idnits 2.17.1 draft-ietf-disman-notif-log-mib-04.txt: ** The Abstract section seems to be numbered Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- ** Missing expiration date. The document expiration date should appear on the first and last page. ** The document seems to lack a 1id_guidelines paragraph about Internet-Drafts being working documents. ** The document seems to lack a 1id_guidelines paragraph about 6 months document validity -- however, there's a paragraph with a matching beginning. Boilerplate error? ** The document seems to lack a 1id_guidelines paragraph about the list of current Internet-Drafts. ** The document seems to lack a 1id_guidelines paragraph about the list of Shadow Directories. == No 'Intended status' indicated for this document; assuming Proposed Standard Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) ** The document seems to lack separate sections for Informative/Normative References. All references will be assumed normative when checking for downward references. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the RFC 3978 Section 5.4 Copyright Line does not match the current year == Line 908 has weird spacing: '...for the purpo...' == The document doesn't use any RFC 2119 keywords, yet seems to have RFC 2119 boilerplate text. -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (12 October 1998) is 9327 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Obsolete normative reference: RFC 2271 (ref. '1') (Obsoleted by RFC 2571) ** Downref: Normative reference to an Informational RFC: RFC 1215 (ref. '4') ** Obsolete normative reference: RFC 1902 (ref. '5') (Obsoleted by RFC 2578) ** Obsolete normative reference: RFC 1903 (ref. '6') (Obsoleted by RFC 2579) ** Obsolete normative reference: RFC 1904 (ref. '7') (Obsoleted by RFC 2580) ** Downref: Normative reference to an Historic RFC: RFC 1157 (ref. '8') ** Downref: Normative reference to an Historic RFC: RFC 1901 (ref. '9') ** Obsolete normative reference: RFC 1906 (ref. '10') (Obsoleted by RFC 3417) ** Obsolete normative reference: RFC 2272 (ref. '11') (Obsoleted by RFC 2572) ** Obsolete normative reference: RFC 2274 (ref. '12') (Obsoleted by RFC 2574) ** Obsolete normative reference: RFC 1905 (ref. '13') (Obsoleted by RFC 3416) ** Obsolete normative reference: RFC 2273 (ref. '14') (Obsoleted by RFC 2573) ** Obsolete normative reference: RFC 2275 (ref. '15') (Obsoleted by RFC 2575) Summary: 22 errors (**), 0 flaws (~~), 4 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 Internet Draft Notification Log MIB 12 October 1998 3 Notification Log MIB 5 12 October 1998 7 draft-ietf-disman-notif-log-mib-04.txt 9 Bob Stewart 10 Cisco Systems, Inc. 11 bstewart@cisco.com 13 Status of this Memo 15 This document is an Internet-Draft. Internet-Drafts are working 16 documents of the Internet Engineering Task Force (IETF), its areas, and 17 its working groups. Note that other groups may also distribute working 18 documents as Internet-Drafts. 20 Internet-Drafts are draft documents valid for a maximum of six months 21 and may be updated, replaced, or obsoleted by other documents at any 22 time. It is inappropriate to use Internet- Drafts as reference material 23 or to cite them other than as ``work in progress.'' 25 To view the entire list of current Internet-Drafts, please check the 26 "1id-abstracts.txt" listing contained in the Internet-Drafts Shadow 27 Directories on ftp.is.co.za (Africa), ftp.nordu.net (Northern Europe), 28 ftp.nis.garr.it (Southern Europe), munnari.oz.au (Pacific Rim), 29 ftp.ietf.org (US East Coast), or ftp.isi.edu (US West Coast). 31 Distribution of this document is unlimited. Please send comments to the 32 Distributed Management Working Group, . 34 Copyright Notice 36 Copyright (C) The Internet Society (1998). All Rights Reserved. 38 1. Abstract 40 This memo defines an experimental portion of the Management Information 41 Base (MIB) for use with network management protocols in the Internet 42 community. In particular, it describes managed objects used for logging 43 SNMP Notifications. 45 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 46 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 47 document are to be interpreted as described in RFC 2119. 49 2. The SNMP Management Framework 51 The SNMP Management Framework presently consists of five major 52 components: 54 o An overall architecture, described in RFC 2271 [1]. 56 o Mechanisms for describing and naming objects and events for the 57 purpose of management. The first version of this Structure of 58 Management Information (SMI) is called SMIv1 and described in 59 RFC 1155 [2], RFC 1212 [3] and RFC 1215 [4]. The second version, 60 called SMIv2, is described in RFC 1902 [5], RFC 1903 [6] and RFC 61 1904 [7]. 63 o Message protocols for transferring management information. The 64 first version of the SNMP message protocol is called SNMPv1 and 65 described in RFC 1157 [8]. A second version of the SNMP message 66 protocol, which is not an Internet standards track protocol, is 67 called SNMPv2c and described in RFC 1901 [9] and RFC 1906 [10]. 68 The third version of the message protocol is called SNMPv3 and 69 described in RFC 1906 [10], RFC 2272 [11] and RFC 2274 [12]. 71 o Protocol operations for accessing management information. The 72 first set of protocol operations and associated PDU formats is 73 described in RFC 1157 [8]. A second set of protocol operations 74 and associated PDU formats is described in RFC 1905 [13]. 76 o A set of fundamental applications described in RFC 2273 [14] and 77 the view-based access control mechanism described in RFC 2275 78 [15]. 80 Managed objects are accessed via a virtual information store, termed the 81 Management Information Base or MIB. Objects in the MIB are defined 82 using the mechanisms defined in the SMI. 84 This memo specifies a MIB module that is compliant to the SMIv2. A MIB 85 conforming to the SMIv1 can be produced through the appropriate 86 translations. The resulting translated MIB must be semantically 87 equivalent, except where objects or events are omitted because no 88 translation is possible (use of Counter64). Some machine readable 89 information in SMIv2 will be converted into textual descriptions in 90 SMIv1 during the translation process. However, this loss of machine 91 readable information is not considered to change the semantics of the 92 MIB. 94 3. Overview 96 Systems that support SNMP often need a mechanism for recording 97 Notification information as a hedge against lost Notifications, whether 98 those are Traps or Informs that exceed retransmission limits. This MIB 99 therefore provides common infrastructure for other MIBs in the form of a 100 local logging function. It is intended primarily for senders of 101 Notifications but could be used also by receivers. 103 Given the Notification Log MIB, individual MIBs bear less responsibility 104 to record the transient information associated with an event against the 105 possibility that the Notification message is lost, and applications can 106 poll the log to know that they have not missed important Notifications 107 or to suspect that they might have. 109 3.1. Environment 111 The overall environmental concerns for the MIB are: 113 o SNMP Engines and Contexts 115 o Security 117 3.1.1. SNMP Engines and Contexts 119 As described in the SNMPv3 architecture [1], a given system may support 120 multiple SNMP engines operating independently of one another, each with 121 its own SNMP engine identification. Furthermore, within the perview of 122 a given engine there may be multiple named management contexts 123 supporting overlapping or disjoint sets of MIB objects and 124 Notifications. Thus understanding a particular Notification requires 125 knowing the SNMP engine and management context from whence it came. 127 The simplest system may have only one SNMP engine, and the simplest 128 engine may support only one context. In these cases, knowledge of the 129 engine ID and context name can be assumed and need not be explicit. 131 In a given implementation, an instance of the Notification Log MIB may 132 be confined to a single engine or context or may combine information 133 from multiple engines or contexts, allowing for the full range of 134 exclusive or inclusive contents. 136 To provide the necessary source information for a logged Notification, 137 the MIB includes objects to record that Notification's source SNMP 138 engine ID and management context name. In the case where such 139 information can be assumed, the related object need not be instantiated, 140 thus allowing the simplest implemenetation for the simplest system. 142 3.1.2. Security 144 Security for Notifications is awkward since access control for the 145 objects in the Notification can be checked only where the Notification 146 is created. Thus such checking is possible only for locally-generated 147 Notifications, and even then only when security credentials are 148 available. 150 The Notification Log MIB has the notion of a "named log." By using 151 hierarchically structured log names and view-based access control a 152 network administrator can provide different access for different users. 153 When an application creates a named log the security credentials of the 154 creator stay associated with that log. 156 A managed system with fewer resources may not allow the creation of 157 named logs, providing only the default, null-named log. Such a log has 158 no implicit security credentials for Notification object access control. 160 When putting locally-generated Notifications into a named log, the 161 managed system uses the security credentials associated with that log 162 and applies the same access control rules as described for a 163 Notification generator in [14]. 165 When putting remotely-generated Notifications into a named log or any 166 Notifications into the default, null-named log, the managed system does 167 not apply access control to the Notifications. In those cases the 168 security of the information in the log is left to the normal, overall 169 access control for the log itself. 171 3.2. Structure 173 The MIB has the following sections: 175 o Configuration -- control over how much the log can hold and what 176 Notifications are to be logged. 178 o Statistics -- indications of logging activity. 180 o Log -- the Notifications themselves. 182 3.2.1. Configuration 184 The configuration section contains objects to manage resource use by the 185 MIB in units of either bytes or entries. 187 This section also contains a table that uses the initial index 188 (snmpNotifyFilterName) from the snmpNotifyFilterTable in the standard 189 SNMP Notification MIB, using those filters to provide a means of 190 deciding which Notifications are to be logged. 192 3.2.2. Statistics 194 The statistics section contains counters for Notifications logged and 195 discarded, supplying a means to understand the results of log capacity 196 configuration. 198 3.2.3. Log 200 The log contains the Notifications and the objects that came in their 201 variable binding list, indexed by an integer that reflects when the 202 entry was made. An application that wants to collect all logged 203 Notifications or to know if it may have missed any can keep track of the 204 highest index it has retrieved and start from there on its next poll, 205 checking sysUpTime for a discontinuity that would have reset the index 206 and perhaps have lost entries. 208 Variables are in a table indexed by Notification index and variable 209 index within that Notification. The values are kept as a "discriminated 210 union," with one value object per variable. Exactly which value object 211 is instantiated depends on the SNMP data type of the variable, with a 212 separate object of appropriate type for each distinct SNMP data type. 214 An application can thus reconstruct the information from the 215 Notification PDU from what is recorded in the log. 217 4. Definitions 219 NOTIFICATION-LOG-MIB DEFINITIONS ::= BEGIN 221 IMPORTS 222 MODULE-IDENTITY, OBJECT-TYPE, 223 experimental, Integer32, Unsigned32, 224 TimeTicks, Counter32, Counter64, 225 IpAddress FROM SNMPv2-SMI 226 TimeStamp, TruthValue, 227 StorageType FROM SNMPv2-TC 228 SnmpAdminString, SnmpEngineID FROM SNMP-FRAMEWORK-MIB 229 MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF; 231 notificationLogMIB MODULE-IDENTITY 232 LAST-UPDATED "9810121700Z" 233 ORGANIZATION "IETF Distributed Management Working Group" 234 CONTACT-INFO "Bob Stewart 235 Cisco Systems, Inc. 236 170 West Tasman Drive, 237 San Jose CA 95134-1706. 238 Phone: +1 408 526 4527 239 Email: bstewart@cisco.com" 240 DESCRIPTION 241 "The MIB module for logging SNMP Notifications, that is, Traps 242 and Informs." 243 ::= { experimental xx } 245 notificationLogMIBObjects OBJECT IDENTIFIER ::= { notificationLogMIB 1 } 247 nlmConfig OBJECT IDENTIFIER ::= { notificationLogMIBObjects 1 } 248 nlmStats OBJECT IDENTIFIER ::= { notificationLogMIBObjects 2 } 249 nlmLog OBJECT IDENTIFIER ::= { notificationLogMIBObjects 3 } 251 -- 252 -- Configuration Section 253 -- 255 nlmConfigDataLimitUnits OBJECT-TYPE 256 SYNTAX INTEGER { notifications(1), bytes(2) } 257 MAX-ACCESS read-write 258 STATUS current 259 DESCRIPTION 260 "The units for nlmConfigGlobalDataLimit and 261 nlmConfigLogDataLimit. See nlmConfigGlobalDataLimit for further 262 details. 264 Implementations may allow choice of unit types or may chose 265 either unit type and not allow it to be changed." 266 ::= { nlmConfig 1 } 268 nlmConfigGlobalDataLimit OBJECT-TYPE 269 SYNTAX Unsigned32 270 MAX-ACCESS read-write 271 STATUS current 272 DESCRIPTION 273 "The maximum number of notifications or bytes that can be held 274 in nlmLogTable for all nlmLogNames added together. A particular 275 setting does not guarantee that much data can be held. 277 If an application changes the limit while there are 278 Notifications in the log, the oldest Notifications are discarded 279 to bring the log down to the new limit. 281 Measuring in bytes is not necessarily subject to exact external 282 calculations as to what will fit, as the implementation may or 283 may not include internal overhead and is free to use any 284 internal incoding. 286 Implementations may choose a limit and not allow it to be 287 changed or may enforce an upper bound on the limit. Unless 288 the managed system chooses otherwise, the default value is 289 4294967295." 290 ::= { nlmConfig 2 } 292 -- 293 -- Notify Table Logging Control Table 294 -- 296 nlmConfigLogControlTable OBJECT-TYPE 297 SYNTAX SEQUENCE OF NlmConfigLogControlEntry 298 MAX-ACCESS not-accessible 299 STATUS current 300 DESCRIPTION 301 "A table of logging control entries. 302 ::= { nlmConfig 3 } 304 nlmConfigLogControlEntry OBJECT-TYPE 305 SYNTAX NlmConfigLogControlEntry 306 MAX-ACCESS not-accessible 307 STATUS current 308 DESCRIPTION 309 "A logging control entry. Depending on the entry's storage type 310 entries may be supplied by the system or created and deleted by 311 applications using nlmConfigLogControlStatus." 312 INDEX { nlmLogName } 313 ::= { nlmConfigNotifyTable 1 } 315 NlmConfigLogControlEntry ::= SEQUENCE { 316 nlmLogName SnmpAdminString, 317 nlmConfigLogControlFilterName SnmpAdminString, 318 nlmConfigLogControlDataLimit Unsigned32, 319 nlmConfigLogControlStorageType StorageType, 320 nlmConfigLogControlStatus RowStatus 321 } 323 nlmLogName OBJECT-TYPE 324 SYNTAX SnmpAdminString (SIZE(0..32)) 325 MAX-ACCESS not-accessible 326 STATUS current 327 DESCRIPTION 328 "The name of the log. 330 An implementation may allow multiple named logs, up to some 331 implementation-specific limit (which may be none). A 332 zero-length log name is reserved for creation and deletion by 333 the managed system, and is used as the default log name by 334 systems that do not support named logs." 335 ::= { nlmConfigLogControlEntry 1 } 337 nlmConfigLogControlFilterName OBJECT-TYPE 338 SYNTAX SnmpAdminString (SIZE(0..32)) 339 MAX-ACCESS read-create 340 STATUS current 341 DESCRIPTION 342 "A value of snmpNotifyFilterProfileName from the SNMP 343 Notification MIB, specifying the Notifications to be 344 filtered out and not logged in this named log. 346 A zero-length value indicates no Notifications are to 347 be logged in this named log." 348 DEFVAL { ''H } 349 ::= { nlmConfigLogControlEntry 2 } 351 nlmConfigLogControlDataLimit OBJECT-TYPE 352 SYNTAX Unsigned32 353 MAX-ACCESS read-create 354 STATUS current 355 DESCRIPTION 356 "The maximum number of notifications or bytes that can be held 357 in nlmLogTable for this named log. A particular setting does 358 not guarantee that much data can be held. 360 If an application changes the limit while there are 361 Notifications in the log, the oldest Notifications are discarded 362 to bring the log down to the new limit. 364 Measuring in bytes is not necessarily subject to exact external 365 calculations as to what will fit, as the implementation may or 366 may not include internal overhead and is free to use any 367 internal incoding. 369 Implementations may choose a limit and not allow it to be 370 changed or may enforce an upper bound on the limit." 371 DEFVAL { 4294967295 } 372 ::= { nlmConfigLogControlEntry 3 } 374 nlmConfigLogControlStorageType OBJECT-TYPE 375 SYNTAX StorageType 376 MAX-ACCESS read-create 377 STATUS current 378 DESCRIPTION 379 "The storage type of this conceptual row." 380 ::= { nlmConfigLogControlEntry 4 } 382 nlmConfigLogControlStatus OBJECT-TYPE 383 SYNTAX RowStatus 384 MAX-ACCESS read-create 385 STATUS current 386 DESCRIPTION 387 "Control for creating and deleting entries. Entries may be 388 modified while active. 390 For non-null-named logs, the managed system records the security 391 credentials from the request that sets nlmConfigLogControlStatus 392 to 'active' and uses that identity to apply access control to 393 the objects in the Notification to decide if that Notification 394 may be logged." 395 DEFVAL { createAndWait } 396 ::= { nlmConfigLogControlEntry 5 } 398 -- 399 -- Statisitics Section 400 -- 402 nlmStatsGlobalNotificationsLogged OBJECT-TYPE 403 SYNTAX Counter32 404 UNITS "notifications" 405 MAX-ACCESS read-only 406 STATUS current 407 DESCRIPTION 408 "The number of Notifications put in the nlmLogTable." 409 ::= { nlmStats 1 } 411 nlmStatsGlobalNotificationsDiscarded OBJECT-TYPE 412 SYNTAX Counter32 413 UNITS "notifications" 414 MAX-ACCESS read-only 415 STATUS current 416 DESCRIPTION 417 "The number of log entries discarded to make room for a new 418 entry or because of a change in nlmConfigGlobalDataLimitUnits, 419 nlmConfigGlobalDataLimit, or nlmConfigLogControlDataLimit." 420 ::= { nlmStats 2 } 422 -- 423 -- Log Statistics Table 424 -- 426 nlmStatsLogTable OBJECT-TYPE 427 SYNTAX SEQUENCE OF NlmStatsLogEntry 428 MAX-ACCESS not-accessible 429 STATUS current 430 DESCRIPTION 431 "A table of Notification log statistics entries." 432 ::= { nlmStats 3 } 434 nlmStatsLogEntry OBJECT-TYPE 435 SYNTAX nlmStatsLogEntry 436 MAX-ACCESS not-accessible 437 STATUS current 438 DESCRIPTION 439 "A Notification log statistics entry." 440 AUGMENTS { nlmConfigLogTable } 441 ::= { nlmStatsLogTable 1 } 443 NlmStatsLogEntry ::= SEQUENCE { 444 nlmStatsLogNotificationsLogged Counter32, 445 nlmStatsLogNotificationsDiscarded Counter32 446 } 448 nlmStatsLogNotificationsLogged OBJECT-TYPE 449 SYNTAX Counter32 450 UNITS "notifications" 451 MAX-ACCESS read-only 452 STATUS current 453 DESCRIPTION 454 "The number of Notifications put in this named log." 455 ::= { nlmStatsLogEntry 1 } 457 nlmStatsLogNotificationsDiscarded OBJECT-TYPE 458 SYNTAX Counter32 459 UNITS "notifications" 460 MAX-ACCESS read-only 461 STATUS current 462 DESCRIPTION 463 "The number of log entries discarded from this named log to make 464 room for a new entry or because of a change in 465 nlmConfigGlobalDataLimitUnits, nlmConfigGlobalDataLimit, or 466 nlmConfigLogControlDataLimit." 467 ::= { nlmStatsLogEntry 2 } 469 -- 470 -- Log Section 471 -- 473 -- 474 -- Log Table 475 -- 477 nlmLogTable OBJECT-TYPE 478 SYNTAX SEQUENCE OF NlmLogEntry 479 MAX-ACCESS not-accessible 480 STATUS current 481 DESCRIPTION 482 "A table of Notification log entries. 484 It is an implementation-specific matter whether entries in this 485 table are preserved across initializations of the management 486 system. In general one would expect that they are not." 487 ::= { nlmLog 1 } 489 nlmLogEntry OBJECT-TYPE 490 SYNTAX NlmLogEntry 491 MAX-ACCESS not-accessible 492 STATUS current 493 DESCRIPTION 494 "A Notification log entry. 496 Entries appear in this table when Notifications occur and pass 497 filtering by nlmConfigLogControlFilterName and access control. 498 They are removed to make way for new entries or in response to 499 an application setting nlmConfigGlobalDataLimit, 500 nlmConfigGlobalDataLimitUnits, or nlmConfigLogDataLimit to 501 reduce capacity. 503 Before the managed system puts a locally-generated Notification 504 into a non-null-named log it assures that the creator of the log 505 has access to the information in the Notification. If not it 506 does not log that Notification in that log." 507 INDEX { nlmLogName, nlmLogIndex } 508 ::= { nlmLogTable 1 } 510 NlmLogEntry ::= SEQUENCE { 511 nlmLogIndex Unsigned32, 512 nlmLogTime TimeStamp, 513 nlmLogEngineID SnmpEngineID, 514 nlmLogContextName SnmpAdminString, 515 nlmLogVariables Unsigned32, 516 nlmLogNotificationID OBJECT IDENTIFIER 517 } 519 nlmLogIndex OBJECT-TYPE 520 SYNTAX Unsigned32 (1..4294967295) 521 MAX-ACCESS not-accessible 522 STATUS current 523 DESCRIPTION 524 "A monotonically increasing integer for the sole purpose of 525 indexing entries within the named log. When it reaches the 526 maximum value, an extremely unlikely event, the agent wraps the 527 value back to 1 and may flush existing entries." 528 ::= { nlmLogEntry 1 } 530 nlmLogTime OBJECT-TYPE 531 SYNTAX TimeStamp 532 MAX-ACCESS read-only 533 STATUS current 534 DESCRIPTION 535 "The value of sysUpTime when the entry occurred." 536 ::= { nlmLogEntry 2 } 538 nlmLogEngineID OBJECT-TYPE 539 SYNTAX SnmpEngineID 540 MAX-ACCESS read-only 541 STATUS current 542 DESCRIPTION 543 "The identification of the SNMP engine at which the Notification 544 originated. 546 If the log can contain Notifications from only one engine this 547 object need not be instantiated." 548 ::= { nlmLogEntry 3 } 550 nlmLogContextName OBJECT-TYPE 551 SYNTAX SnmpAdminString 552 MAX-ACCESS read-only 553 STATUS current 554 DESCRIPTION 555 "The name of the SNMP MIB context from which the Notification 556 came. 558 If the Notification's source SNMP engine does not support 559 multiple contexts, this object need not be instantiated." 560 ::= { nlmLogEntry 4 } 562 nlmLogVariables OBJECT-TYPE 563 SYNTAX Unsigned32 564 MAX-ACCESS read-only 565 STATUS current 566 DESCRIPTION 567 "The number of variables in nlmLogVariableTable for this 568 Notification." 569 ::= { nlmLogEntry 5 } 571 nlmLogNotificationID OBJECT-TYPE 572 SYNTAX OBJECT IDENTIFIER 573 MAX-ACCESS read-only 574 STATUS current 575 DESCRIPTION 576 "The NOTIFICATION-TYPE object identifer of the Notification that 577 occurred." 578 ::= { nlmLogEntry 6 } 580 -- 581 -- Log Variable Table 582 -- 584 nlmLogVariableTable OBJECT-TYPE 585 SYNTAX SEQUENCE OF NlmLogVariableEntry 586 MAX-ACCESS not-accessible 587 STATUS current 588 DESCRIPTION 589 "A table of variables to go with Notification log entries." 590 ::= { nlmLog 2 } 592 nlmLogVariableEntry OBJECT-TYPE 593 SYNTAX NlmLogVariableEntry 594 MAX-ACCESS not-accessible 595 STATUS current 596 DESCRIPTION 597 "A Notification log entry variable. 599 Entries appear in this table when there are variables in 600 the varbind list of a Notification in nlmLogTable." 601 INDEX { nlmLogName, nlmLogIndex, nlmLogVariableIndex } 602 ::= { nlmLogVariableTable 1 } 604 NlmLogVariableEntry ::= SEQUENCE { 605 nlmLogVariableIndex Unsigned32, 606 nlmLogVariableID OBJECT IDENTIFIER, 607 nlmLogVariableValueType INTEGER, 608 nlmLogVariableCounter32Val Counter32, 609 nlmLogVariableUnsigned32Val Unsigned32, 610 nlmLogVariableTimeTicksVal TimeTicks, 611 nlmLogVariableInteger32Val Integer32, 612 nlmLogVariableOctetStringVal OCTET STRING, 613 nlmLogVariableIpAddressVal IpAddress, 614 nlmLogVariableOidVal OBJECT IDENTIFIER, 615 nlmLogVariableCounter64Val Counter64 616 } 618 nlmLogVariableIndex OBJECT-TYPE 619 SYNTAX Unsigned32 (1..4294967295) 620 MAX-ACCESS not-accessible 621 STATUS current 622 DESCRIPTION 623 "A monotonically increasing integer, starting at 1 for a given 624 nlmLogIndex, for indexing variables within the logged 625 Notification." 626 ::= { nlmLogVariableEntry 1 } 628 nlmLogVariableID OBJECT-TYPE 629 SYNTAX OBJECT IDENTIFIER 630 MAX-ACCESS read-only 631 STATUS current 632 DESCRIPTION 633 "The variable's object identifier." 634 ::= { nlmLogVariableEntry 2 } 636 nlmLogVariableValueType OBJECT-TYPE 637 SYNTAX INTEGER { counter32(1), unsignedOrGauge32(2), 638 timeTicks(3), integer32(4), ipAddress(5), 639 octetString(6), objectId(7), counter64(8) } 640 MAX-ACCESS read-only 641 STATUS current 642 DESCRIPTION 643 "The type of the value. One and only one of the value 644 objects that follow is instantiated, based on this type." 645 ::= { nlmLogVariableEntry 3 } 647 nlmLogVariableCounter32Val OBJECT-TYPE 648 SYNTAX Counter32 649 MAX-ACCESS read-only 650 STATUS current 651 DESCRIPTION 652 "The value when nlmLogVariableType is 'counter32'." 653 ::= { nlmLogVariableEntry 4 } 655 nlmLogVariableUnsigned32Val OBJECT-TYPE 656 SYNTAX Unsigned32 657 MAX-ACCESS read-only 658 STATUS current 659 DESCRIPTION 660 "The value when nlmLogVariableType is 'unsignedOrGauge32'." 661 ::= { nlmLogVariableEntry 5 } 663 nlmLogVariableTimeTicksVal OBJECT-TYPE 664 SYNTAX TimeTicks 665 MAX-ACCESS read-only 666 STATUS current 667 DESCRIPTION 668 "The value when nlmLogVariableType is 'timeTicks'." 669 ::= { nlmLogVariableEntry 6 } 671 nlmLogVariableInteger32Val OBJECT-TYPE 672 SYNTAX Integer32 673 MAX-ACCESS read-only 674 STATUS current 675 DESCRIPTION 676 "The value when nlmLogVariableType is 'integer32'." 677 ::= { nlmLogVariableEntry 7 } 679 nlmLogVariableOctetStringVal OBJECT-TYPE 680 SYNTAX OCTET STRING 681 MAX-ACCESS read-only 682 STATUS current 683 DESCRIPTION 684 "The value when nlmLogVariableType is 'octetString'." 685 ::= { nlmLogVariableEntry 8 } 687 nlmLogVariableIpAddressVal OBJECT-TYPE 688 SYNTAX IpAddress 689 MAX-ACCESS read-only 690 STATUS current 691 DESCRIPTION 692 "The value when nlmLogVariableType is 'ipAddress'." 693 ::= { nlmLogVariableEntry 9 } 695 nlmLogVariableOidVal OBJECT-TYPE 696 SYNTAX OBJECT IDENTIFIER 697 MAX-ACCESS read-only 698 STATUS current 699 DESCRIPTION 700 "The value when nlmLogVariableType is 'objectId'." 701 ::= { nlmLogVariableEntry 10 } 703 nlmLogVariableCounter64Val OBJECT-TYPE 704 SYNTAX Counter64 705 MAX-ACCESS read-only 706 STATUS current 707 DESCRIPTION 708 "The value when nlmLogVariableType is 'counter64'." 709 ::= { nlmLogVariableEntry 11 } 711 -- 712 -- Conformance 713 -- 715 notificationLogMIBConformance OBJECT IDENTIFIER ::= 716 { notificationLogMIB 3 } 717 notificationLogMIBCompliances OBJECT IDENTIFIER ::= 718 { notificationLogMIBConformance 1 } 719 notificationLogMIBGroups OBJECT IDENTIFIER ::= 720 { notificationLogMIBConformance 2 } 722 -- Compliance 724 notificationLogMIBCompliance MODULE-COMPLIANCE 725 STATUS current 726 DESCRIPTION 727 "The compliance statement for entities which implement 728 the Notification Log MIB." 729 MODULE -- this module 730 MANDATORY-GROUPS { 731 notificationLogConfigGroup, 732 notificationLogStatsGroup, 733 notificationLogLogGroup 734 } 735 ::= { notificationLogMIBCompliances 1 } 737 -- Units of Conformance 739 notificationLogConfigGroup OBJECT-GROUP 740 OBJECTS { 741 nlmConfigGlobalDataLimitUnits, 742 nlmConfigGlobalDataLimit, 743 nlmConfigLogControlFilterName, 744 nlmConfigLogControlDataLimit, 745 nlmConfigLogControlStorageType, 746 nlmConfigLogControlStatus 747 } 748 STATUS current 749 DESCRIPTION 750 "Notification log configuration management." 751 ::= { notificationLogMIBGroups 1 } 753 notificationLogStatsGroup OBJECT-GROUP 754 OBJECTS { 755 nlmStatsGlobalNotificationsLogged, 756 nlmStatsGlobalNotificationsDiscarded, 757 nlmStatsLogNotificationsLogged, 758 nlmStatsLogNotificationsDiscarded 759 } 760 STATUS current 761 DESCRIPTION 762 "Notification log statistics." 763 ::= { notificationLogMIBGroups 2 } 765 notificationLogLogGroup OBJECT-GROUP 766 OBJECTS { 767 nlmLogTime, 768 nlmLogEngineID, 769 nlmLogContextName, 770 nlmLogVariables, 771 nlmLogNotificationID, 773 nlmLogVariableID, 774 nlmLogVariableValueType, 775 nlmLogVariableCounter32Val, 776 nlmLogVariableUnsigned32Val, 777 nlmLogVariableTimeTicksVal, 778 nlmLogVariableInteger32Val, 779 nlmLogVariableOctetStringVal, 780 nlmLogVariableIpAddressVal, 781 nlmLogVariableOidVal, 782 nlmLogVariableCounter64Val 783 } 784 STATUS current 785 DESCRIPTION 786 "Notification log data." 787 ::= { notificationLogMIBGroups 3 } 789 END 790 5. Intellectual Property 792 The IETF takes no position regarding the validity or scope of any 793 intellectual property or other rights that might be claimed to pertain 794 to the implementation or use of the technology described in this 795 document or the extent to which any license under such rights might or 796 might not be available; neither does it represent that it has made any 797 effort to identify any such rights. Information on the IETF's 798 procedures with respect to rights in standards-track and standards- 799 related documentation can be found in BCP-11. Copies of claims of 800 rights made available for publication and any assurances of licenses to 801 be made available, or the result of an attempt made to obtain a general 802 license or permission for the use of such proprietary rights by 803 implementors or users of this specification can be obtained from the 804 IETF Secretariat. 806 6. References 808 [1] Harrington, D., Presuhn, R. and B. Wijnen, "An Architecture for 809 Describing SNMP Management Frameworks", RFC 2271, Cabletron 810 Systems, Inc., BMC Software, Inc., IBM T. J. Watson Research, 811 January 1998. 813 [2] Rose, M. and K. McCloghrie, "Structure and Identification of 814 Management Information for TCP/IP-based Internets", RFC 1155, 815 Performance Systems International, Hughes LAN Systems, May 1990. 817 [3] Rose, M. and K. McCloghrie, "Concise MIB Definitions", RFC 1212, 818 Performance Systems International, Hughes LAN Systems, March 1991. 820 [4] M. Rose, "A Convention for Defining Traps for use with the SNMP", 821 RFC 1215, Performance Systems International, March 1991. 823 [5] Case, J., McCloghrie, K., Rose, M. and S. Waldbusser, "Structure of 824 Management Information for Version 2 of the Simple Network 825 Management Protocol (SNMPv2)", RFC 1902, SNMP Research,Inc., Cisco 826 Systems, Inc., Dover Beach Consulting, Inc., International Network 827 Services, January 1996. 829 [6] Case, J., McCloghrie, K., Rose, M. and S. Waldbusser, "Textual 830 Conventions for Version 2 of the Simple Network Management Protocol 831 (SNMPv2)", RFC 1903, SNMP Research, Inc., Cisco Systems, Inc., 832 Dover Beach Consulting, Inc., International Network Services, 833 January 1996. 835 [7] Case, J., McCloghrie, K., Rose, M. and S. Waldbusser, "Conformance 836 Statements for Version 2 of the Simple Network Management Protocol 837 (SNMPv2)", RFC 1904, SNMP Research, Inc., Cisco Systems, Inc., 838 Dover Beach Consulting, Inc., International Network Services, 839 January 1996. 841 [8] Case, J., Fedor, M., Schoffstall, M. and J. Davin, "Simple Network 842 Management Protocol", RFC 1157, SNMP Research, Performance Systems 843 International, Performance Systems International, MIT Laboratory 844 for Computer Science, May 1990. 846 [9] Case, J., McCloghrie, K., Rose, M. and S. Waldbusser, "Introduction 847 to Community-based SNMPv2", RFC 1901, SNMP Research, Inc., Cisco 848 Systems, Inc., Dover Beach Consulting, Inc., International Network 849 Services, January 1996. 851 [10] Case, J., McCloghrie, K., Rose, M. and S. Waldbusser, "Transport 852 Mappings for Version 2 of the Simple Network Management Protocol 853 (SNMPv2)", RFC 1906, SNMP Research, Inc., Cisco Systems, Inc., 854 Dover Beach Consulting, Inc., International Network Services, 855 January 1996. 857 [11] Case, J., Harrington D., Presuhn R. and B. Wijnen, "Message 858 Processing and Dispatching for the Simple Network Management 859 Protocol (SNMP)", RFC 2272, SNMP Research, Inc., Cabletron Systems, 860 Inc., BMC Software, Inc., IBM T. J. Watson Research, January 1998. 862 [12] Blumenthal, U. and B. Wijnen, "User-based Security Model (USM) for 863 version 3 of the Simple Network Management Protocol (SNMPv3)", RFC 864 2274, IBM T. J. Watson Research, January 1998. 866 [13] Case, J., McCloghrie, K., Rose, M. and S. Waldbusser, "Protocol 867 Operations for Version 2 of the Simple Network Management Protocol 868 (SNMPv2)", RFC 1905, SNMP Research, Inc., Cisco Systems, Inc., 869 Dover Beach Consulting, Inc., International Network Services, 870 January 1996. 872 [14] Levi, D., Meyer, P. and B. Stewart, "SNMPv3 Applications", RFC 873 2273, SNMP Research, Inc., Secure Computing Corporation, Cisco 874 Systems, January 1998 876 [15] Wijnen, B., Presuhn, R. and K. McCloghrie, "View-based Access 877 Control Model (VACM) for the Simple Network Management Protocol 878 (SNMP)", RFC 2275, IBM T. J. Watson Research, BMC Software, Inc., 879 Cisco Systems, Inc., January 1998. 881 7. Security Considerations 883 Security issues are discussed in the overview. 885 8. Author's Address 887 Bob Stewart 888 Cisco Systems, Inc. 889 170 West Tasman Drive 890 San Jose, CA 95134-1706 891 U.S.A. 893 Phone: +1 408 526 4527 894 Email: bstewart@cisco.com 896 9. Full Copyright Statement 898 Copyright (C) The Internet Society (1998). All Rights Reserved. 900 This document and translations of it may be copied and furnished to 901 others, and derivative works that comment on or otherwise explain it or 902 assist in its implementation may be prepared, copied, published and 903 distributed, in whole or in part, without restriction of any kind, 904 provided that the above copyright notice and this paragraph are included 905 on all such copies and derivative works. However, this document itself 906 may not be modified in any way, such as by removing the copyright notice 907 or references to the Internet Society or other Internet organizations, 908 except as needed for the purpose of developing Internet standards in 909 which case the procedures for copyrights defined in the Internet 910 Standards process must be followed, or as required to translate it into 911 languages other than English. 913 The limited permissions granted above are perpetual and will not be 914 revoked by the Internet Society or its successors or assigns. 916 This document and the information contained herein is provided on an "AS 917 IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK 918 FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT 919 LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT 920 INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR 921 FITNESS FOR A PARTICULAR PURPOSE. 923 Table of Contents 925 1 Abstract ........................................................ 2 926 2 The SNMP Management Framework ................................... 2 927 3 Overview ........................................................ 4 928 3.1 Environment ................................................... 4 929 3.1.1 SNMP Engines and Contexts ................................... 4 930 3.1.2 Security .................................................... 5 931 3.2 Structure ..................................................... 5 932 3.2.1 Configuration ............................................... 6 933 3.2.2 Statistics .................................................. 6 934 3.2.3 Log ......................................................... 6 935 4 Definitions ..................................................... 7 936 5 Intellectual Property ........................................... 20 937 6 References ...................................................... 21 938 7 Security Considerations ......................................... 23 939 8 Author's Address ................................................ 23 940 9 Full Copyright Statement ........................................ 24