Syslog Working Group Glenn Mansfield Keeni INTERNET-DRAFT Cyber Solutions Inc. Intended Status: Proposed Standard Expires: November 15, 2007 May 16, 2007 Textual Conventions for Syslog Management See RFC2579 Status of this Memo By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This document is a product of the syslog Working Group. Comments should be addressed to the authors or the mailing list at syslog@ietf.org This Internet-Draft will expire on November 15, 2007. Copyright Notice Copyright (C) The IETF Trust (2007). Glenn M. Keeni. Expires: November 15, 2007 [Page 1] Internet Draft syslogMIB-TC May 2007 Abstract This MIB module defines textual conventions to represent facility and severity information commonly used in syslog messages. The intent is that these textual conventions will be imported and used in MIB modules that would otherwise define their own representations. Table of Contents 1. The Internet-Standard Management Framework .... 3 2. Background .................................... 3 3. The Syslog Textual Conventions MIB ............ 4 4. Security Considerations ....................... 8 5. IANA Considerations ........................... 8 6. References .................................... 9 7 Acknowledgments ............................... 10 8. Author's Addresses ............................ 10 9. Full Copyright Statement ...................... 11 Appendix ...................................... 13 Glenn M. Keeni. Expires: November 15, 2007 [Page 2] Internet Draft syslogMIB-TC May 2007 1. The Internet-Standard Management Framework For a detailed overview of the documents that describe the current Internet-Standard Management Framework, please refer to section 7 of RFC 3410 [RFC3410]. Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. MIB objects are generally accessed through the Simple Network Management Protocol (SNMP). Objects in the MIB are defined using the mechanisms defined in the Structure of Management Information (SMI). This memo specifies a MIB module that is compliant to the SMIv2, which is described in STD 58, RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580 [RFC2580]. 2. Background Operating systems, processes and applications, collectively termed "facilities" in the following, generate messages indicating their own status or the occurrence of events. These messages have come to be known as syslog messages. A syslog message in general will contain among other things a code representing the facility that generated the message and a code representing the the severity of the message. This document defines a set of TEXTUAL CONVENTIONS (TCs) that can be used to represent facility and severity codes commonly used in syslog messages. Glenn M. Keeni. Expires: November 15, 2007 [Page 3] Internet Draft syslogMIB-TC May 2007 3. The Syslog Textual Conventions MIB SYSLOG-TC-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, mib-2 FROM SNMPv2-SMI -- [RFC2578] TEXTUAL-CONVENTION FROM SNMPv2-TC; -- [RFC2579] syslogTCMIB MODULE-IDENTITY LAST-UPDATED "200705160000Z" -- 16th May, 2007 ORGANIZATION "IETF Syslog Working Group" CONTACT-INFO " Glenn Mansfield Keeni Postal: Cyber Solutions Inc. 6-6-3, Minami Yoshinari Aoba-ku, Sendai, Japan 989-3204. Tel: +81-22-303-4012 Fax: +81-22-303-4015 E-mail: glenn@cysols.com Support Group E-mail: syslog@ietf.org " DESCRIPTION "The MIB module containing textual conventions for syslog messages. Copyright (C) The IETF Trust (2007). This version of this MIB module is part of RFC XXXX; see the RFC itself for full legal notices. " -- RFC Ed.: replace XXXX with the actual RFC number & remove this -- note Glenn M. Keeni. Expires: November 15, 2007 [Page 4] Internet Draft syslogMIB-TC May 2007 REVISION "200705160000Z" -- 16th May, 2007 DESCRIPTION "The initial version, published as RFC XXXX." -- RFC Ed.: replace XXXX with the actual RFC number & remove this -- note ::= { mib-2 YYYY } -- Will be assigned by IANA -- IANA Reg.: Please assign a value for "YYYY" under the -- 'mib-2' subtree and record the assignment in the SMI -- Numbers registry. -- RFC Ed.: When the above assignment has been made, please -- remove the above note -- replace "YYYY" here with the assigned value and -- remove this note. -- ------------------------------------------------------------- -- Textual Conventions -- ------------------------------------------------------------- Glenn M. Keeni. Expires: November 15, 2007 [Page 5] Internet Draft syslogMIB-TC May 2007 SyslogFacility ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "This textual convention enumerates the facilities that originate syslog messages. The value noMap(99) indicates that the appropriate facility will be provided by the syslog application on the managed entity. If this option is not available on a particular entity, attempts to set the facility to this value will fail with an error-status of wrongValue. " REFERENCE "The Syslog Protocol [RFCPROT] sec. 6.2.1 (Table 1). " SYNTAX INTEGER { kernel (0), -- kernel messages user (1), -- user-level messages mail (2), -- mail system messages daemon (3), -- system daemons' messages auth1 (4), -- security/authorization messages syslog (5), -- messages generated internally by -- syslogd lpr (6), -- line printer subsystem messages news (7), -- network news subsystem messages uucp (8), -- UUCP subsystem messages cron1 (9), -- clock daemon messages auth2 (10),-- security/authorization messages ftp (11),-- ftp daemon messages ntp (12),-- NTP subsystem messages logAudit (13),-- log audit messages logAlert (14),-- log alert messages cron2 (15),-- clock daemon messages local0 (16), local1 (17), local2 (18), local3 (19), local4 (20), local5 (21), local6 (22), local7 (23), noMap (99) } Glenn M. Keeni. Expires: November 15, 2007 [Page 6] Internet Draft syslogMIB-TC May 2007 SyslogSeverity ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "This textual convention enumerates the severity levels of syslog messages. " REFERENCE "The Syslog Protocol [RFCPROT] sec. 6.2.1 (Table 2) " SYNTAX INTEGER { emergency (0), -- system is unusable alert (1), -- action must be taken immediately critical (2), -- critical condition error (3), -- error condition warning (4), -- warning condition notice (5), -- normal but significant condition info (6), -- informational message debug (7) -- debug-level messages } END Glenn M. Keeni. Expires: November 15, 2007 [Page 7] Internet Draft syslogMIB-TC May 2007 4. Security Considerations This module does not define any management objects. Instead, it defines a set of textual conventions which may be used by other MIB modules to define management objects. Meaningful security considerations can only be written in the MIB modules that define management objects. This document has therefore no impact on the security of the Internet. 5. IANA Considerations The MIB modules in this document use the following IANA-assigned OBJECT IDENTIFIER values recorded in the SMI Numbers registry: Descriptor OBJECT IDENTIFIER value ---------- ----------------------- syslogTCMIB { mib-2 YYYY } IANA Reg.: Please assign a value under the 'mib-2' subtree for the 'syslogTCMIB' MODULE-IDENTITY and record the assignment in the SMI Numbers registry. RFC Ed.: When the above assignments have been made, please - remove the above note - replace "YYYY" here with the assigned values and - remove this note. Glenn M. Keeni. Expires: November 15, 2007 [Page 8] Internet Draft syslogMIB-TC May 2007 6. References 6.1 Normative References [RFC2578] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., and S. Waldbusser, "Structure of Management Information Version 2 (SMIv2)", STD 58, RFC 2578, April 1999 [RFC2579] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., and S. Waldbusser, "Textual Conventions for SMIv2", STD 58, RFC 2579, April 1999 [RFC2580] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., and S. Waldbusser, "Conformance Statements for SMIv2", STD 58, RFC 2580, April 1999 [RFCPROT] Gerhards, R., "The syslog Protocol", draft-ietf-syslog-protocol-20.txt, work in progress, June 2006. 6.2 Informative References [RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, "Introduction and Applicability Statements for the Internet-Standard Management Framework", RFC 3410, December 2002. Note: The string "PROT" in this document will be replaced by the RFC numbers assigned to the latest version of draft-ietf-syslog-protocol-*.txt and this note will be removed. Glenn M. Keeni. Expires: November 15, 2007 [Page 9] Internet Draft syslogMIB-TC May 2007 7. Acknowledgments This document is a product of the Syslog Working Group. 8. Author's Addresses Glenn Mansfield Keeni Cyber Solutions Inc. 6-6-3 Minami Yoshinari Aoba-ku, Sendai 989-3204 Japan Phone: +81-22-303-4012 EMail: glenn@cysols.com Glenn M. Keeni. Expires: November 15, 2007 [Page 10] Internet Draft syslogMIB-TC May 2007 9. Full Copyright Statement Copyright (C) The IETF Trust (2007). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Glenn M. Keeni. Expires: November 15, 2007 [Page 11] Internet Draft syslogMIB-TC May 2007 Intellectual Property The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79. Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org. Acknowledgment Funding for the RFC Editor function is provided by the IETF Administrative Support Activity (IASA). Glenn M. Keeni. Expires: November 15, 2007 [Page 12] Internet Draft syslogMIB-TC May 2007 APPENDIX This section documents the development of the draft. It will be deleted when the draft becomes an RFC. Revision History: NIL. Glenn M. Keeni. Expires: November 15, 2007 [Page 13]