--- 1/draft-ietf-opsawg-syslog-snmp-04.txt 2009-08-13 23:12:13.000000000 +0200 +++ 2/draft-ietf-opsawg-syslog-snmp-05.txt 2009-08-13 23:12:13.000000000 +0200 @@ -1,19 +1,19 @@ Network Working Group V. Marinov Internet-Draft J. Schoenwaelder Intended status: Standards Track Jacobs University Bremen -Expires: February 7, 2010 August 6, 2009 +Expires: February 14, 2010 August 13, 2009 Mapping Simple Network Management Protocol (SNMP) Notifications to SYSLOG Messages - draft-ietf-opsawg-syslog-snmp-04.txt + draft-ietf-opsawg-syslog-snmp-05.txt Status of this Memo This Internet-Draft is submitted to IETF in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. @@ -22,21 +22,21 @@ and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. - This Internet-Draft will expire on February 7, 2010. + This Internet-Draft will expire on February 14, 2010. Copyright Notice Copyright (c) 2009 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents in effect on the date of publication of this document (http://trustee.ietf.org/license-info). Please review these documents carefully, as they describe your rights @@ -58,21 +58,21 @@ 3.1. SYSLOG Header . . . . . . . . . . . . . . . . . . . . . . 7 3.2. Structured Data . . . . . . . . . . . . . . . . . . . . . 7 3.3. MSG Data . . . . . . . . . . . . . . . . . . . . . . . . . 10 4. Relationship to the SYSLOG-MSG-MIB . . . . . . . . . . . . . . 10 5. Usage Example . . . . . . . . . . . . . . . . . . . . . . . . 11 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 13 7. Security Considerations . . . . . . . . . . . . . . . . . . . 13 8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 13 9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 14 9.1. Normative References . . . . . . . . . . . . . . . . . . . 14 - 9.2. Informative References . . . . . . . . . . . . . . . . . . 14 + 9.2. Informative References . . . . . . . . . . . . . . . . . . 15 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 15 1. Introduction SNMP and SYSLOG are two widely used protocols to communicate event notifications. Although co-existence of several management protocols in one operational environment is possible, certain environments require that all event notifications are collected by a single system daemon such as a SYSLOG collector or an SNMP notification receiver via a single management protocol. In such environments, it is @@ -256,21 +256,21 @@ Implementations MUST drop invalid SNMP messages before they are passed to the SNMP-to-SYSLOG translator. 3.1. SYSLOG Header The SNMP-to-SYSLOG translator fills the HEADER field of a SYSLOG message with parameters specific to the system on which it is running. The default facility level for SYSLOG messages containing SNMP notifications SHOULD be 3, which corresponds to messages generated by system daemons. The default severity level SHOULD be 5, - which correponds to "Notice: normal but significant condition". If + which corresponds to "Notice: normal but significant condition". If the SNMP-to-SYSLOG translator has a notion of the type of notification that has been received it might choose other values for facility and severity level. The VERSION, TIMESTAMP, HOSTNAME, APP-NAME, PROCID and MSGID fields in the SYSLOG message header are filled with values that are specific to the system on which the SNMP-to-SYSLOG translator is running. The character set used in the HEADER MUST be seven-bit ASCII in an eight- bit field as described in [RFC5424]. @@ -284,49 +284,48 @@ SNMP-SD-ELEMENT = "[" SNMP-SD-ID [CTX] *VARBIND "]" SNMP-SD-ID = %x73.6E.6D.70 ; snmp CTX = CTXENGINE CTXNAME CTXENGINE = SP "ctxEngine=" %d34 HEXSTRING %d34 CTXNAME = SP "ctxName=" %d34 PARAM-VALUE %d34 VARBIND = SP VARNAME [SP VARLABEL] SP VARVALUE [SP VALSTRING] VARNAME = %d118 NUM "=" %d34 OID %d34 ; "vN=" VARLABEL = %d108 NUM "=" %d34 PARAM-VALUE %d34 ; "lN=" VARVALUE = VALOID / VALHEXSTRING / VALCOUNTER32 / VALCOUNTER64 / VALUNSIGNED32 / VALINTEGER32 / VALIP / VALNULL - / VALOPAQUE / VALTIMETICKS / VALUTF8STRING + / VALOPAQUE / VALTIMETICKS / VALSTRING VALOID = %d111 NUM "=" %d34 OID %d34 ; "oN=" VALHEXSTRING = %d120 NUM "=" %d34 HEXSTRING %d34 ; "xN=" VALCOUNTER32 = %d99 NUM "=" %d34 UNSIGNED32 %d34 ; "cN=" VALCOUNTER64 = %d67 NUM "=" %d34 UNSIGNED64 %d34 ; "CN=" VALUNSIGNED32 = %d117 NUM "=" %d34 UNSIGNED32 %d34 ; "uN=" VALINTEGER32 = %d100 NUM "=" %d34 INTEGER32 %d34 ; "dN=" VALIP = %d105 NUM "=" %d34 IPV4ADDRESS %d34 ; "iN=" - VALNULL = %d110 NUM "=" %d34 NULL %d34 ; "nN=" + VALNULL = %d110 NUM "=" %d34 %d34 ; "nN=" VALOPAQUE = %d112 NUM "=" %d34 HEXSTRING %d34 ; "pN=" VALTIMETICKS = %d116 NUM "=" %d34 UNSIGNED32 %d34 ; "tN=" VALSTRING = %d97 NUM "=" %d34 PARAM-VALUE %d34 ; "aN=" NUM = NONZERODIGIT 0*DIGIT OID = OIDSTART *("." OIDSUBID) OIDSTART = (("0." / "1.")[%d49-51] DIGIT) / ("2." OIDSUBID) OIDSUBID = ZERO / (NONZERODIGIT *DIGIT) PARAM-VALUE = UTF-8-STRING ; characters '"', '\' and ; ']' MUST be escaped. UTF-8-STRING = *OCTET ; Any VALID UTF-8 String ; "shortest form" MUST be used HEXSTRING = *HEX INTEGER32 = ["-"] NONZERODIGIT 0*DIGIT UNSIGNED32 = NONZERODIGIT 0*DIGIT UNSIGNED64 = NONZERODIGIT 0*DIGIT - NULL = "" IPV4ADDRESS = d8 "." d8 "." d8 "." d8 d8 = DIGIT ; 0-9 / %d49-57 DIGIT ; 10-99 / "1" 2DIGIT ; 100-199 / "2" %d48-52 DIGIT ; 200-249 / "25" %d48-53 ; 250-255 HEX = DIGIT / %x41-46 / %x61-66 ; 0-9 / A-F / a-f NONZERODIGIT = %d49-57 @@ -400,23 +399,26 @@ In particular, the parameters in the "origin" SD-ID SHOULD identify the originator of the SNMP notification. A suitable value for the "ip" parameter MAY be taken from the snmpTrapAddress varbind if present and a suitable value for the "enterpriseId" parameter MAY be extracted from snmpTrapOID varbind. 3.3. MSG Data The MSG part of the SYSLOG message is optional and may contain a free-form message that provides a textual description of the SNMP - event notification. The character set used in MSG SHOULD be UNICODE, - encoded using UTF-8 as specified in [RFC3629]. If the originator can - not encode the MSG in Unicode, it MAY use any other encoding. + event notification. According to [RFC5424], the character set used + in MSG SHOULD be UNICODE, encoded using UTF-8 as specified in + [RFC3629]. If the originator can not encode the MSG in Unicode, it + MAY use any other encoding. The originator MAY use the "language" + parameters defined in [RFC5424] to convey information about the + natural language used inside MSG. 4. Relationship to the SYSLOG-MSG-MIB A companion document defines an SNMP MIB module to represent SYSLOG messages and to send SYSLOG messages as SNMP notifications to SNMP notification receivers [I-D.ietf-opsawg-syslog-msg-mib]. This section discusses the possibilities of using both specifications in combination. A SYSLOG collector implementing the SYSLOG-MSG-MIB module and the @@ -615,41 +617,41 @@ [RFC3418] Presuhn, R., "Management Information Base (MIB) for the Simple Network Management Protocol (SNMP)", STD 62, RFC 3418, December 2002. [RFC3584] Frye, R., Levi, D., Routhier, S., and B. Wijnen, "Coexistence between Version 1, Version 2, and Version 3 of the Internet-standard Network Management Framework.", BCP 74, RFC 3584, August 2003. + [RFC3629] Yergeau, F., "UTF-8, a transformation format of ISO + 10646", STD 63, RFC 3629, November 2003. + [RFC5234] Crocker, D. and P. Overell, "Augmented BNF for Syntax Specifications: ABNF", RFC 5234, January 2008. [RFC5424] Gerhards, R., "The Syslog Protocol", RFC 5424, March 2009. 9.2. Informative References [RFC2578] McCloghrie, K., Perkins, D., and J. Schoenwaelder, "Structure of Management Information Version 2 (SMIv2)", RFC 2578, STD 58, April 1999. [RFC2863] McCloghrie, K. and F. Kastenholz, "The Interfaces Group MIB", RFC 2863, June 2000. [RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, "Introduction and Applicability Statements for Internet- Standard Management Framework", RFC 3410, December 2002. - [RFC3629] Yergeau, F., "UTF-8, a transformation format of ISO - 10646", STD 63, RFC 3629, November 2003. - Authors' Addresses Vladislav Marinov Jacobs University Bremen Campus Ring 1 28725 Bremen Germany Email: v.marinov@jacobs-university.de