Network Working Group J. Schoenwaelder
Internet-Draft Jacobs University Bremen
Intended status: Standards Track A. Clemm
Expires: May 7, 2009 A. Karmakar
Cisco Systems
November 3, 2008
Definitions of Managed Objects for Mapping SYSLOG Messages to Simple
Network Management Protocol (SNMP) Notifications
draft-schoenw-syslog-msg-mib-01.txt ($Rev: 2846 $)
Status of this Memo
By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
This Internet-Draft will expire on May 7, 2009.
Abstract
This memo defines a portion of the Management Information Base (MIB)
for use with network management protocols in the Internet community.
In particular, it defines a mapping of SYSLOG messages to Simple
Network Management Protocol (SNMP) notifications.
Schoenwaelder, et al. Expires May 7, 2009 [Page 1]
�
Internet-Draft SYSLOG-MSG-MIB November 2008
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. The Internet-Standard Management Framework . . . . . . . . . . 3
3. Conventions . . . . . . . . . . . . . . . . . . . . . . . . . 3
4. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
5. Relationship to Other MIB Modules . . . . . . . . . . . . . . 4
6. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 4
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 14
8. Security Considerations . . . . . . . . . . . . . . . . . . . 14
9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 16
9.1. Normative References . . . . . . . . . . . . . . . . . . . 16
9.2. Informative References . . . . . . . . . . . . . . . . . . 16
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 16
Intellectual Property and Copyright Statements . . . . . . . . . . 18
Schoenwaelder, et al. Expires May 7, 2009 [Page 2]
�
Internet-Draft SYSLOG-MSG-MIB November 2008
1. Introduction
SNMP [RFC3410] [RFC3411] and SYSLOG [I-D.ietf-syslog-protocol] are
two widely used protocols to communicate event notifications.
Although co-existence of several management protocols in one
operational environment is possible, certain environments require
that all event notifications are collected by a single system daemon
such as a SYSLOG collector or an SNMP notification receiver via a
single management protocol. In such environments, it is necessary to
translate event notifications between management protocols.
This document defines an SNMP MIB module to represent SYSLOG messages
and to send SYSLOG messages as SNMP notifications to SNMP
notification receivers.
2. The Internet-Standard Management Framework
For a detailed overview of the documents that describe the current
Internet-Standard Management Framework, please refer to section 7 of
RFC 3410 [RFC3410]
Managed objects are accessed via a virtual information store, termed
the Management Information Base or MIB. MIB objects are generally
accessed through the Simple Network Management Protocol (SNMP).
Objects in the MIB are defined using the mechanisms defined in the
Structure of Management Information (SMI). This memo specifies a MIB
module that is compliant to the SMIv2, which is described in STD 58,
RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580
[RFC2580] .
3. Conventions
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119].
4. Overview
SYSLOG messages are converted by a SYSLOG to SNMP converter. Such a
converter acts as a SYSLOG receiver [I-D.ietf-syslog-protocol] and
implements a MIB module according to the SNMP architecture [RFC3411].
The converter might be tighly coupled to an SNMP agent or it might
interface with an SNMP agent via a subagent protocol.
After initialization, the converter will listen for SYSLOG messages.
Schoenwaelder, et al. Expires May 7, 2009 [Page 3]
�
Internet-Draft SYSLOG-MSG-MIB November 2008
On receiving a message, the message will be parsed to extract
information as described in the MIB module. A conceptual table is
populated with information extracted from the SYSLOG message and
finally a notification may be generated.
5. Relationship to Other MIB Modules
The NOTIFICATION-LOG-MIB [RFC3014] provides a generic mechanism for
logging SNMP notifications in order to deal with lost SNMP
notifications, e.g., due to transient communication problems.
Applications can poll the notification log to verify that they have
not missed important SNMP notifications.
The MIB module defined in this memo provides a mechanism for logging
SYSLOG notifications. This additional SYSLOG notification log is
needed because (a) SYSLOG messages might not lead to SNMP
notification (this is configurable) and (b) SNMP notifications might
not carry all information associated with a SYSLOG notification.
The following MIB module IMPORTS objects from SNMPv2-SMI [RFC2578],
SNMPv2-TC [RFC2579], SNMPv2-CONF [RFC2580], SNMP-FRAMEWORK-MIB
[RFC3411], and SYSLOG-TC-MIB [I-D.ietf-syslog-tc-mib].
6. Definitions
SYSLOG-MSG-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, Unsigned32, mib-2
FROM SNMPv2-SMI
DisplayString, DateAndTime, TruthValue
FROM SNMPv2-TC
OBJECT-GROUP, NOTIFICATION-GROUP, MODULE-COMPLIANCE
FROM SNMPv2-CONF
SnmpAdminString
FROM SNMP-FRAMEWORK-MIB
SyslogFacility, SyslogSeverity
FROM SYSLOG-TC-MIB;
syslogMsgMib MODULE-IDENTITY
LAST-UPDATED "200811030800Z"
ORGANIZATION "IETF XXX Working Group"
CONTACT-INFO
"Juergen Schoenwaelder
<j.schoenwaelder@jacobs-university.de>
Jacobs University Bremen
Schoenwaelder, et al. Expires May 7, 2009 [Page 4]
�
Internet-Draft SYSLOG-MSG-MIB November 2008
Campus Ring 1
28757 Bremen
Germany
Alexander Clemm
<alex@cisco.com>
Cisco Systems
170 West Tasman Drive
San Jose, CA 95134-1706
USA
Anirban Karmakar
<akarmaka@cisco.com>
Cisco Systems
170 West Tasman Drive
San Jose, CA 95134-1706
USA"
DESCRIPTION
"This MIB module represent SYSLOG messages as SNMP objects.
Copyright (C) The IETF Trust (2008). This version of this MIB
module is part of RFC XXXX; see the RFC itself for full legal
notices."
REVISION "200804110800Z"
DESCRIPTION
"Initial version issued as part of RFC XXXX."
-- RFC Ed.: replace XXXX with actual RFC number & remove this note
::= { mib-2 XXX }
-- RFC Ed.: replace XXX with IANA-assigned number & remove this note
syslogMsgNotifications OBJECT IDENTIFIER ::= { syslogMsgMib 0 }
syslogMsgObjects OBJECT IDENTIFIER ::= { syslogMsgMib 1 }
syslogMsgConformance OBJECT IDENTIFIER ::= { syslogMsgMib 2 }
-- object definitions
syslogMsgControl OBJECT IDENTIFIER ::= { syslogMsgObjects 1 }
syslogMsgTableMaxSize OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The maximum number of syslog messages that may be held in
syslogMsgTable. A particular setting does not guarantee that
much data can be held. A value of 0 means no limit.
If an application changes the limit while there are syslog
Schoenwaelder, et al. Expires May 7, 2009 [Page 5]
�
Internet-Draft SYSLOG-MSG-MIB November 2008
messages in the syslogMsgTable, the oldest syslog messages
MUST be discarded to bring the table down to the new limit.
The value of this object should be kept in nonvolatile
memory."
DEFVAL { 0 }
::= { syslogMsgControl 1 }
syslogMsgEnableNotifications OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Indicates whether syslogMsgNotification notifications are
generated.
The value of this object should be kept in nonvolatile
memory."
DEFVAL { false }
::= { syslogMsgControl 2 }
syslogMsgTable OBJECT-TYPE
SYNTAX SEQUENCE OF SyslogMsgEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table containing recent syslog messages. The size of the
table is controlled by the syslogMsgTableMaxSize object."
::= { syslogMsgObjects 2 }
syslogMsgEntry OBJECT-TYPE
SYNTAX SyslogMsgEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry of the syslogMsgTable."
INDEX { syslogMsgIndex }
::= { syslogMsgTable 1 }
SyslogMsgEntry ::= SEQUENCE {
syslogMsgIndex Unsigned32,
syslogMsgFacility SyslogFacility,
syslogMsgSeverity SyslogSeverity,
syslogMsgVersion Unsigned32,
syslogMsgTimeStamp DateAndTime,
syslogMsgHostName DisplayString,
syslogMsgAppName DisplayString,
syslogMsgProcID DisplayString,
Schoenwaelder, et al. Expires May 7, 2009 [Page 6]
�
Internet-Draft SYSLOG-MSG-MIB November 2008
syslogMsgMsgID DisplayString,
syslogMsgMsg OCTET STRING,
syslogMsgFlags BITS
}
syslogMsgIndex OBJECT-TYPE
SYNTAX Unsigned32 (1..4294967295)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A monotonically increasing number used to identify entries in
the syslogMsgTable. When syslogMsgIndex reaches the maximum
value the value wraps back to 1."
::= { syslogMsgEntry 1 }
syslogMsgFacility OBJECT-TYPE
SYNTAX SyslogFacility
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The facility of the syslog message."
::= { syslogMsgEntry 2 }
syslogMsgSeverity OBJECT-TYPE
SYNTAX SyslogSeverity
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The severity of the syslog message"
::= { syslogMsgEntry 3 }
syslogMsgVersion OBJECT-TYPE
SYNTAX Unsigned32 (0..999)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The version of the syslog message. A value of 0 indicates
that the version is unknown."
::= { syslogMsgEntry 4 }
syslogMsgTimeStamp OBJECT-TYPE
SYNTAX DateAndTime
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The timestamp of the syslog message."
::= { syslogMsgEntry 5 }
Schoenwaelder, et al. Expires May 7, 2009 [Page 7]
�
Internet-Draft SYSLOG-MSG-MIB November 2008
-- [TODO] Need to define a DateAndTime TC which has larger precision
-- to match the precision of the SYSLOG protocol.
syslogMsgHostName OBJECT-TYPE
SYNTAX DisplayString (SIZE (0..255))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The host name of the syslog message. A zero-length string
indicates an unknown host name."
::= { syslogMsgEntry 6 }
syslogMsgAppName OBJECT-TYPE
SYNTAX DisplayString (SIZE (0..48))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The app-name of the syslog message. A zero-length string
indicates an unknown app-name."
::= { syslogMsgEntry 7 }
syslogMsgProcID OBJECT-TYPE
SYNTAX DisplayString (SIZE (0..128))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The procid of the syslog message. A zero-length string
indicates an unknown procid."
::= { syslogMsgEntry 8 }
syslogMsgMsgID OBJECT-TYPE
SYNTAX DisplayString (SIZE (0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The msgid of the syslog message. A zero-length string
indicates an unknown msgid."
::= { syslogMsgEntry 9 }
syslogMsgMsg OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The message part of the syslog message. The syntax does not
impose a size restriction. Implementations may truncate the
message part of the syslog message such that it fits into
the size constraints imposed by the implementation environment
Schoenwaelder, et al. Expires May 7, 2009 [Page 8]
�
Internet-Draft SYSLOG-MSG-MIB November 2008
and the notification message size constraints. If the message
has been truncated, the truncated bit in the syslogMsgFlags
must be set to 1.
If the first octets contain the value 'EFBBBF'h, then the rest
of the message is a UTF-8 string. Since syslog messages may be
truncated at arbitrary octet boundaries during forwarding, the
message may contain invalid UTF-8 encodings at the end."
::= { syslogMsgEntry 10 }
syslogMsgFlags OBJECT-TYPE
SYNTAX BITS { truncated(0), sdparams(1) }
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The bits contained in this object convey meta information
about the syslog message. The meaning of the bits is as
follows:
truncated - This bit is set if the converter had to
truncate the syslogMsgMsg to comply with
implementation and/or SNMP message size
constraints.
sdparams - This bit is set if the syslog messages
contained structured data element parameters
and serves as an indicator whether there is
data in the syslogMsgSDTable for this syslog
message.
For syslog messages without structured data element parameters
that were not truncted by the converter, none of the bits is
set."
::= { syslogMsgEntry 11 }
syslogMsgSDTable OBJECT-TYPE
SYNTAX SEQUENCE OF SyslogMsgSDEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table containing structured data elements of syslog
messages."
::= { syslogMsgObjects 3 }
syslogMsgSDEntry OBJECT-TYPE
SYNTAX SyslogMsgSDEntry
MAX-ACCESS not-accessible
STATUS current
Schoenwaelder, et al. Expires May 7, 2009 [Page 9]
�
Internet-Draft SYSLOG-MSG-MIB November 2008
DESCRIPTION
"An entry of the syslogMsgSDTable."
INDEX { syslogMsgIndex, syslogMsgSDElementName,
syslogMsgSDParamName, syslogMsgSDParamIndex }
::= { syslogMsgSDTable 1 }
SyslogMsgSDEntry ::= SEQUENCE {
syslogMsgSDElementName DisplayString,
syslogMsgSDParamName DisplayString,
syslogMsgSDParamIndex Unsigned32,
syslogMsgSDParamValue SnmpAdminString
}
syslogMsgSDElementName OBJECT-TYPE
SYNTAX DisplayString (SIZE (1..32))
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The name of a structured data element."
::= { syslogMsgSDEntry 1 }
syslogMsgSDParamName OBJECT-TYPE
SYNTAX DisplayString (SIZE (1..32))
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The name of a parameter of the structured data element."
::= { syslogMsgSDEntry 2 }
syslogMsgSDParamIndex OBJECT-TYPE
SYNTAX Unsigned32 (1..4294967295)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This objects indexes the instance of a structured data element
that occurs multiple times in a structured data element,
starting from 1. For parameters that only occure once, the
value of this object is 1."
::= { syslogMsgSDEntry 3 }
syslogMsgSDParamValue OBJECT-TYPE
SYNTAX SnmpAdminString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of the parameter of a syslog message identified by
the index of this table."
::= { syslogMsgSDEntry 4 }
Schoenwaelder, et al. Expires May 7, 2009 [Page 10]
�
Internet-Draft SYSLOG-MSG-MIB November 2008
-- notification definitions
syslogMsgNotification NOTIFICATION-TYPE
OBJECTS { syslogMsgFacility, syslogMsgSeverity,
syslogMsgVersion, syslogMsgTimeStamp,
syslogMsgHostName, syslogMsgAppName,
syslogMsgProcID, syslogMsgMsgID,
syslogMsgMsg, syslogMsgFlags }
STATUS current
DESCRIPTION
"The syslogMsgNotification is generated when a new syslog
message is generated and the value of
syslogMsgGenerateNotifications is true. Implementations may
add syslogMsgSDParamValue objects as long as the resulting
notification fits into the notification message size
constraints."
::= { syslogMsgNotifications 1 }
-- conformance statements
syslogMsgGroups OBJECT IDENTIFIER ::= { syslogMsgConformance 1 }
syslogMsgCompliances OBJECT IDENTIFIER ::= { syslogMsgConformance 2 }
syslogMsgFullCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for implementations of the
SYSLOG-MSG-MIB."
MODULE -- this module
MANDATORY-GROUPS {
syslogMsgGroup,
syslogMsgSDGroup,
syslogMsgControlGroup,
syslogMsgNotificationGroup
}
::= { syslogMsgCompliances 1 }
syslogMsgReadOnlyCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for implementations of the
SYSLOG-MSG-MIB that do not support read-write access."
MODULE -- this module
MANDATORY-GROUPS {
syslogMsgGroup,
syslogMsgSDGroup,
syslogMsgControlGroup,
syslogMsgNotificationGroup
Schoenwaelder, et al. Expires May 7, 2009 [Page 11]
�
Internet-Draft SYSLOG-MSG-MIB November 2008
}
OBJECT syslogMsgTableMaxSize
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT syslogMsgEnableNotifications
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required. To be useful, the value
or this object should be true."
::= { syslogMsgCompliances 2 }
syslogMsgNotificationCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for implementations of the
SYSLOG-MSG-MIB that do only generate notifications and not
provide a table to allow read access to syslog message
details."
MODULE -- this module
MANDATORY-GROUPS {
syslogMsgGroup,
syslogMsgSDGroup,
syslogMsgNotificationGroup
}
OBJECT syslogMsgFacility
MIN-ACCESS accessible-for-notify
DESCRIPTION
"Read access is not required."
OBJECT syslogMsgSeverity
MIN-ACCESS accessible-for-notify
DESCRIPTION
"Read access is not required."
OBJECT syslogMsgVersion
MIN-ACCESS accessible-for-notify
DESCRIPTION
"Read access is not required."
OBJECT syslogMsgTimeStamp
MIN-ACCESS accessible-for-notify
DESCRIPTION
"Read access is not required."
OBJECT syslogMsgHostName
MIN-ACCESS accessible-for-notify
DESCRIPTION
"Read access is not required."
OBJECT syslogMsgAppName
MIN-ACCESS accessible-for-notify
DESCRIPTION
Schoenwaelder, et al. Expires May 7, 2009 [Page 12]
�
Internet-Draft SYSLOG-MSG-MIB November 2008
"Read access is not required."
OBJECT syslogMsgProcID
MIN-ACCESS accessible-for-notify
DESCRIPTION
"Read access is not required."
OBJECT syslogMsgMsgID
MIN-ACCESS accessible-for-notify
DESCRIPTION
"Read access is not required."
OBJECT syslogMsgMsg
MIN-ACCESS accessible-for-notify
DESCRIPTION
"Read access is not required."
OBJECT syslogMsgFlags
MIN-ACCESS accessible-for-notify
DESCRIPTION
"Read access is not required."
OBJECT syslogMsgSDParamValue
MIN-ACCESS accessible-for-notify
DESCRIPTION
"Read access is not required."
::= { syslogMsgCompliances 3 }
syslogMsgNotificationGroup NOTIFICATION-GROUP
NOTIFICATIONS {
syslogMsgNotification
}
STATUS current
DESCRIPTION
"The notifications emitted by this MIB module."
::= { syslogMsgGroups 1 }
syslogMsgGroup OBJECT-GROUP
OBJECTS {
-- syslogMsgIndex,
syslogMsgFacility,
syslogMsgSeverity,
syslogMsgVersion,
syslogMsgTimeStamp,
syslogMsgHostName,
syslogMsgAppName,
syslogMsgProcID,
syslogMsgMsgID,
syslogMsgMsg,
syslogMsgFlags
}
STATUS current
DESCRIPTION
Schoenwaelder, et al. Expires May 7, 2009 [Page 13]
�
Internet-Draft SYSLOG-MSG-MIB November 2008
"A collection of objects representing a syslog message
excluding structured data elements."
::= { syslogMsgGroups 2 }
syslogMsgSDGroup OBJECT-GROUP
OBJECTS {
-- syslogMsgSDElementName,
-- syslogMsgSDParamName,
-- syslogMsgSDParamIndex,
syslogMsgSDParamValue
}
STATUS current
DESCRIPTION
"A collection of objects representing the structured data
elements of a syslog message."
::= { syslogMsgGroups 3 }
syslogMsgControlGroup OBJECT-GROUP
OBJECTS {
syslogMsgTableMaxSize,
syslogMsgEnableNotifications
}
STATUS current
DESCRIPTION
"A collection of control objects to control the size of the
syslogMsgTable and to enable / disable notifications."
::= { syslogMsgGroups 4 }
END
7. IANA Considerations
The IANA is requested to assign a value for "XXX" under the 'mib-2'
subtree and to record the assignment in the SMI Numbers registry.
When the assignment has been made, the RFC Editor is asked to replace
"XXX" (here and in the MIB module) with the assigned value.
8. Security Considerations
There are a number of management objects defined in this MIB module
with a MAX-ACCESS clause of read-write and/or read-create. Such
objects may be considered sensitive or vulnerable in some network
environments. The support for SET operations in a non-secure
environment without proper protection can have a negative effect on
network operations. These are the tables and objects and their
sensitivity/vulnerability:
Schoenwaelder, et al. Expires May 7, 2009 [Page 14]
�
Internet-Draft SYSLOG-MSG-MIB November 2008
syslogMsgTableMaxSize # explain sensitivity
syslogMsgEnableNotifications # explain sensitivity
Some of the readable objects in this MIB module (i.e., objects with a
MAX-ACCESS other than not-accessible) may be considered sensitive or
vulnerable in some network environments. It is thus important to
control even GET and/or NOTIFY access to these objects and possibly
to even encrypt the values of these objects when sending them over
the network via SNMP. These are the tables and objects and their
sensitivity/vulnerability:
syslogMsgTableMaxSize # explain sensitivity
syslogMsgEnableNotifications # explain sensitivity
syslogMsgFacility # explain sensitivity
syslogMsgSeverity # explain sensitivity
syslogMsgVersion # explain sensitivity
syslogMsgTimeStamp # explain sensitivity
syslogMsgHostName # explain sensitivity
syslogMsgAppName # explain sensitivity
syslogMsgProcID # explain sensitivity
syslogMsgMsgID # explain sensitivity
syslogMsgMsg # explain sensitivity
syslogMsgFlags # explain sensitivity
syslogMsgSDParamValue # explain sensitivity
SNMP versions prior to SNMPv3 did not include adequate security.
Even if the network itself is secure (for example by using IPsec),
even then, there is no control as to who on the secure network is
allowed to access and GET/SET (read/change/create/delete) the objects
in this MIB module.
It is RECOMMENDED that implementers consider the security features as
provided by the SNMPv3 framework (see [RFC3410], section 8),
including full support for the SNMPv3 cryptographic mechanisms (for
authentication and privacy).
Further, deployment of SNMP versions prior to SNMPv3 is NOT
RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to
enable cryptographic security. It is then a customer/operator
responsibility to ensure that the SNMP entity giving access to an
instance of this MIB module is properly configured to give access to
the objects only to those principals (users) that have legitimate
rights to indeed GET or SET (change/create/delete) them.
9. References
Schoenwaelder, et al. Expires May 7, 2009 [Page 15]
�
Internet-Draft SYSLOG-MSG-MIB November 2008
9.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC3411] Harrington, D., Presuhn, R., and B. Wijnen, "An
Architecture for Describing Simple Network Management
Protocol (SNMP) Management Frameworks", STD 62, RFC 3411,
December 2002.
[I-D.ietf-syslog-protocol]
Gerhards, R., "The syslog Protocol", Internet Draft (work
in progress), September 2007.
[I-D.ietf-syslog-tc-mib]
Keeni, G., "Textual Conventions for Syslog Management",
Internet Draft (work in progress), May 2008.
[RFC2578] McCloghrie, K., Perkins, D., and J. Schoenwaelder,
"Structure of Management Information Version 2 (SMIv2)",
RFC 2578, STD 58, April 1999.
[RFC2579] McCloghrie, K., Perkins, D., and J. Schoenwaelder,
"Textual Conventions for SMIv2", RFC 2579, STD 58,
April 1999.
[RFC2580] McCloghrie, K., Perkins, D., and J. Schoenwaelder,
"Conformance Statements for SMIv2", RFC 2580, STD 58,
April 1999.
9.2. Informative References
[RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart,
"Introduction and Applicability Statements for Internet-
Standard Management Framework", RFC 3410, December 2002.
[RFC3014] Kavasseri, R., Ed., "Notification Log MIB", RFC 3014,
November 2002.
Schoenwaelder, et al. Expires May 7, 2009 [Page 16]
�
Internet-Draft SYSLOG-MSG-MIB November 2008
Authors' Addresses
Juergen Schoenwaelder
Jacobs University Bremen
Campus Ring 1
28725 Bremen
Germany
Email: j.schoenwaelder@jacobs-university.de
Alexander Clemm
Cisco Systems
170 West Tasman Drive
San Jose, CA 95134-1706
USA
Email: alex@cisco.com
Anirban Karmakar
Cisco Systems
170 West Tasman Drive
San Jose, CA 95134-1706
USA
Email: akarmaka@cisco.com
Schoenwaelder, et al. Expires May 7, 2009 [Page 17]
�
Internet-Draft SYSLOG-MSG-MIB November 2008
Full Copyright Statement
Copyright (C) The IETF Trust (2008).
This document is subject to the rights, licenses and restrictions
contained in BCP 78, and except as set forth therein, the authors
retain all their rights.
This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Intellectual Property
The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be claimed to
pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights
might or might not be available; nor does it represent that it has
made any independent effort to identify any such rights. Information
on the procedures with respect to rights in RFC documents can be
found in BCP 78 and BCP 79.
Copies of IPR disclosures made to the IETF Secretariat and any
assurances of licenses to be made available, or the result of an
attempt made to obtain a general license or permission for the use of
such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository at
http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary
rights that may cover technology that may be required to implement
this standard. Please address the information to the IETF at
ietf-ipr@ietf.org.
Schoenwaelder, et al. Expires May 7, 2009 [Page 18]
�