslog.conf
echo "-----gredit rsyslog.conf----"
cd /etc/
cp rsyslog.conf rsyslog.conf.bak
echo "rsyslog.conf back Successful"
sed -i 's/#*.* @@remote-host:514/*.* @@10.225.206.102:514/g' rsyslog.conf
echo "---rsyslog.conf gredit Successful---"
systemctl start rsyslog
systemctl restart rsyslog
echo "--start rsyslog--"
systemctl status rsyslog
sleep 4s
(6)创建审计员账号
echo -e "RSAAuthentication yes" >>/etc/ssh/sshd_config
echo -e "PubkeyAuthentication yes">>/etc/ssh/sshd_config
echo -e "AuthorizedKeysFile .ssh/authorized_keys">>/etc/ssh/sshd_config
echo -e "write successful......."
sleep 3s
useradd -m -d /home/tsgzAuditor -s /bin/bash tsgzAuditor
echo "The tsgzAuditor is created....."
mkdir /home/tsgzAuditor/.ssh
echo "Where is /home/tsgzAuditor build .shh direct"
touch /home/tsgzAuditor/.ssh/authorized_keys
echo "在/home/tsgzAuditor/.ssh/ build 'authorized_keys' profile"
chown -R tsgzAuditor:tsgzAuditor /home/tsgzAuditor/
echo "give .ssh permission......."
cat /root/id_rsa_1024.pub >>/home/tsgzAuditor/.ssh/authorized_keys
echo "authorized_keys write connact of id_rsa_1024.pub ......."
chmod 700 /home/tsgzAuditor/.ssh
echo "give .ssh permission"
chmod 600 /home/tsgzAuditor/.ssh/authorized_keys
echo "give authorized_keys permission"
service sshd restart
echo "restary sshd service"
sleep 3s
file1=/etc/shadow
PASSWD=`cat $file1 | grep tsgzAuditor | awk -F: '{print $5}'` #获得当前用户的密码修改时间
echo "Gets the expiration time of the current password as:$PASSWD"
TMP="99999"
if [ $PASSWD -eq $TMP ];
then
echo "Password update time is not set......"
else
sed -i "/tsgzAuditor/s#\($PASSWD\)#${TMP}#" $file1
echo "Password update time set successfully........"
fi
exit 0
(7)手动检查配置文件是否正确
没有合适的资源?快使用搜索试试~ 我知道了~
温馨提示
离线安装snmp服务包、修改snmp、syslog ,创建审计员账号shell脚本,适用于cenos 7.x redhat 7.x,用于态势感知实用化提升、网络监控等领域,可以同时批量处理。脚本包含了大部分需要手工配置的步骤,通常主机实用化提升包含上传并安装snmp 服务包,修改snmpd.conf 等配置文件,在实用化中通常要求配置审计员账号,这些步骤如果一步步去做,比较繁琐且复杂还容易出错,特别是当linux 主机比较多的时候就需要花费大量的时间去重复的工作,所以这里小编特意编写了包含所有步骤的脚本,是原来复杂的工作简单化,当然有些地方可能不需要审计员配置,那么就需要你自行修改脚本即可。
资源详情
资源评论
资源推荐
收起资源包目录
Linux-snmp-syslog-auditor.zip (13个子文件)
Linux-snmp-syslog-auditor
使用文档.txt.txt 4KB
rsyslog-8.24.0-55.el7.x86_64.rpm 621KB
net-snmp-5.7.2-28.el7_4.1.x86_64.rpm 322KB
lm_sensors-libs-3.4.0-4.20160601gitf9185e5.el7.x86_64.rpm 41KB
snmpd.conf 18KB
lm_sensors-devel-3.4.0-4.20160601gitf9185e5.el7.x86_64.rpm 26KB
perl-Data-Dumper-2.145-3.el7.x86_64.rpm 47KB
install-snmp-syslog-auditor.sh.sh 4KB
install-snmp-syslog-auditor.sh 4KB
net-snmp-libs-5.7.2-28.el7_4.1.x86_64.rpm 748KB
net-snmp-agent-libs-5.7.2-28.el7_4.1.x86_64.rpm 704KB
mysql-community-libs-compat-5.7.33-1.el7.x86_64.rpm 1.2MB
net-snmp-utils-5.7.2-28.el7_4.1.x86_64.rpm 198KB
共 13 条
- 1
十月44
- 粉丝: 2
- 资源: 1
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功
评论0