[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Syslog] Submission of draft-ietf-syslog-device-mib-13.txt
Hi,
Attached please find the updated ID
draft-ietf-syslog-device-mib-13.txt
This is a work of the ietf-syslog-wg.
I will appreciate it very much if you can
post this to the archives.
Thanks.
Glenn
Syslog Working Group Glenn Mansfield Keeni
INTERNET-DRAFT Cyber Solutions Inc.
Intended Status: Proposed Standard
Expires: July 16, 2007 January 17, 2007
Syslog Management Information Base
<draft-ietf-syslog-device-mib-13.txt>
Status of this Memo
By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
This document is a product of the syslog Working Group. Comments
should be addressed to the authors or the mailing list at
syslog@ietf.org
This Internet-Draft will expire on July 16, 2007.
Copyright Notice
Copyright (C) The IETF Trust (2007).
Glenn M. Keeni. Expires: July 16, 2007 [Page 1]
�
Internet Draft syslogMIB January 2007
Abstract
This memo defines a portion of the Management Information Base (MIB),
the Syslog MIB, for use with network management protocols
in the Internet community. In particular, the Syslog MIB will be
used to monitor and control syslog entities.
Table of Contents
1. The Internet-Standard Management Framework .... 3
2. Background .................................... 3
3. The MIB Design ................................ 4
4. The Syslog MIB ................................ 6
5. Security Considerations ....................... 32
6. IANA Considerations ........................... 34
7. References .................................... 34
8 Acknowledgments ............................... 35
9. Author's Addresses ............................ 36
10. Full Copyright Statement ...................... 37
Appendix ...................................... 39
Glenn M. Keeni. Expires: July 16, 2007 [Page 2]
�
Internet Draft syslogMIB January 2007
1. The Internet-Standard Management Framework
For a detailed overview of the documents that describe the current
Internet-Standard Management Framework, please refer to section 7 of
RFC 3410 [RFC3410].
Managed objects are accessed via a virtual information store, termed
the Management Information Base or MIB. MIB objects are generally
accessed through the Simple Network Management Protocol (SNMP).
Objects in the MIB are defined using the mechanisms defined in the
Structure of Management Information (SMI). This memo specifies a MIB
module that is compliant to the SMIv2, which is described in STD 58,
RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580
[RFC2580].
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in BCP 14, RFC 2119
[RFC2119].
2. Background
Operating systems, processes and applications, collectively termed
"facilities" in the following, generate messages indicating their own
status or the occurrence of events. These messages are handled by
what has come to be known as the syslog application[RFCPROT]. In
this document we refer to a syslog application as a syslog entity. A
syslog entity sends and/or receives syslog messages. The reader is
referred to [RFCPROT] for a description of the various roles of a
syslog entity viz. "sender", "receiver" and "relay". The discussion
in this document in general applies to a generic syslog entity. For
special cases the specific role of the syslog application will be
mentioned. [RFCUDPX] describes the UDP transport for the syslog
protocol.
This document defines a set of managed objects (MOs) that can be used
to monitor a group of syslog entities.
The SYSLOG-MIB can be used in conjunction with other MIB modules - in
particular the Host Resources MIB[RFC2790]. The generic process
related matters e.g. control and monitoring for status, resource
usage etc. can be serviced by the corresponding entries in the Host
Resources MIB.
Glenn M. Keeni. Expires: July 16, 2007 [Page 3]
�
Internet Draft syslogMIB January 2007
+------+
Syslog message ----->| Ent1 |
+------+
+------+
Syslog message ----->| Ent2 |------> Syslog message
+------+
+------+
| Ent3 |------> Syslog message
+------+
Ent1: Syslog collector ( syslog receiver)
Ent2: Syslog relay ( syslog receiver, syslog sender)
Ent3: Syslog originator (syslog sender)
Fig.1 Syslog entities modeled by the SYSLOG-MIB
The syslog entities modeled by the SYSLOG-MIB are shown in Fig.1. A
syslog receiver receives syslog messages. A syslog sender sends
syslog messages to other syslog entities. A syslog relay will forward
some of the received syslog messages to other syslog entities. A
syslog receiver receives a syslog message and processes it. The
processing will depend on the internal configuration and may involve
relaying the message to another syslog entity. Note that a syslog
entity may have multiple roles. Multiple syslog entities may co-
exist on the same host.
3. The MIB Design.
The purpose of the SYSLOG-MIB is to allow the monitoring of a group
of syslog entities. This requires managed objects representing the
following elements.
o The default configuration parameters e.g. the default maximum
message size for a syslog entity, the default port number on
which a syslog receiver will listen for messages, etc.
o The configuration and status related details of each syslog
entity.
o The statistics on syslog messages received, processed
locally, relayed by each syslog entity.
Glenn M. Keeni. Expires: July 16, 2007 [Page 4]
�
Internet Draft syslogMIB January 2007
The MIB contains four subtrees.
o The syslogSystem subtree services the default configuration
parameters.
o The syslogEntity subtree consists of the following tables.
- SyslogEntityControlTable deals with the configuration and
control information for a syslog entity.
- SyslogEntityOperationsTable deals with operations and
statistical information about syslog messages sent and/or
received by a syslog entity.
o The syslogNotifications subtree defines the set of
notifications that will be used to asynchronously report
the status of a syslog entity.
o The conformance subtree defines the compliance statements.
The SYSLOG-MIB module uses textual conventions defined in INET-
ADDRESS-MIB[RFC4001] and SNMP-FRAMEWORK-MIB[RFC3411].
Glenn M. Keeni. Expires: July 16, 2007 [Page 5]
�
Internet Draft syslogMIB January 2007
4. The Syslog MIB
SYSLOG-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE,
Unsigned32, Counter32, Integer32, mib-2,
NOTIFICATION-TYPE
FROM SNMPv2-SMI
RowStatus, StorageType,
TEXTUAL-CONVENTION, TimeStamp
FROM SNMPv2-TC
InetAddressType, InetAddress
FROM INET-ADDRESS-MIB
MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP
FROM SNMPv2-CONF
SnmpAdminString
FROM SNMP-FRAMEWORK-MIB;
syslogMIB MODULE-IDENTITY
LAST-UPDATED "200701060000Z" -- 6th January, 2007
ORGANIZATION "IETF Syslog Working Group"
CONTACT-INFO
" Glenn Mansfield Keeni
Postal: Cyber Solutions Inc.
6-6-3, Minami Yoshinari
Aoba-ku, Sendai, Japan 989-3204.
Tel: +81-22-303-4012
Fax: +81-22-303-4015
E-mail: glenn@cysols.com
Support Group E-mail: syslog@ietf.org
"
DESCRIPTION
"The MIB module for monitoring syslog entities.
In this MIB we refer to a syslog application
or device as a syslog entity. A syslog entity sends
and/or receives syslog messages. The reader is referred
to [RFCPROT] for a description of the various roles
of a syslog entity viz. ''sender'', ''receiver'' and
''relay''. The discussion in this
document in general applies to a generic syslog entity.
Glenn M. Keeni. Expires: July 16, 2007 [Page 6]
�
Internet Draft syslogMIB January 2007
For special cases the specific role of the syslog
application will be mentioned.
Copyright (C) The Internet Trust (2007). This version of
this MIB module is part of RFC XXXX; see the RFC itself for
full legal notices.
"
-- RFC Ed.: replace XXXX with the actual RFC number & remove this
-- note
REVISION "200701060000Z" -- 6th January, 2007
DESCRIPTION
"The initial version, published as RFC XXXX."
-- RFC Ed.: replace XXXX with the actual RFC number & remove this
-- note
::= { mib-2 YYYY } -- Will be assigned by IANA
-- IANA Reg.: Please assign a value for "YYYY" under the
-- 'mib-2' subtree and record the assignment in the SMI
-- Numbers registry.
-- RFC Ed.: When the above assignment has been made, please
-- remove the above note
-- replace "YYYY" here with the assigned value and
-- remove this note.
-- -------------------------------------------------------------
-- Textual Conventions
-- -------------------------------------------------------------
Glenn M. Keeni. Expires: July 16, 2007 [Page 7]
�
Internet Draft syslogMIB January 2007
SyslogRoles ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"This textual convention enumerates the roles of a
syslog entity. Note that a syslog entity can have
multiple roles.
"
REFERENCE
"The Syslog Protocol [RFCPROT] sec. 3.
"
SYNTAX BITS
{
sender (0),
receiver (1),
relay (2)
}
SyslogService ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"The service name or port number that this syslog
receiver will bind to.
The service name must resolve to a port number on
the local host.
"
SYNTAX OCTET STRING (SIZE (0..255))
SyslogEncapsulation ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"This textual convention enumerates the encapsulations
of the syslog message that is used between syslog
application endpoints.
"
REFERENCE
"Transmission of syslog messages over UDP [RFCUDPX],
TLS Transport Mapping for Syslog [RFCTLSX],
Reliable Delivery for syslog [RFCBEEP].
"
SYNTAX INTEGER
{
other (1),
none (2), -- [RFCUDPX ] (no encapsulation)
tls (3), -- [RFCTLSX]
beep (4) -- [RFCBEEP]
Glenn M. Keeni. Expires: July 16, 2007 [Page 8]
�
Internet Draft syslogMIB January 2007
}
-- -------------------------------------------------------------
-- syslogMIB - the main groups
-- -------------------------------------------------------------
syslogNotifications OBJECT IDENTIFIER
::= { syslogMIB 0 }
syslogObjects OBJECT IDENTIFIER
::= { syslogMIB 1 }
syslogConformance OBJECT IDENTIFIER
::= { syslogMIB 3 }
syslogSystem OBJECT IDENTIFIER
::= { syslogObjects 1 }
syslogEntity OBJECT IDENTIFIER
::= { syslogObjects 2 }
-- -------------------------------------------------------------
-- syslogSystem
-- -------------------------------------------------------------
-- The default parameters
syslogDefaultService OBJECT-TYPE
SYNTAX SyslogService
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The default service name or port number that a syslog
receiver will bind to.
"
REFERENCE
"Transmission of syslog messages over UDP
[RFCUDPX] Sec. 3.3.
"
DEFVAL { "514" }
::= { syslogSystem 1 }
Glenn M. Keeni. Expires: July 16, 2007 [Page 9]
�
Internet Draft syslogMIB January 2007
syslogDefaultEncapsulation OBJECT-TYPE
SYNTAX SyslogEncapsulation
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The default encapsulation used by a syslog
receiver to receive syslog messages.
"
DEFVAL { none }
::= { syslogSystem 2 }
-- -------------------------------------------------------------
-- syslog entity configuration info table
-- -------------------------------------------------------------
syslogEntityControlTable OBJECT-TYPE
SYNTAX SEQUENCE OF SyslogEntityControlEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table containing the configuration parameters
pertaining to the syslog entities serviced by an
SNMP agent.
"
::= { syslogEntity 1 }
syslogEntityControlEntry OBJECT-TYPE
SYNTAX SyslogEntityControlEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The configuration parameters pertaining to a syslog
entity.
"
INDEX { syslogEntityControlIndex }
::= { syslogEntityControlTable 1 }
Glenn M. Keeni. Expires: July 16, 2007 [Page 10]
�
Internet Draft syslogMIB January 2007
SyslogEntityControlEntry ::=
SEQUENCE {
syslogEntityControlIndex
Unsigned32,
syslogEntityControlDescr
SnmpAdminString,
syslogEntityControlRoles
SyslogRoles,
syslogEntityControlBindAddrType
InetAddressType,
syslogEntityControlBindAddr
InetAddress,
syslogEntityControlService
SyslogService,
syslogEntityControlEncapsulation
SyslogEncapsulation,
syslogEntityControlMaxMessageSize
Unsigned32,
syslogEntityControlConfFileName
SnmpAdminString,
syslogEntityControlStorageType
StorageType,
syslogEntityControlRowStatus
RowStatus
}
syslogEntityControlIndex OBJECT-TYPE
SYNTAX Unsigned32 (1..2147483647)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The Index that uniquely identifies the syslog entity in
the syslogEntityControlTable.
The value of the index for a syslog entity may not be
the same across system reboots. Users and Applications
will need to determine the index of a syslog entity after
system reboots.
"
::= { syslogEntityControlEntry 1 }
Glenn M. Keeni. Expires: July 16, 2007 [Page 11]
�
Internet Draft syslogMIB January 2007
syslogEntityControlDescr OBJECT-TYPE
SYNTAX SnmpAdminString
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"A user definable description of the syslog entity.
This description could be used by syslog management
applications e.g. in reports or in user interfaces.
"
::= { syslogEntityControlEntry 2 }
syslogEntityControlRoles OBJECT-TYPE
SYNTAX SyslogRoles
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The roles of the syslog entity.
"
::= { syslogEntityControlEntry 3 }
syslogEntityControlBindAddrType OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The type of Internet address which follows
in syslogEntityControlBindAddr.
If this syslog entity is not a syslog receiver,
the value of this object will be 'unknown' (0).
"
::= { syslogEntityControlEntry 4 }
syslogEntityControlBindAddr OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The specific address the syslog receiver will bind to.
The format of the address is specified by the
corresponding syslogEntityControlBindAddrType object.
If the address is specified in the DNS domain name format
[syslogEntityControlBindAddrType = 'dns'], the
corresponding IPv4 or IPv6 address obtained at the time
of the binding operation by the syslog entity, will be
Glenn M. Keeni. Expires: July 16, 2007 [Page 12]
�
Internet Draft syslogMIB January 2007
used.
If this syslog entity is not a syslog receiver, the value
of this object will be a zero-length string.
"
::= { syslogEntityControlEntry 5 }
syslogEntityControlService OBJECT-TYPE
SYNTAX SyslogService
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The service name or port number that this syslog
receiver will bind to.
If this syslog entity is not a syslog receiver the value
of this object will be zero.
If no value is specified, the syslog entity will use the
service name or port number specified in
syslogDefaultService.
"
::= { syslogEntityControlEntry 6 }
syslogEntityControlEncapsulation OBJECT-TYPE
SYNTAX SyslogEncapsulation
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The encapsulation that will be used for syslog messages
by the syslog receiver.
If this syslog entity is not a syslog receiver the value
of this object will be ''other''.
If no value is specified, the syslog receiver will use the
encapsulation specified in syslogDefaultEncapsulation.
"
::= { syslogEntityControlEntry 7 }
Glenn M. Keeni. Expires: July 16, 2007 [Page 13]
�
Internet Draft syslogMIB January 2007
syslogEntityControlMaxMessageSize OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The maximum size of the syslog messages in bytes
for this syslog entity.
A syslog receiver may reject or truncate messages larger
than the specified maximum syslog message size.
"
REFERENCE
"The Syslog Protocol [RFCPROT] sec. 6.1.
"
::= { syslogEntityControlEntry 8 }
syslogEntityControlConfFileName OBJECT-TYPE
SYNTAX SnmpAdminString
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The fullpath name of the configuration file where the
syslog entity's message selection and corresponding
action rules will be read from.
If the syslog entity does not support the specification
of a configuration file, this the value of this object
will be a zero-length string.
"
DEFVAL { "/etc/syslog.conf" }
::= { syslogEntityControlEntry 9 }
Glenn M. Keeni. Expires: July 16, 2007 [Page 14]
�
Internet Draft syslogMIB January 2007
syslogEntityControlStorageType OBJECT-TYPE
SYNTAX StorageType
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object defines whether the parameters defined in
this row are kept in volatile storage and lost upon
reboot or are backed up by non-volatile or permanent
storage.
Conceptual rows having the value 'permanent' need not
allow write-access to any columnar objects in the row.
"
DEFVAL { nonVolatile }
::= { syslogEntityControlEntry 11 }
syslogEntityControlRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object is used to create, modify and delete rows in
the syslogEntityControlTable.
The value of syslogEntityControlDescr can be changed
when this object is in state ''active'' or in
''notInService''.
The other objects in a row can be modified only when the
value of this object in the corresponding conceptual row
is not ''active''. Thus to modify one or more of the
objects in this conceptual row,
a. change the row status to ''notInService'',
b. change the values of the row
c. change the row status to ''active''
The syslogEntityControlRowStatus may be changed to
''active'' if all the managed objects in the conceptual
row with MAX-ACCESS read-create except
syslogEntityControlService and
syslogEntityControlEncapsulation have been assigned valid
values.
"
::= { syslogEntityControlEntry 12 }
Glenn M. Keeni. Expires: July 16, 2007 [Page 15]
�
Internet Draft syslogMIB January 2007
-- -------------------------------------------------------------
-- syslogEntityOperations
-- -------------------------------------------------------------
syslogEntityOperationsTable OBJECT-TYPE
SYNTAX SEQUENCE OF SyslogEntityOperationsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table containing operations information about
the syslog entities serviced by an SNMP agent.
This table complements the (configuration) information
in syslogEntityControlTable .
"
::= { syslogEntity 2 }
syslogEntityOperationsEntry OBJECT-TYPE
SYNTAX SyslogEntityOperationsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The operations information pertaining to a syslog
entity.
"
AUGMENTS { syslogEntityControlEntry }
::= { syslogEntityOperationsTable 1 }
Glenn M. Keeni. Expires: July 16, 2007 [Page 16]
�
Internet Draft syslogMIB January 2007
SyslogEntityOperationsEntry ::=
SEQUENCE {
syslogEntityOperationsMsgsReceived
Counter32,
syslogEntityOperationsMsgsRelayed
Counter32,
syslogEntityOperationsMsgsDropped
Counter32,
syslogEntityOperationsMsgsMalFormed
Counter32,
syslogEntityOperationsMsgsDiscarded
Counter32,
syslogEntityOperationsLastMsgRecdTime
TimeStamp,
syslogEntityOperationsLastMsgTransmittedTime
TimeStamp,
syslogEntityOperationsStartTime
TimeStamp,
syslogEntityOperationsLastError
SnmpAdminString,
syslogEntityOperationsLastErrorTime
TimeStamp,
syslogEntityOperationsReference
Integer32,
syslogEntityOperationsCounterDiscontinuityTime
TimeStamp,
syslogEntityOperationsStatus
INTEGER
}
syslogEntityOperationsMsgsReceived OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of messages received by the syslog
receiver. This includes messages that were ignored.
Discontinuities in the value of this counter can
occur at re-initialization of the management system,
and at other times as indicated by the value of
syslogEntityOperationsCounterDiscontinuityTime.
"
::= { syslogEntityOperationsEntry 1 }
Glenn M. Keeni. Expires: July 16, 2007 [Page 17]
�
Internet Draft syslogMIB January 2007
syslogEntityOperationsMsgsRelayed OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of messages relayed by the syslog
relay to other syslog entities.
If this syslog entity is not a syslog relay the value
of this object will be zero.
Discontinuities in the value of this counter can
occur at re-initialization of the management system,
and at other times as indicated by the value of
syslogEntityOperationsCounterDiscontinuityTime.
"
REFERENCE
"The Syslog Protocol [RFCPROT] sec. 3.
"
::= { syslogEntityOperationsEntry 2 }
syslogEntityOperationsMsgsDropped OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of messages that could not be queued
for transmission by the syslog relay.
If this syslog entity is not a syslog sender the
value of this object will be zero.
Discontinuities in the value of this counter can
occur at re-initialization of the management system,
and at other times as indicated by the value of
syslogEntityOperationsCounterDiscontinuityTime.
"
::= { syslogEntityOperationsEntry 3 }
syslogEntityOperationsMsgsMalFormed OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of messages received by the syslog
receiver which had malformed header.
If this syslog entity is not a syslog receiver
the this object will have a zero value.
Discontinuities in the value of this counter can
Glenn M. Keeni. Expires: July 16, 2007 [Page 18]
�
Internet Draft syslogMIB January 2007
occur at re-initialization of the management system,
and at other times as indicated by the value of
syslogEntityOperationsCounterDiscontinuityTime.
"
REFERENCE
"The Syslog Protocol [RFCPROT] sec. 6.3.
"
::= { syslogEntityOperationsEntry 4 }
syslogEntityOperationsMsgsDiscarded OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of messages that were discarded by the
syslog receiver. This will include messages that
were discarded because the message size was greater
than the system's maximum message size.
If this syslog entity is not a syslog receiver this
object will have a zero value.
Discontinuities in the value of this counter can
occur at re-initialization of the management system,
and at other times as indicated by the value of
syslogEntityOperationsCounterDiscontinuityTime.
"
REFERENCE
"The Syslog Protocol [RFCPROT] sec. 6.1.
"
::= { syslogEntityOperationsEntry 5 }
syslogEntityOperationsLastMsgRecdTime OBJECT-TYPE
SYNTAX TimeStamp
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of sysUpTime when the last message was
received by the syslog receiver locally or from a
remote syslog entity.
If this syslog entity is not a syslog receiver or,
if no messages have been received by this syslog
entity, since the last re-initialization of the
local management subsystem, then this object will
have a zero value.
"
::= { syslogEntityOperationsEntry 6 }
Glenn M. Keeni. Expires: July 16, 2007 [Page 19]
�
Internet Draft syslogMIB January 2007
syslogEntityOperationsLastMsgTransmittedTime OBJECT-TYPE
SYNTAX TimeStamp
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of sysUpTime when the last message
was transmitted by the syslog sender.
If this syslog entity is not a syslog sender or,
if no messages have been transmitted by this syslog
entity, since the last re-initialization of the local
management subsystem, then this object will have a
zero value.
"
::= { syslogEntityOperationsEntry 7 }
syslogEntityOperationsStartTime OBJECT-TYPE
SYNTAX TimeStamp
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of sysUpTime when this syslog entity was
started.
"
::= { syslogEntityOperationsEntry 8 }
syslogEntityOperationsLastError OBJECT-TYPE
SYNTAX SnmpAdminString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A description of the last error related to sending,
receiving or processing a syslog message that was
encountered by this syslog entity.
If no error has been encountered by this syslog
entity then the value of this object will be a
zero-length string.
If no error has been encountered by this syslog
entity since the last re-initialization of the
local management subsystem then the value of this
object will be a zero-length string.
"
::= { syslogEntityOperationsEntry 9 }
Glenn M. Keeni. Expires: July 16, 2007 [Page 20]
�
Internet Draft syslogMIB January 2007
syslogEntityOperationsLastErrorTime OBJECT-TYPE
SYNTAX TimeStamp
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of sysUpTime when the last error was
encountered.
If no error has been encountered by this syslog
entity since the last re-initialization of the
local management subsystem, then this object will
have a zero value.
"
::= { syslogEntityOperationsEntry 10 }
syslogEntityOperationsReference OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"If the Host resource MIB is instantiated on the
host then this entry will have the value of the
hrSWRunIndex of the corresponding entry in the
hrSWRunTable.
Note that the hrSWRunIndex is not persistent
across system reboots or software restarts. The
value of syslogEntityOperationsReference SHOULD
reference the latest value of the hrSWRunIndex
of the corresponding entry in the hrSWRunTable.
The special value of zero indicates that the Host
resource MIB is not instantiated.
"
::= { syslogEntityOperationsEntry 11 }
syslogEntityOperationsCounterDiscontinuityTime OBJECT-TYPE
SYNTAX TimeStamp
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of sysUpTime on the most recent occasion
at which any one or more of this syslog entity's
counters, viz., counters with OID prefix
'syslogEntityOperationsMsgsReceived' or
'syslogEntityOperationsMsgsRelayed' or
Glenn M. Keeni. Expires: July 16, 2007 [Page 21]
�
Internet Draft syslogMIB January 2007
'syslogEntityOperationsMsgsDropped' or
'syslogEntityOperationsMsgsMalFormed' or
'syslogEntityOperationsMsgsDiscarded' suffered a
discontinuity.
If no such discontinuities have occurred since the
last re-initialization of the local management
subsystem, then this object will have a zero value.
"
::= { syslogEntityOperationsEntry 12 }
syslogEntityOperationsStatus OBJECT-TYPE
SYNTAX INTEGER {
unknown (1),
started (2),
suspended(3),
stopped (4)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The status of the syslog entity.
"
DEFVAL { unknown }
::= { syslogEntityOperationsEntry 13 }
Glenn M. Keeni. Expires: July 16, 2007 [Page 22]
�
Internet Draft syslogMIB January 2007
syslogEntityStatusChanged NOTIFICATION-TYPE
OBJECTS {
syslogEntityControlDescr,
syslogEntityControlRoles,
syslogEntityControlBindAddrType,
syslogEntityControlBindAddr,
syslogEntityControlService,
syslogEntityControlEncapsulation,
syslogEntityControlConfFileName,
syslogEntityOperationsStatus
}
STATUS current
DESCRIPTION
"This notification is sent when a syslog entity
changes state. For example when the syslog entity
starts [syslogEntityOperationsStatus is ''started'' ]
or the syslog entity stops [syslogEntityOperationsStatus
is ''suspended'' or ''stopped''].
The value of syslogEntityOperationsStatus will be the
new status of the syslog entity after the change.
The syslog entity corresponding to the notification
will be identified by the syslogEntityOperationsIndex
instance identifier of the objects in the notification.
"
::= { syslogNotifications 1 }
-- -------------------------------------------------------------
-- Conformance Information
-- -------------------------------------------------------------
syslogGroups OBJECT IDENTIFIER
::= { syslogConformance 1 }
syslogCompliances OBJECT IDENTIFIER
::= { syslogConformance 2 }
Glenn M. Keeni. Expires: July 16, 2007 [Page 23]
�
Internet Draft syslogMIB January 2007
-- -------------------------------------------------------------
-- units of conformance
-- -------------------------------------------------------------
syslogDefaultGroup OBJECT-GROUP
OBJECTS {
syslogDefaultService,
syslogDefaultEncapsulation
}
STATUS current
DESCRIPTION
"A collection of objects providing default
parameters for syslog entities
"
::= { syslogGroups 1}
syslogEntityOperationsGroup OBJECT-GROUP
OBJECTS {
-- syslogEntityOperationsIndex,
syslogEntityOperationsMsgsReceived,
syslogEntityOperationsMsgsRelayed,
syslogEntityOperationsMsgsDropped,
syslogEntityOperationsMsgsMalFormed,
syslogEntityOperationsMsgsDiscarded,
syslogEntityOperationsLastMsgRecdTime,
syslogEntityOperationsLastMsgTransmittedTime,
syslogEntityOperationsStartTime,
syslogEntityOperationsLastError,
syslogEntityOperationsLastErrorTime,
syslogEntityOperationsReference,
syslogEntityOperationsCounterDiscontinuityTime,
syslogEntityOperationsStatus
}
STATUS current
DESCRIPTION
"A collection of objects providing message related
statistics."
::= { syslogGroups 2}
Glenn M. Keeni. Expires: July 16, 2007 [Page 24]
�
Internet Draft syslogMIB January 2007
syslogEntityControlGroup OBJECT-GROUP
OBJECTS {
syslogEntityControlDescr,
syslogEntityControlRoles,
syslogEntityControlBindAddrType,
syslogEntityControlBindAddr,
syslogEntityControlEncapsulation,
syslogEntityControlService,
syslogEntityControlMaxMessageSize,
syslogEntityControlConfFileName,
syslogEntityControlStorageType,
syslogEntityControlRowStatus
}
STATUS current
DESCRIPTION
"A collection of objects representing the run time parameters
for the syslog entities.
"
::= { syslogGroups 3}
syslogNotificationGroup NOTIFICATION-GROUP
NOTIFICATIONS {
syslogEntityStatusChanged
}
STATUS current
DESCRIPTION
"A collection of notifications about the operational
state of a syslog entity.
"
::= { syslogGroups 4}
Glenn M. Keeni. Expires: July 16, 2007 [Page 25]
�
Internet Draft syslogMIB January 2007
-- -------------------------------------------------------------
-- compliance statements
-- -------------------------------------------------------------
syslogFullCompliance1 MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for SNMP entities which
implement the SYSLOG-MIB with support for writable
objects and notifications. Such an implementation can
be both monitored and configured via SNMP. It can
also send notifications about change in the
operational status of the syslog entity.
"
MODULE -- this module
MANDATORY-GROUPS {
syslogNotificationGroup,
syslogDefaultGroup,
syslogEntityOperationsGroup,
syslogEntityControlGroup
}
::= { syslogCompliances 1 }
syslogFullCompliance2 MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for SNMP entities which
implement the SYSLOG-MIB with support for writable
objects. Such an implementation can
be both monitored and configured via SNMP.
"
MODULE -- this module
MANDATORY-GROUPS {
syslogDefaultGroup,
syslogEntityOperationsGroup,
syslogEntityControlGroup
}
::= { syslogCompliances 2 }
Glenn M. Keeni. Expires: July 16, 2007 [Page 26]
�
Internet Draft syslogMIB January 2007
syslogReadOnlyCompliance1 MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for SNMP entities which
implement the syslog MIB without support
for read-write (i.e. in read-only mode). It can
also send notifications about change in the
operational status of the syslog entity.
"
MODULE -- this module
MANDATORY-GROUPS {
syslogNotificationGroup,
syslogDefaultGroup,
syslogEntityOperationsGroup,
syslogEntityControlGroup
}
OBJECT syslogEntityControlDescr
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required.
"
OBJECT syslogEntityControlRoles
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required.
"
OBJECT syslogEntityControlBindAddrType
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required.
"
OBJECT syslogEntityControlBindAddr
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required.
"
OBJECT syslogEntityControlService
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required.
"
Glenn M. Keeni. Expires: July 16, 2007 [Page 27]
�
Internet Draft syslogMIB January 2007
OBJECT syslogEntityControlEncapsulation
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required.
"
OBJECT syslogEntityControlMaxMessageSize
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required.
"
OBJECT syslogEntityControlConfFileName
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required.
"
OBJECT syslogEntityControlStorageType
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required.
"
OBJECT syslogEntityControlRowStatus
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required.
"
::= { syslogCompliances 3 }
syslogReadOnlyCompliance2 MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for SNMP entities which
implement the syslog MIB without support
for read-write (i.e. in read-only mode).
"
MODULE -- this module
MANDATORY-GROUPS {
syslogDefaultGroup,
syslogEntityOperationsGroup,
syslogEntityControlGroup
}
Glenn M. Keeni. Expires: July 16, 2007 [Page 28]
�
Internet Draft syslogMIB January 2007
OBJECT syslogEntityControlDescr
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required.
"
OBJECT syslogEntityControlRoles
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required.
"
OBJECT syslogEntityControlBindAddrType
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required.
"
OBJECT syslogEntityControlBindAddr
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required.
"
OBJECT syslogEntityControlService
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required.
"
OBJECT syslogEntityControlEncapsulation
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required.
"
OBJECT syslogEntityControlMaxMessageSize
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required.
"
OBJECT syslogEntityControlConfFileName
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required.
"
OBJECT syslogEntityControlStorageType
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required.
"
Glenn M. Keeni. Expires: July 16, 2007 [Page 29]
�
Internet Draft syslogMIB January 2007
OBJECT syslogEntityControlRowStatus
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required.
"
::= { syslogCompliances 4 }
syslogNotificationCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for SNMP entities
which implement the SYSLOG-MIB and support
only notifications about change in the
operational status of a syslog entity.
"
MODULE -- this module
MANDATORY-GROUPS {
syslogNotificationGroup
}
::= { syslogCompliances 5 }
END
Glenn M. Keeni. Expires: July 16, 2007 [Page 30]
�
Internet Draft syslogMIB January 2007
5. Security Considerations
Syslog plays a very important role in the computer and network
security of an organization. SYSLOG-MIB defines several managed
objects that may be used to monitor, configure and control syslog
entities. As such improper manipulation of the objects represented by
this MIB may lead to an attack on an important component of the
computer and network security infrastructure. The objects in
syslogEntityControlTable may be misconfigured to cause syslog
messages to be diverted or lost.
There are a number of management objects defined in this MIB module
with a MAX-ACCESS clause of read-write and/or read-create. Such
objects may be considered sensitive or vulnerable in some network
environments. The support for SET operations in a non-secure
environment without proper protection can have a negative effect on
network operations. These are the tables and objects and their
sensitivity/vulnerability:
o syslogEntityControlTable: The objects in this table
describe the configuration of the syslog entities.
It may be misconfigured to start up a very large
number of syslog entities (processes) and deny the
system of its resources.
o syslogEntityControlBindAddr: This object may be
misconfigured to bind syslog entity to the wrong
address. This will cause messages to be lost.
o syslogEntityControlService : This object may be
misconfigured to bind syslog entity to the wrong
service (port). This will cause messages to be lost.
o syslogEntityControlMaxMessageSize: This message may be
misconfigured to set the wrong MaxMessageSize for the
syslog entity. It may cause syslog messages to be lost.
o syslogEntityControlConfFileName: This object may be
misconfigured to start the syslog entity with the
wrong (rogue) configuration.
o syslogEntityControlStorageType: This object may be
misconfigured to set the wrong storage type. That may
cause confusion, operational errors and/or loss of
information.
Some of the readable objects in this MIB module (i.e., objects with a
MAX-ACCESS other than not-accessible) may be considered sensitive or
Glenn M. Keeni. Expires: July 16, 2007 [Page 31]
�
Internet Draft syslogMIB January 2007
vulnerable in some network environments. It is thus important to
control even GET and/or NOTIFY access to these objects and possibly
to even encrypt the values of these objects when sending them over
the network via SNMP. These are the tables and objects and their
sensitivity/vulnerability:
o syslogEntityOperationsTable: Objects in this table carry
sensitive information. The counters may reveal
information about the deployment and effectiveness of
the relevant security systems. The counters may be
analyzed to tell whether the security systems are able
to detect an event or not.
o syslogEntityOperationsLastError: This object may contain
sensitive information e.g. user-id, password etc.
depending on the implementation of the syslog entity.
It may reveal details about the syslog implementation
itself, e.g. version, OS etc.
SNMP versions prior to SNMPv3 did not include adequate security.
Even if the network itself is secure (for example by using IPsec),
even then, there is no control as to who on the secure network is
allowed to access and GET/SET (read/change/create/delete) the objects
in this MIB module.
It is RECOMMENDED that implementers consider the security features as
provided by the SNMPv3 framework (see [RFC3410], section 8),
including full support for the SNMPv3 cryptographic mechanisms (for
authentication and privacy).
Further, deployment of SNMP versions prior to SNMPv3 is NOT
RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to
enable cryptographic security. It is then a customer/operator
responsibility to ensure that the SNMP entity giving access to an
instance of this MIB module is properly configured to give access to
the objects only to those principals (users) that have legitimate
rights to indeed GET or SET (change/create/delete) them.
Glenn M. Keeni. Expires: July 16, 2007 [Page 32]
�
Internet Draft syslogMIB January 2007
6. IANA Considerations
The MIB modules in this document use the following IANA-assigned
OBJECT IDENTIFIER values recorded in the SMI Numbers registry:
Descriptor OBJECT IDENTIFIER value
---------- -----------------------
syslogMIB { mib-2 YYYY }
IANA Reg.: Please assign a value under the 'mib-2' subtree
for the 'syslogMIB' MODULE-IDENTITY and record
the assignment in the SMI Numbers registry.
RFC Ed.: When the above assignments have been made, please
- remove the above note
- replace "YYYY" here with the assigned values and
- remove this note.
7. References
7.1 Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirements Levels", BCP 14, RFC 2119, March 1997.
[RFC2578] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J.,
Rose, M., and S. Waldbusser, "Structure of Management
Information Version 2 (SMIv2)", STD 58, RFC 2578,
April 1999
[RFC2579] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J.,
Rose, M., and S. Waldbusser, "Textual Conventions for
SMIv2", STD 58, RFC 2579, April 1999
[RFC2580] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J.,
Rose, M., and S. Waldbusser, "Conformance Statements for
SMIv2", STD 58, RFC 2580, April 1999
[RFC3411] Harrington, D., Presuhn, R. and B. Wijnen, "An Architecture
for Describing Simple Network Management Protocol (SNMP)
Management Frameworks", STD 62, RFC 3411, December 2002.
Glenn M. Keeni. Expires: July 16, 2007 [Page 33]
�
Internet Draft syslogMIB January 2007
[RFC4001] Daniele, M., Haberman, B., Routhier, S., and Schoenwaelder,
J., "Textual Conventions for Internet Network Addresses",
RFC 4001, February 2005.
[RFCPROT] Gerhards, R., "The syslog Protocol",
draft-ietf-syslog-protocol-17.txt, work in progress,
June 2006.
[RFCUDPX] Okmianski, A., "Transmission of syslog messages over UDP",
draft-ietf-syslog-transport-udp-07.txt work in progress,
May 2006.
[RFCTLSX] Miao, F., and Yuzhi, M., "TLS Transport Mapping for Syslog",
draft-ietf-syslog-transport-tls-06.txt, work in progress,
December 2006.
[RFCBEEP] New, D., and Rose, M., "Reliable Delivery for syslog",
RFC 3195, November 2001
7.2 Informative References
[RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart,
"Introduction and Applicability Statements for the
Internet-Standard Management Framework", RFC 3410,
December 2002.
[RFC2790] Waldbusser, S., and Grillo, P., "Host Resources MIB",
RFC 2790, March 2000.
8. Acknowledgments
The initial draft of this document was authored by Bruno Pape.
The authors would like to thank Mark Ellison, David Harrington,
Mike MacFaden, Dave T Perkins, Tom Petch, Juergen Schoenwaelder,
Rohit M, Bert Wijnen and members of the WIDE-netman group for
their comments and suggestions.
Glenn M. Keeni. Expires: July 16, 2007 [Page 34]
�
Internet Draft syslogMIB January 2007
9. Author's Addresses
Glenn Mansfield Keeni
Cyber Solutions Inc.
6-6-3 Minami Yoshinari
Aoba-ku, Sendai 989-3204
Japan
Phone: +81-22-303-4012
EMail: glenn@cysols.com
Glenn M. Keeni. Expires: July 16, 2007 [Page 35]
�
Internet Draft syslogMIB January 2007
10. Full Copyright Statement
Copyright (C) The IETF Trust (2007).
This document is subject to the rights, licenses and restrictions
contained in BCP 78, and except as set forth therein, the authors
retain all their rights.
This document and the information contained herein are provided on
an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE
REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE
IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL
WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY
WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY
RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A
PARTICULAR PURPOSE.
Glenn M. Keeni. Expires: July 16, 2007 [Page 36]
�
Internet Draft syslogMIB January 2007
Intellectual Property
The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be claimed
to pertain to the implementation or use of the technology
described in this document or the extent to which any license
under such rights might or might not be available; nor does it
represent that it has made any independent effort to identify any
such rights. Information on the procedures with respect to
rights in RFC documents can be found in BCP 78 and BCP 79.
Copies of IPR disclosures made to the IETF Secretariat and any
assurances of licenses to be made available, or the result of an
attempt made to obtain a general license or permission for the use
of such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository
at http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention
any copyrights, patents or patent applications, or other
proprietary rights that may cover technology that may be required
to implement this standard. Please address the information to the
IETF at ietf-ipr@ietf.org.
Acknowledgment
Funding for the RFC Editor function is provided by the IETF
Administrative Support Activity (IASA).
Glenn M. Keeni. Expires: July 16, 2007 [Page 37]
�
Internet Draft syslogMIB January 2007
APPENDIX
This section documents the development of the draft. It will be
deleted when the draft becomes an RFC.
Revision History:
Changes from draft-ietf-syslog-device-mib-12.txt
to draft-ietf-syslog-device-mib-13.txt
1. Removed reference to RFC3164.
2. Added TC SyslogEncapsulation
removed syslogDefaultTransportDomain,
syslogEntityControlTransportDomain
Added syslogDefaultEncapsulation,
syslogEntityControlEncapsulation
3. Modified the DESCRIPTION clauses for
syslogEntityControlMaxMessageSize,
syslogEntityOperationsMsgsReceived,
syslogEntityOperationsMsgsRelayed,
syslogEntityOperationsMsgsIllFormed,
syslogEntityOperationsMsgsIgnored,
4. Changed name
from syslogEntityOperationsMsgsIllFormed
to syslogEntityOperationsMsgsMalFormed
from syslogEntityOperationsMsgsIgnored
to syslogEntityOperationsMsgsDiscarded
5. Revised figure 1.
6. Added MO syslogEntityControlRoles
7. renamed syslogEntityControlStatus to
syslogEntityOperationsStatus
moved this object from
syslogEntityControlEntry to
syslogEntityOperationsEntry
8. Removed MOs syslogDefaultFacility
syslogDefaultSeverity
9. Removed TCs SyslogFacility
Glenn M. Keeni. Expires: July 16, 2007 [Page 38]
�
Internet Draft syslogMIB January 2007
SyslogSeverity
10. Added the TC SyslogRoles
11. Added the MO syslogEntityControlRoles
12. Replaced references to "local time" by "value
of sysUpTime"
13. Revised the DESCRIPTION syslogEntityStatusChange
14. Revised the DESCRIPTION of the MOs to cover the
exception cases.
15. Revised the text to clear ambiguities about the
role of the "syslog entity".
16. Editorial nits.
Changes from draft-ietf-syslog-device-mib-11.txt
to draft-ietf-syslog-device-mib-12.txt
1. Added text in introduction and in the DESCRIPTION of the MIB
module to explain the terminology used in the document.
Ref. Comment 1.1, 1.2, 1.3, 1.4.
2. Changed "group" to "subtree" in Section 3 (The MIB Design).
Ref. Comment 1.5
3. Removed enumeration "other" from the enumeration for
SyslogSeverity. This case does not arise.
Ref. Comment 1.6
4. Revised DESCRIPTION of syslogEntityControlStorageType
Ref. comment 2.3
5. Revised DESCRIPTION of syslogEntityStatusChanged
Ref. Comment 2.4
6. Updated the boilerplate for the Copyright notice.
Ref. Comment 2.7
7. Changed "should" to "SHOULD" in DESCRIPTION of
syslogEntityOperationsReference
Ref. Comment 3.2
8. Changed RFCPROT to "[RFCPROT]" in REFERENCE of
syslogDefaultTransportDomain
Changes from draft-ietf-syslog-device-mib-9.txt
to draft-ietf-syslog-device-mib-11.txt
[Note: The changes to the mib-9.txt and mib-10.txt are
Glenn M. Keeni. Expires: July 16, 2007 [Page 39]
�
Internet Draft syslogMIB January 2007
consolidated below.]
1. Namings changed:
Page-8.
changed the duplicate instances of auth and cron to
auth1, auth2, cron1, cron2
changed: SyslDevOpsEntry -> SyslogEntityOperationsEntry
syslEntOpsEntry -> syslogEntityOperationsEntry
SyslDevCtlEntry -> SyslogEntityControlEntry
syslEntCtlEntry -> syslogEntityControlEntry
syslEntOpsTable -> syslogEntityOperationsTable
syslogDevice -> syslogDevice
syslEntCtlProcDescr -> syslogEntityControlDescr
syslEntOpsLastMsgDeliveredTime ->
syslogEntityOperationsLastMsgTransmittedTime.
syslDevOpsGroup -> syslogEntityOperationsGroup
2. Added TRANSPORT-ADDRESS-MIB[RFC3419] to the text on section 3
(and 7.1 Normative References).
3. MIB.
Fixed MIB nits.
4. Added text about the expected persistency behaviour of the
read-write objects in the corresponding DESCRIPTION clauses.
syslogDefaultTransport
syslogDefaultService
syslogDefaultFacility
syslogDefaultSeverity
5. Replaced
syslogDefaultTransport OBJECT-TYPE
SYNTAX TransportAddressType
and
syslEntCtlTransport OBJECT-TYPE
SYNTAX TransportAddressType
by
syslogDefaultTransportDomain OBJECT-TYPE
SYNTAX TransportDomain
syslogEntityControlTransportDomain OBJECT-TYPE
SYNTAX TransportDomain
6. Changed the ordering of
syslEntOpsTable ::= { syslogDevice 1 }
syslEntCtlTable ::= { syslogDevice 2 }
to
Glenn M. Keeni. Expires: July 16, 2007 [Page 40]
�
Internet Draft syslogMIB January 2007
syslogEntityControlTable ::= { syslogEntity 1 }
syslogEntityOperationsTable ::= { syslogEntity 2 }
7. The tree structure is changed
from
syslogSystem OBJECT IDENTIFIER
::= { syslogMIB 1 }
syslogDevice OBJECT IDENTIFIER
::= { syslogMIB 2 }
to,
syslogObjects OBJECT IDENTIFIER
::= { syslogMIB 1 }
syslogSystem OBJECT IDENTIFIER
::= { syslogObjects 1 }
syslogEntity OBJECT IDENTIFIER
::= { syslogObjects 2 }
8. syslogEntityOperationsEntry AUGMENTS { syslogEntityControlEntry }
9. Added
syslogEntityOperationsCounterDiscontinuityTime OBJECT-TYPE
to indicate whether
'syslogEntityOperationsMsgsReceived' or
'syslogEntityOperationsMsgsRelayed' or
'syslogEntityOperationsMsgsDropped' or
'syslogEntityOperationsMsgsIllFormed' or
'syslogEntityOperationsMsgsIgnored' suffered a
discontinuity.
Revised the DESCRIPTION of the above Objects.
10. Changed all references of "syslog process", "syslog device" to
"syslog entity".
11. Changed syntax of syslogEntityOperationsReference from
syslEntOpsReference OBJECT-TYPE
SYNTAX Integer32
to
Glenn M. Keeni. Expires: July 16, 2007 [Page 41]
�
Internet Draft syslogMIB January 2007
syslogEntityOperationsReference OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
12. Revised the DESCRIPTION clauses of
syslogEntityControlTable
syslogEntityOperationsReference
syslogEntityControlBindAddrType
syslogEntityControlBindAddr
syslogEntityControlTransportDomain
syslogEntityControlService
syslogEntityControlConfFileName
syslogEntityControlStatus
syslogEntityControlRowStatus
syslogEntityOperationsTable
syslogEntityControlTable
syslogEntityOperationsMsgsDropped
syslogEntityOperationsReference
syslogEntityControlEntry
13. Added DEFVAL { nonVolatile } to syslogEntityControlStorageType
14. Merged the NOTIFICATIONs
syslEntStarted
syslEntStopped
into syslogEntityStatusChanged
15. Overhauled the syslogCompliance tree
16. idnits fixed.
17. IANA considerations section revised.
17. Labels and Captions in figure 1 are revised.
18. Revised DESCRIPTION clauses of
SyslogSeverity
syslogDefaultFacility
syslogDefaultSeverity
19. syslogDefaultMaxMessageSize is deleted
revised the DESCRIPTION of syslogEntityControlMaxMessageSize
20. editorial fixes
The changes upto draft-ietf-syslog-device-mib-9.txt are documented
Glenn M. Keeni. Expires: July 16, 2007 [Page 42]
�
Internet Draft syslogMIB January 2007
below in the form of MIB Revision clauses.
REVISION "200609040000Z" -- 9th September 2006
DESCRIPTION
"
o The draft has been aligned with the current
standards track documents syslog-protocol-17.txt
and syslog-transport-udp-07.txt: the REFERNCE
clauses have changed.
o The TEXTUAL-CONVENTION SyslogTransport has been
replaced by the TransportAddressType.
o The TEXTUAL-CONVENTION SyslogFacility and
SyslogSeverity have been aligned with
syslog-protocol-17.txt
o A paragraph has been added to list the related
MIBs from which MOS and TEXTUAL-CONVENTIONs have
been imported.
o The target of this MIB is now called a syslog
entity. [ Earlier it was referred to as a syslog
device.] The prefix syslDev has been changed to
syslEnt
o The DEFVALS have been aligned with the reference
documents.
o The REFERENCE section has been updated.
o The OID for syslogConformance has been changed
from 4 to 3.
"
REVISION "200607250000Z" -- 25th July 2006
DESCRIPTION
"the internet draft's version number has
been changed (7->8).
"
REVISION "200511250000Z" -- 25th November 2005
DESCRIPTION
"A near complete overhaul of the MIB and the document.
The BSD-syslog flavor has been abandoned in favor of a
more generic syslog-protocol document that is under
preparation.
TBD. The reference clauses need to be redone once the
new syslog document is ready.
List of authors changed. Original draft author Bruno
Pape is acknowledged in the Acknowledgments section.
Glenn M. Keeni. Expires: July 16, 2007 [Page 43]
�
Internet Draft syslogMIB January 2007
Editorial nits fixed.
"
REVISION "200406160000Z" -- Mon Feb 16 00:00 GMT 2004
DESCRIPTION
"Major change.
The configuration parts have been removed.
Updated the description clauses.
Editorial nits fixed.
"
REVISION "200306250000Z" -- Wed June 25 00:00 GMT 2003
DESCRIPTION
"Changed the type of
syslogProcLastError SnmpAdminString,
from Integer32.
DEFVAL { 0 ] is added to syslogAllowedHostsMaskLen
MO name changed from
syslogCtlSelectionHostname to syslogCtlSelectionHostName
Updated the description clauses.
Fixed nits pointed out in Bert's mails of 20030319 and
revised the document wrt the guidelines in
draft-ietf-ops-mib-review-guidelines-01.txt
Editorial nits fixed.
"
REVISION "200303030000Z" -- Mon March 03 00:00 GMT 2003
DESCRIPTION
"Fixing of nits in descriptions, addition of references,
addition of the following MOs
syslogProcMsgsIllFormed Counter32,
syslogProcStartTime TimeStamp,
syslogProcLastError Integer32,
syslogProcLastErrorTime TimeStamp,
syslDevCtlStorageType StorageType,
syslogCtlFwdActionSrcAddrType InetAddressType,
syslogCtlFwdActionSrcAddr InetAddress,
added enumeration ''suspended(2)'' to
Glenn M. Keeni. Expires: July 16, 2007 [Page 44]
�
Internet Draft syslogMIB January 2007
syslDevCtlStatus.
"
REVISION "200212252343Z" -- Wed December 25 23:43 GMT 2002
DESCRIPTION
"Radical revision of the MIB structure and design."
REVISION "200206061841Z" -- Thu Jun 6 18:41 GMT 2002
DESCRIPTION
"The initial version of this MIB module."
Glenn M. Keeni. Expires: July 16, 2007 [Page 45]
�
_______________________________________________
Syslog mailing list
Syslog@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/syslog