| draft-ietf-netmod-syslog-model-09.txt | draft-ietf-netmod-syslog-model-10.txt | |||
|---|---|---|---|---|
| NETMOD WG C. Wildes, Ed. | NETMOD WG C. Wildes, Ed. | |||
| Internet-Draft K. Koushik, Ed. | Internet-Draft K. Koushik, Ed. | |||
| Intended status: Standards Track Cisco Systems Inc. | Intended status: Standards Track Cisco Systems Inc. | |||
| Expires: January 9, 2017 July 8, 2016 | Expires: May 4, 2017 October 31, 2016 | |||
| Syslog YANG Model | A YANG Data Model for Syslog Configuration | |||
| draft-ietf-netmod-syslog-model-09 | draft-ietf-netmod-syslog-model-10 | |||
| Abstract | Abstract | |||
| This document describes a data model for the configuration of syslog. | This document describes a data model for the configuration of syslog. | |||
| Status of This Memo | Status of This Memo | |||
| This Internet-Draft is submitted in full conformance with the | This Internet-Draft is submitted in full conformance with the | |||
| provisions of BCP 78 and BCP 79. | provisions of BCP 78 and BCP 79. | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on January 9, 2017. | This Internet-Draft will expire on May 4, 2017. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2016 IETF Trust and the persons identified as the | Copyright (c) 2016 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 3, line 16 ¶ | skipping to change at page 3, line 16 ¶ | |||
| RFC. | RFC. | |||
| 1.1. Requirements Language | 1.1. Requirements Language | |||
| The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | |||
| "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this | "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this | |||
| document are to be interpreted as described in RFC 2119 [RFC2119]. | document are to be interpreted as described in RFC 2119 [RFC2119]. | |||
| 1.2. Terminology | 1.2. Terminology | |||
| The term "message originator" is derived from the term "originator" | The term "originator" is defined in [RFC5424]: an "originator" | |||
| as defined in [RFC5424]: an "originator" generates syslog content to | generates syslog content to be carried in a message. | |||
| be carried in a message. | ||||
| The term "message distributor" is defined as a function that filters | ||||
| log messages and then distributes them. | ||||
| The terms "relay" and "collectors" are as defined in [RFC5424]. | The terms "relay" and "collectors" are as defined in [RFC5424]. | |||
| 2. Problem Statement | 2. Problem Statement | |||
| This document defines a YANG [RFC6020] configuration data model that | This document defines a YANG [RFC6020] configuration data model that | |||
| may be used to configure one or more syslog processes running on a | may be used to configure the syslog feature running on a system. | |||
| system. YANG models can be used with network management protocols | YANG models can be used with network management protocols such as | |||
| such as NETCONF [RFC6241] to install, manipulate, and delete the | NETCONF [RFC6241] to install, manipulate, and delete the | |||
| configuration of network devices. | configuration of network devices. | |||
| The data model makes use of the YANG "feature" construct which allows | The data model makes use of the YANG "feature" construct which allows | |||
| implementations to support only those syslog features that lie within | implementations to support only those syslog features that lie within | |||
| their capabilities. | their capabilities. | |||
| This module can be used to configure the syslog application | This module can be used to configure the syslog application | |||
| conceptual layer [RFC5424]. | conceptual layers as implemented on the target system [RFC5424]. | |||
| 3. Design of the Syslog Model | 3. Design of the Syslog Model | |||
| The syslog model was designed by comparing various syslog features | The syslog model was designed by comparing various syslog features | |||
| implemented by various vendors' in different implementations. | implemented by various vendors' in different implementations. | |||
| This draft addresses the common leafs between implementations and | This draft addresses the common leafs between implementations and | |||
| creates a common model, which can be augmented with proprietary | creates a common model, which can be augmented with proprietary | |||
| features, if necessary. The base model is designed to be very simple | features, if necessary. The base model is designed to be very simple | |||
| for maximum flexibility. | for maximum flexibility. | |||
| Syslog consists of message originators, and message distributors. | Syslog consists of originators, and collectors. The following digram | |||
| The following digram shows syslog messages flowing from a message | shows syslog messages flowing from an originator, to collectors where | |||
| originator, to message distributors where suppression filtering can | suppression filtering can take place. | |||
| take place. | ||||
| Many vendors extend the list of facilities available for logging in | Many vendors extend the list of facilities available for logging in | |||
| their implementation. An example is included in Extending Facilities | their implementation. An example is included in Extending Facilities | |||
| (Appendix A.1). | (Appendix A.1). | |||
| Message Originators | Originators | |||
| +-------------+ +-------------+ +-------------+ +-------------+ | +-------------+ +-------------+ +-------------+ +-------------+ | |||
| | Various | | OS | | | | Remote | | | Various | | OS | | | | Remote | | |||
| | Components | | Kernel | | Line Cards | | Servers | | | Components | | Kernel | | Line Cards | | Servers | | |||
| +-------------+ +-------------+ +-------------+ +-------------+ | +-------------+ +-------------+ +-------------+ +-------------+ | |||
| +-------------+ +-------------+ +-------------+ +-------------+ | +-------------+ +-------------+ +-------------+ +-------------+ | |||
| | SNMP | | Interface | | Standby | | Syslog | | | SNMP | | Interface | | Standby | | Syslog | | |||
| | Events | | Events | | Supervisor | | Itself | | | Events | | Events | | Supervisor | | Itself | | |||
| +-------------+ +-------------+ +-------------+ +-------------+ | +-------------+ +-------------+ +-------------+ +-------------+ | |||
| | | | | | | |||
| +----------------------------------------------------------------+ | +----------------------------------------------------------------+ | |||
| | | | | |||
| | | | | |||
| | | | | |||
| | | | | |||
| +-----------+------------+--------------+ | +-----------+------------+--------------+ | |||
| | | | | | | | | | | |||
| v v v | | v v v | | |||
| Message Distributors | | Collectors | | |||
| +----------+ +----------+ +----------+ | | +----------+ +----------+ +----------+ | | |||
| | | | Log | | Log | | | | | | Log | | Log | | | |||
| | Console | | Buffer | | File(s) | | | | Console | | Buffer | | File(s) | | | |||
| +----------+ +----------+ +----------+ | | +----------+ +----------+ +----------+ | | |||
| | | | | |||
| +-+-------------+ | +-+-------------+ | |||
| | | | | | | |||
| v v | v v | |||
| +----------------+ +-----------+ | +----------------+ +-----------+ | |||
| |Remote Relay(s)/| |User | | |Remote Relay(s)/| |User | | |||
| |Collectors(s) | |Sessions(s)| | |Collectors(s) | |Sessions(s)| | |||
| +----------------+ +-----------+ | +----------------+ +-----------+ | |||
| The leaves in the base syslog model log-input-transports container | Figure 1. Syslog Processing Flow | |||
| correspond to remote message originators or remote message relays. | ||||
| The leaves in the base syslog model log-actions container correspond | The leaves in the base syslog model log-actions container correspond | |||
| to each message distributor: | to each message collector: | |||
| console | console | |||
| log buffer | log buffer | |||
| log file(s) | log file(s) | |||
| remote relay(s)/collector(s) | remote relay(s)/collector(s) | |||
| user session(s). | user session(s). | |||
| Optional features are used to specified functionality that is present | Optional features are used to specified functionality that is present | |||
| in specific vendor configurations. | in specific vendor configurations. | |||
| skipping to change at page 6, line 14 ¶ | skipping to change at page 6, line 5 ¶ | |||
| If the type is a leafref, the type is printed as "-> TARGET", where | If the type is a leafref, the type is printed as "-> TARGET", where | |||
| TARGET is either the leafref path, with prefixed removed if possible. | TARGET is either the leafref path, with prefixed removed if possible. | |||
| <if-features> is the list of features this node depends on, printed | <if-features> is the list of features this node depends on, printed | |||
| within curly brackets and a question mark "{...}?" | within curly brackets and a question mark "{...}?" | |||
| module: ietf-syslog | module: ietf-syslog | |||
| +--rw syslog | +--rw syslog | |||
| +--rw actions | +--rw actions | |||
| +--rw console! | +--rw console! | |||
| | +--rw log-selector | | +--rw selector | |||
| | +--rw (selector-facility) | | +--rw (selector-facility) | |||
| | | +--:(no-log-facility) | | | +--:(facility) | |||
| | | | +--rw no-facilities? empty | | | | +--rw no-facilities? empty | |||
| | | +--:(log-facility) | | | +--:(name) | |||
| | | +--rw log-facility* [facility] | | | +--rw facility* [facility] | |||
| | | +--rw facility union | | | +--rw facility union | |||
| | | +--rw severity union | | | +--rw severity union | |||
| | | +--rw compare-op? enumeration {select-sev-compare}? | | | +--rw compare-op? enumeration {select-sev-compare}? | |||
| | +--rw pattern-match? string {select-match}? | | +--rw pattern-match? string {select-match}? | |||
| +--rw buffer | +--rw buffer | |||
| | +--rw log-selector | | +--rw selector | |||
| | | +--rw (selector-facility) | | | +--rw (selector-facility) | |||
| | | | +--:(no-log-facility) | | | | +--:(facility) | |||
| | | | | +--rw no-facilities? empty | | | | | +--rw no-facilities? empty | |||
| | | | +--:(log-facility) | | | | +--:(name) | |||
| | | | +--rw log-facility* [facility] | | | | +--rw facility* [facility] | |||
| | | | +--rw facility union | | | | +--rw facility union | |||
| | | | +--rw severity union | | | | +--rw severity union | |||
| | | | +--rw compare-op? enumeration {select-sev-compare}? | | | | +--rw compare-op? enumeration {select-sev-compare}? | |||
| | | +--rw pattern-match? string {select-match}? | | | +--rw pattern-match? string {select-match}? | |||
| | +--rw structured-data? boolean {structured-data}? | ||||
| | +--rw buffer-limit-bytes? uint64 {buffer-limit-bytes}? | | +--rw buffer-limit-bytes? uint64 {buffer-limit-bytes}? | |||
| | +--rw buffer-limit-messages? uint64 {buffer-limit-messages}? | | +--rw buffer-limit-messages? uint64 {buffer-limit-messages}? | |||
| | +--rw structured-data? boolean {structured-data}? | ||||
| +--rw file | +--rw file | |||
| | +--rw log-file* [name] | | +--rw log-file* [name] | |||
| | +--rw name inet:uri | | +--rw name inet:uri | |||
| | +--rw log-selector | | +--rw selector | |||
| | | +--rw (selector-facility) | | | +--rw (selector-facility) | |||
| | | | +--:(no-log-facility) | | | | +--:(facility) | |||
| | | | | +--rw no-facilities? empty | | | | | +--rw no-facilities? empty | |||
| | | | +--:(log-facility) | | | | +--:(name) | |||
| | | | +--rw log-facility* [facility] | | | | +--rw facility* [facility] | |||
| | | | +--rw facility union | | | | +--rw facility union | |||
| | | | +--rw severity union | | | | +--rw severity union | |||
| | | | +--rw compare-op? enumeration {select-sev-compare}? | | | | +--rw compare-op? enumeration {select-sev-compare}? | |||
| | | +--rw pattern-match? string {select-match}? | | | +--rw pattern-match? string {select-match}? | |||
| | +--rw structured-data? boolean {structured-data}? | | +--rw structured-data? boolean {structured-data}? | |||
| | +--rw file-archive | | +--rw file-rotation | |||
| | +--rw number-of-files? uint32 {file-limit-size}? | | +--rw number-of-files? uint32 {file-limit-size}? | |||
| | +--rw max-file-size? uint64 {file-limit-size}? | | +--rw max-file-size? uint64 {file-limit-size}? | |||
| | +--rw rollover? uint32 {file-limit-duration}? | | +--rw rollover? uint32 {file-limit-duration}? | |||
| | +--rw retention? uint16 {file-limit-duration}? | | +--rw retention? uint16 {file-limit-duration}? | |||
| +--rw remote | +--rw remote | |||
| | +--rw destination* [name] | | +--rw destination* [name] | |||
| | +--rw name string | | +--rw name string | |||
| | +--rw (transport) | | +--rw (transport) | |||
| | | +--:(tcp) | | | +--:(tcp) | |||
| | | | +--rw tcp | | | | +--rw tcp | |||
| | | | +--rw address? inet:host | | | | +--rw address? inet:host | |||
| | | | +--rw port? inet:port-number | | | | +--rw port? inet:port-number | |||
| | | +--:(udp) | | | +--:(udp) | |||
| | | | +--rw udp | | | | +--rw udp | |||
| | | | +--rw address? inet:host | | | | +--rw address? inet:host | |||
| | | | +--rw port? inet:port-number | | | | +--rw port? inet:port-number | |||
| | | +--:(tls) | | | +--:(tls) | |||
| | | +--rw tls | | | +--rw tls | |||
| | +--rw log-selector | | +--rw selector | |||
| | | +--rw (selector-facility) | | | +--rw (selector-facility) | |||
| | | | +--:(no-log-facility) | | | | +--:(facility) | |||
| | | | | +--rw no-facilities? empty | | | | | +--rw no-facilities? empty | |||
| | | | +--:(log-facility) | | | | +--:(name) | |||
| | | | +--rw log-facility* [facility] | | | | +--rw facility* [facility] | |||
| | | | +--rw facility union | | | | +--rw facility union | |||
| | | | +--rw severity union | | | | +--rw severity union | |||
| | | | +--rw compare-op? enumeration {select-sev-compare}? | | | | +--rw compare-op? enumeration {select-sev-compare}? | |||
| | | +--rw pattern-match? string {select-match}? | | | +--rw pattern-match? string {select-match}? | |||
| | +--rw destination-facility? identityref | | +--rw structured-data? boolean {structured-data}? | |||
| | +--rw source-interface? if:interface-ref | | +--rw facility-override? identityref | |||
| | +--rw structured-data? boolean {structured-data}? | | +--rw source-interface? if:interface-ref | |||
| | +--rw syslog-sign! {signed-messages}? | | +--rw syslog-sign! {signed-messages}? | |||
| | +--rw cert-initial-repeat uint16 | | +--rw cert-initial-repeat uint16 | |||
| | +--rw cert-resend-delay uint16 | | +--rw cert-resend-delay uint16 | |||
| | +--rw cert-resend-count uint16 | | +--rw cert-resend-count uint16 | |||
| | +--rw sig-max-delay uint16 | | +--rw sig-max-delay uint16 | |||
| | +--rw sig-number-resends uint16 | | +--rw sig-number-resends uint16 | |||
| | +--rw sig-resend-delay uint16 | | +--rw sig-resend-delay uint16 | |||
| | +--rw sig-resend-count uint16 | | +--rw sig-resend-count uint16 | |||
| +--rw session | +--rw session | |||
| +--rw all-users! | +--rw all-users! | |||
| | +--rw log-selector | | +--rw selector | |||
| | +--rw (selector-facility) | | +--rw (selector-facility) | |||
| | | +--:(no-log-facility) | | | +--:(facility) | |||
| | | | +--rw no-facilities? empty | | | | +--rw no-facilities? empty | |||
| | | +--:(log-facility) | | | +--:(name) | |||
| | | +--rw log-facility* [facility] | | | +--rw facility* [facility] | |||
| | | +--rw facility union | | | +--rw facility union | |||
| | | +--rw severity union | | | +--rw severity union | |||
| | | +--rw compare-op? enumeration {select-sev-compare}? | | | +--rw compare-op? enumeration {select-sev-compare}? | |||
| | +--rw pattern-match? string {select-match}? | | +--rw pattern-match? string {select-match}? | |||
| +--rw user* [name] | +--rw user* [name] | |||
| +--rw name string | +--rw name string | |||
| +--rw log-selector | +--rw selector | |||
| +--rw (selector-facility) | +--rw (selector-facility) | |||
| | +--:(no-log-facility) | | +--:(facility) | |||
| | | +--rw no-facilities? empty | | | +--rw no-facilities? empty | |||
| | +--:(log-facility) | | +--:(name) | |||
| | +--rw log-facility* [facility] | | +--rw facility* [facility] | |||
| | +--rw facility union | | +--rw facility union | |||
| | +--rw severity union | | +--rw severity union | |||
| | +--rw compare-op? enumeration {select-sev-compare}? | | +--rw compare-op? enumeration {select-sev-compare}? | |||
| +--rw pattern-match? string {select-match}? | +--rw pattern-match? string {select-match}? | |||
| Figure 2. ietf-syslog Module Tree | ||||
| 4. Syslog YANG Modules | 4. Syslog YANG Modules | |||
| 4.1. The ietf-syslog-types Module | 4.1. The ietf-syslog-types Module | |||
| This module references [RFC5424]. | This module references [RFC5424]. | |||
| <CODE BEGINS> file "ietf-syslog-types.yang" | <CODE BEGINS> file "ietf-syslog-types.yang" | |||
| module ietf-syslog-types { | module ietf-syslog-types { | |||
| namespace "urn:ietf:params:xml:ns:yang:ietf-syslog-types"; | namespace "urn:ietf:params:xml:ns:yang:ietf-syslog-types"; | |||
| prefix syslogtypes; | prefix syslogtypes; | |||
| skipping to change at page 9, line 27 ¶ | skipping to change at page 9, line 20 ¶ | |||
| 'OPTIONAL' in the module text are to be interpreted as described | 'OPTIONAL' in the module text are to be interpreted as described | |||
| in RFC 2119 (http://tools.ietf.org/html/rfc2119). | in RFC 2119 (http://tools.ietf.org/html/rfc2119). | |||
| This version of this YANG module is part of RFC XXXX | This version of this YANG module is part of RFC XXXX | |||
| (http://tools.ietf.org/html/rfcXXXX); see the RFC itself for | (http://tools.ietf.org/html/rfcXXXX); see the RFC itself for | |||
| full legal notices."; | full legal notices."; | |||
| reference | reference | |||
| "RFC 5424: The Syslog Protocol"; | "RFC 5424: The Syslog Protocol"; | |||
| revision 2016-07-08 { | revision 2016-10-30 { | |||
| description | description | |||
| "Initial Revision"; | "Initial Revision"; | |||
| reference | reference | |||
| "RFC XXXX: SYSLOG YANG Model"; | "RFC XXXX: SYSLOG YANG Model"; | |||
| } | } | |||
| typedef severity { | typedef severity { | |||
| type enumeration { | type enumeration { | |||
| enum "emergency" { | enum "emergency" { | |||
| value 0; | value 0; | |||
| description | description | |||
| "Emergency Level Msg"; | "The severity level 'Emergency' indicating that the system | |||
| is unusable."; | ||||
| } | } | |||
| enum "alert" { | enum "alert" { | |||
| value 1; | value 1; | |||
| description | description | |||
| "Alert Level Msg"; | "The severity level 'Alert' indicating that an action must be | |||
| taken immediately."; | ||||
| } | } | |||
| enum "critical" { | enum "critical" { | |||
| value 2; | value 2; | |||
| description | description | |||
| "Critical Level Msg"; | "The severity level 'Critical' indicating a critical condition."; | |||
| } | } | |||
| enum "error" { | enum "error" { | |||
| value 3; | value 3; | |||
| description | description | |||
| "Error Level Msg"; | "The severity level 'Error' indicating an error condition."; | |||
| } | } | |||
| enum "warning" { | enum "warning" { | |||
| value 4; | value 4; | |||
| description | description | |||
| "Warning Level Msg"; | "The severity level 'Warning' indicating a warning condition."; | |||
| } | } | |||
| enum "notice" { | enum "notice" { | |||
| value 5; | value 5; | |||
| description | description | |||
| "Notification Level Msg"; | "The severity level 'Notice' indicating a normal but significant | |||
| condition."; | ||||
| } | } | |||
| enum "info" { | enum "info" { | |||
| value 6; | value 6; | |||
| description | description | |||
| "Informational Level Msg"; | "The severity level 'Info' indicating an informational message."; | |||
| } | } | |||
| enum "debug" { | enum "debug" { | |||
| value 7; | value 7; | |||
| description | description | |||
| "Debugging Level Msg"; | "The severity level 'Debug' indicating a debug-level message."; | |||
| } | } | |||
| } | } | |||
| description | description | |||
| "The definitions for Syslog message severity as per RFC 5424."; | "The definitions for Syslog message severity as per RFC 5424."; | |||
| } | } | |||
| identity syslog-facility { | identity syslog-facility { | |||
| description | description | |||
| "This identity is used as a base for all syslog facilities as | "This identity is used as a base for all syslog facilities as | |||
| per RFC 5424."; | per RFC 5424."; | |||
| skipping to change at page 11, line 25 ¶ | skipping to change at page 11, line 21 ¶ | |||
| base syslog-facility; | base syslog-facility; | |||
| description | description | |||
| "The facility for security/authorization messages (4) as defined | "The facility for security/authorization messages (4) as defined | |||
| in RFC 5424."; | in RFC 5424."; | |||
| } | } | |||
| identity syslog { | identity syslog { | |||
| base syslog-facility; | base syslog-facility; | |||
| description | description | |||
| "The facility for messages generated internally by syslogd | "The facility for messages generated internally by syslogd | |||
| facility (5)as defined in RFC 5424."; | facility (5) as defined in RFC 5424."; | |||
| } | } | |||
| identity lpr { | identity lpr { | |||
| base syslog-facility; | base syslog-facility; | |||
| description | description | |||
| "The facility for the line printer subsystem (6) as defined in | "The facility for the line printer subsystem (6) as defined in | |||
| RFC 5424."; | RFC 5424."; | |||
| } | } | |||
| identity news { | identity news { | |||
| skipping to change at page 14, line 6 ¶ | skipping to change at page 13, line 51 ¶ | |||
| identity local7 { | identity local7 { | |||
| base syslog-facility; | base syslog-facility; | |||
| description | description | |||
| "The facility for local use 7 messages (23) as defined in | "The facility for local use 7 messages (23) as defined in | |||
| RFC 5424."; | RFC 5424."; | |||
| } | } | |||
| } | } | |||
| <CODE ENDS> | <CODE ENDS> | |||
| Figure 3. ietf-syslog-types Module | ||||
| 4.2. The ietf-syslog Module | 4.2. The ietf-syslog Module | |||
| This module imports typedefs from [RFC6021] and [RFC7223], and it | This module imports typedefs from [RFC6021] and [RFC7223], and it | |||
| references [RFC5424], [RFC5425], [RFC5426], [RFC6587], and [RFC5848]. | references [RFC5424], [RFC5425], [RFC5426], [RFC6587], and [RFC5848]. | |||
| <CODE BEGINS> file "ietf-syslog.yang" | <CODE BEGINS> file "ietf-syslog.yang" | |||
| module ietf-syslog { | module ietf-syslog { | |||
| namespace "urn:ietf:params:xml:ns:yang:ietf-syslog"; | namespace "urn:ietf:params:xml:ns:yang:ietf-syslog"; | |||
| prefix syslog; | prefix syslog; | |||
| skipping to change at page 15, line 31 ¶ | skipping to change at page 15, line 29 ¶ | |||
| (http://tools.ietf.org/html/rfcXXXX); see the RFC itself for | (http://tools.ietf.org/html/rfcXXXX); see the RFC itself for | |||
| full legal notices."; | full legal notices."; | |||
| reference | reference | |||
| "RFC 5424: The Syslog Protocol | "RFC 5424: The Syslog Protocol | |||
| RFC 5425: Transport Layer Security (TLS) Transport Mapping for Syslog | RFC 5425: Transport Layer Security (TLS) Transport Mapping for Syslog | |||
| RFC 5426: Transmission of Syslog Messages over UDP | RFC 5426: Transmission of Syslog Messages over UDP | |||
| RFC 6587: Transmission of Syslog Messages over TCP | RFC 6587: Transmission of Syslog Messages over TCP | |||
| RFC 5848: Signed Syslog Messages"; | RFC 5848: Signed Syslog Messages"; | |||
| revision 2016-07-08 { | revision 2016-10-30 { | |||
| description | description | |||
| "Initial Revision"; | "Initial Revision"; | |||
| reference | reference | |||
| "RFC XXXX: Syslog YANG Model"; | "RFC XXXX: Syslog YANG Model"; | |||
| } | } | |||
| feature buffer-limit-bytes { | feature buffer-limit-bytes { | |||
| description | description | |||
| "This feature indicates that local memory logging buffers | "This feature indicates that local memory logging buffers | |||
| are limited in size using a limit expressed in bytes."; | are limited in size using a limit expressed in bytes."; | |||
| skipping to change at page 18, line 14 ¶ | skipping to change at page 18, line 13 ¶ | |||
| "This leaf describes the option to specify how the | "This leaf describes the option to specify how the | |||
| severity comparison is performed."; | severity comparison is performed."; | |||
| } | } | |||
| } | } | |||
| grouping selector { | grouping selector { | |||
| description | description | |||
| "This grouping defines a syslog selector which is used to | "This grouping defines a syslog selector which is used to | |||
| select log messages for the log-action (buffer, file, | select log messages for the log-action (buffer, file, | |||
| etc). Choose one of the following: | etc). Choose one of the following: | |||
| no-log-facility | no-facility | |||
| log-facility [<facility> <severity>...]"; | facility [<facility> <severity>...]"; | |||
| container log-selector { | container selector { | |||
| description | description | |||
| "This container describes the log selector parameters | "This container describes the log selector parameters | |||
| for syslog."; | for syslog."; | |||
| choice selector-facility { | choice selector-facility { | |||
| mandatory true; | mandatory true; | |||
| description | description | |||
| "This choice describes the option to specify no | "This choice describes the option to specify no | |||
| facilities, or a specific facility which can be | facilities, or a specific facility which can be | |||
| all for all facilities."; | all for all facilities."; | |||
| case no-log-facility { | case facility { | |||
| description | description | |||
| "This case specifies no facilities will match when | "This case specifies no facilities will match when | |||
| comparing the syslog message facility. This is a | comparing the syslog message facility. This is a | |||
| method that can be used to effectively disable a | method that can be used to effectively disable a | |||
| particular log-action (buffer, file, etc)."; | particular log-action (buffer, file, etc)."; | |||
| leaf no-facilities { | leaf no-facilities { | |||
| type empty; | type empty; | |||
| description | description | |||
| "This leaf specifies that no facilities are selected | "This leaf specifies that no facilities are selected | |||
| for this log-action."; | for this log-action."; | |||
| } | } | |||
| } | } | |||
| case log-facility { | case name { | |||
| description | description | |||
| "This case specifies one or more specified facilities | "This case specifies one or more specified facilities | |||
| will match when comparing the syslog message facility."; | will match when comparing the syslog message facility."; | |||
| list log-facility { | list facility { | |||
| key facility; | key facility; | |||
| description | description | |||
| "This list describes a collection of syslog | "This list describes a collection of syslog | |||
| facilities and severities."; | facilities and severities."; | |||
| leaf facility { | leaf facility { | |||
| type union { | type union { | |||
| type identityref { | type identityref { | |||
| base syslogtypes:syslog-facility; | base syslogtypes:syslog-facility; | |||
| } | } | |||
| type enumeration { | type enumeration { | |||
| enum all { | enum all { | |||
| description | description | |||
| "This enum describes the case where all | "This enum describes the case where all | |||
| facilities are requested."; | facilities are requested."; | |||
| } | } | |||
| } | } | |||
| } | } | |||
| description | description | |||
| skipping to change at page 20, line 25 ¶ | skipping to change at page 20, line 24 ¶ | |||
| uses selector; | uses selector; | |||
| } | } | |||
| container buffer { | container buffer { | |||
| description | description | |||
| "This container describes the configuration parameters for | "This container describes the configuration parameters for | |||
| local memory buffer logging. The buffer is circular in | local memory buffer logging. The buffer is circular in | |||
| nature, so newer messages overwrite older messages after | nature, so newer messages overwrite older messages after | |||
| the buffer is filled. The method used to read syslog messages | the buffer is filled. The method used to read syslog messages | |||
| from the buffer is supplied by the local implementation."; | from the buffer is supplied by the local implementation."; | |||
| uses selector; | uses selector; | |||
| uses structured-data; | ||||
| leaf buffer-limit-bytes { | leaf buffer-limit-bytes { | |||
| if-feature buffer-limit-bytes; | if-feature buffer-limit-bytes; | |||
| type uint64; | type uint64; | |||
| units "bytes"; | units "bytes"; | |||
| description | description | |||
| "This leaf configures the amount of memory (in bytes) that | "This leaf configures the amount of memory (in bytes) that | |||
| will be dedicated to the local memory logging buffer. | will be dedicated to the local memory logging buffer. | |||
| The default value varies by implementation."; | The default value varies by implementation."; | |||
| } | } | |||
| leaf buffer-limit-messages { | leaf buffer-limit-messages { | |||
| if-feature buffer-limit-messages; | if-feature buffer-limit-messages; | |||
| type uint64; | type uint64; | |||
| units "log messages"; | units "log messages"; | |||
| description | description | |||
| "This leaf configures the number of log messages that | "This leaf configures the number of log messages that | |||
| will be dedicated to the local memory logging buffer. | will be dedicated to the local memory logging buffer. | |||
| The default value varies by implementation."; | The default value varies by implementation."; | |||
| } | } | |||
| uses structured-data; | ||||
| } | } | |||
| container file { | container file { | |||
| description | description | |||
| "This container describes the configuration parameters for | "This container describes the configuration parameters for | |||
| file logging. If file-archive limits are not supplied, it | file logging. If file-archive limits are not supplied, it | |||
| is assumed that the local implementation defined limits will | is assumed that the local implementation defined limits will | |||
| be used."; | be used."; | |||
| list log-file { | list log-file { | |||
| key "name"; | key "name"; | |||
| description | description | |||
| skipping to change at page 21, line 18 ¶ | skipping to change at page 21, line 17 ¶ | |||
| leaf name { | leaf name { | |||
| type inet:uri { | type inet:uri { | |||
| pattern 'file:.*'; | pattern 'file:.*'; | |||
| } | } | |||
| description | description | |||
| "This leaf specifies the name of the log file which | "This leaf specifies the name of the log file which | |||
| MUST use the uri scheme file:."; | MUST use the uri scheme file:."; | |||
| } | } | |||
| uses selector; | uses selector; | |||
| uses structured-data; | uses structured-data; | |||
| container file-archive { | container file-rotation { | |||
| description | description | |||
| "This container describes the configuration | "This container describes the configuration | |||
| parameters for log file archiving."; | parameters for log file rotation."; | |||
| leaf number-of-files { | leaf number-of-files { | |||
| if-feature file-limit-size; | if-feature file-limit-size; | |||
| type uint32; | type uint32; | |||
| description | description | |||
| "This leaf specifies the maximum number of log | "This leaf specifies the maximum number of log | |||
| files retained. Specify 1 for implementations | files retained. Specify 1 for implementations | |||
| that only support one log file."; | that only support one log file."; | |||
| } | } | |||
| leaf max-file-size { | leaf max-file-size { | |||
| if-feature file-limit-size; | if-feature file-limit-size; | |||
| skipping to change at page 23, line 50 ¶ | skipping to change at page 23, line 49 ¶ | |||
| // default 6514; | // default 6514; | |||
| // description | // description | |||
| // "TCP port 6514 has been allocated as the default | // "TCP port 6514 has been allocated as the default | |||
| // port for syslog over TLS."; | // port for syslog over TLS."; | |||
| // } | // } | |||
| // } | // } | |||
| } | } | |||
| } | } | |||
| } | } | |||
| uses selector; | uses selector; | |||
| leaf destination-facility { | uses structured-data; | |||
| leaf facility-override { | ||||
| type identityref { | type identityref { | |||
| base syslogtypes:syslog-facility; | base syslogtypes:syslog-facility; | |||
| } | } | |||
| default syslogtypes:local7; | ||||
| description | description | |||
| "This leaf specifies the facility used in messages | "If specified, this leaf specifies the facility used | |||
| delivered to the remote server."; | to override the facility in messages delivered to the | |||
| remote server."; | ||||
| } | } | |||
| leaf source-interface { | leaf source-interface { | |||
| type if:interface-ref; | type if:interface-ref; | |||
| description | description | |||
| "This leaf sets the source interface for the remote | "This leaf sets the source interface to be used to send | |||
| syslog server. Either the interface name or the | message to the remote syslog server. If not set, | |||
| interface IP address can be specified. If not set, | ||||
| messages sent to a remote syslog server will | messages sent to a remote syslog server will | |||
| contain the IP address of the interface the syslog | contain the IP address of the interface the syslog | |||
| message uses to exit the network element"; | message uses to exit the network element"; | |||
| } | } | |||
| uses structured-data; | ||||
| container syslog-sign { | container syslog-sign { | |||
| if-feature signed-messages; | if-feature signed-messages; | |||
| presence | presence | |||
| "If present, syslog-sign is activated."; | "If present, syslog-sign is activated."; | |||
| description | description | |||
| "This container describes the configuration | "This container describes the configuration | |||
| parameters for signed syslog messages as described | parameters for signed syslog messages as described | |||
| by RFC 5848."; | by RFC 5848."; | |||
| reference | reference | |||
| "RFC 5848: Signed Syslog Messages"; | "RFC 5848: Signed Syslog Messages"; | |||
| leaf cert-initial-repeat { | leaf cert-initial-repeat { | |||
| type uint16; | type uint16; | |||
| mandatory true; | mandatory true; | |||
| description | description | |||
| "This leaf specifies the number of times each | "This leaf specifies the number of times each | |||
| Certificate Block should be sent before the first | Certificate Block should be sent before the first | |||
| message is sent."; | message is sent."; | |||
| } | } | |||
| leaf cert-resend-delay { | leaf cert-resend-delay { | |||
| type uint16; | type uint16; | |||
| units "seconds"; | ||||
| mandatory true; | mandatory true; | |||
| description | description | |||
| "This leaf specifies the maximum time delay in | "This leaf specifies the maximum time delay in | |||
| seconds until resending the Certificate Block."; | seconds until resending the Certificate Block."; | |||
| } | } | |||
| leaf cert-resend-count { | leaf cert-resend-count { | |||
| type uint16; | type uint16; | |||
| mandatory true; | mandatory true; | |||
| description | description | |||
| "This leaf specifies the maximum number of other | "This leaf specifies the maximum number of other | |||
| skipping to change at page 25, line 5 ¶ | skipping to change at page 25, line 4 ¶ | |||
| "This leaf specifies the maximum time delay in | "This leaf specifies the maximum time delay in | |||
| seconds until resending the Certificate Block."; | seconds until resending the Certificate Block."; | |||
| } | } | |||
| leaf cert-resend-count { | leaf cert-resend-count { | |||
| type uint16; | type uint16; | |||
| mandatory true; | mandatory true; | |||
| description | description | |||
| "This leaf specifies the maximum number of other | "This leaf specifies the maximum number of other | |||
| syslog messages to send until resending the | syslog messages to send until resending the | |||
| Certificate Block."; | Certificate Block."; | |||
| } | } | |||
| leaf sig-max-delay { | leaf sig-max-delay { | |||
| type uint16; | type uint16; | |||
| units "seconds"; | ||||
| mandatory true; | mandatory true; | |||
| description | description | |||
| "This leaf specifies when to generate a new | "This leaf specifies when to generate a new | |||
| Signature Block. If this many seconds have | Signature Block. If this many seconds have | |||
| elapsed since the message with the first message | elapsed since the message with the first message | |||
| number of the Signature Block was sent, a new | number of the Signature Block was sent, a new | |||
| Signature Block should be generated."; | Signature Block should be generated."; | |||
| } | } | |||
| leaf sig-number-resends { | leaf sig-number-resends { | |||
| type uint16; | type uint16; | |||
| mandatory true; | mandatory true; | |||
| description | description | |||
| "This leaf specifies the number of times a | "This leaf specifies the number of times a | |||
| Signature Block is resent. (It is recommended to | Signature Block is resent. (It is recommended to | |||
| select a value of greater than 0 in particular | select a value of greater than 0 in particular | |||
| when the UDP transport [RFC5426] is used.)."; | when the UDP transport [RFC5426] is used.)."; | |||
| } | } | |||
| leaf sig-resend-delay { | leaf sig-resend-delay { | |||
| type uint16; | type uint16; | |||
| units "seconds"; | ||||
| mandatory true; | mandatory true; | |||
| description | description | |||
| "This leaf specifies when to send the next | "This leaf specifies when to send the next | |||
| Signature Block transmission based on time. If | Signature Block transmission based on time. If | |||
| this many seconds have elapsed since the previous | this many seconds have elapsed since the previous | |||
| sending of this Signature Block, resend it."; | sending of this Signature Block, resend it."; | |||
| } | } | |||
| leaf sig-resend-count { | leaf sig-resend-count { | |||
| type uint16; | type uint16; | |||
| mandatory true; | mandatory true; | |||
| skipping to change at page 26, line 29 ¶ | skipping to change at page 26, line 31 ¶ | |||
| is to receive log messages."; | is to receive log messages."; | |||
| } | } | |||
| uses selector; | uses selector; | |||
| } | } | |||
| } | } | |||
| } | } | |||
| } | } | |||
| } | } | |||
| <CODE ENDS> | <CODE ENDS> | |||
| 5. Usage Examples | Figure 4. ietf-syslog Module | |||
| 5. Usage Examples | ||||
| Requirement: | Requirement: | |||
| Enable console logging of syslogs of severity critical | Enable console logging of syslogs of severity critical | |||
| Here is the example syslog configuration xml: | Here is the example syslog configuration xml: | |||
| <rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> | <config xmlns:xc="urn:ietf:params:xml:ns:netconf:base:1.0"> | |||
| <edit-config> | <syslog xmlns="urn:ietf:params:xml:ns:yang:ietf-syslog" | |||
| <target> | xmlns:syslog="urn:ietf:params:xml:ns:yang:ietf-syslog"> | |||
| <candidate/> | <actions> | |||
| </target> | <console> | |||
| <config xmlns:xc="urn:ietf:params:xml:ns:netconf:base:1.0"> | <selector> | |||
| <syslog xmlns="urn:ietf:params:xml:ns:yang:ietf-syslog" | <facility> | |||
| xmlns:syslog="urn:ietf:params:xml:ns:yang:ietf-syslog"> | <facility>all</facility> | |||
| <actions> | <severity>critical</severity> | |||
| <console> | </facility> | |||
| <log-selector> | </selector> | |||
| <log-facility> | </console> | |||
| <facility>all</facility> | </actions> | |||
| <severity>critical</severity> | </syslog> | |||
| </log-facility> | </config> | |||
| </log-selector> | ||||
| </console> | ||||
| </actions> | ||||
| </syslog> | ||||
| </config> | ||||
| </edit-config> | ||||
| </rpc> | ||||
| <?xml version="1.0" encoding="UTF-8"?> | ||||
| <rpc-reply message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> | ||||
| <ok/> | ||||
| </rpc-reply> | ||||
| Enable remote logging of syslogs to udp destination 2001:db8:a0b:12f0::1 | Enable remote logging of syslogs to udp destination 2001:db8:a0b:12f0::1 | |||
| for facility auth, severity error | for facility auth, severity error | |||
| <rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> | <config xmlns:xc="urn:ietf:params:xml:ns:netconf:base:1.0"> | |||
| <edit-config> | <syslog xmlns="urn:ietf:params:xml:ns:yang:ietf-syslog" | |||
| <target> | xmlns:syslog="urn:ietf:params:xml:ns:yang:ietf-syslog"> | |||
| <candidate/> | <actions> | |||
| </target> | <remote> | |||
| <config xmlns:xc="urn:ietf:params:xml:ns:netconf:base:1.0"> | <destination> | |||
| <syslog xmlns="urn:ietf:params:xml:ns:yang:ietf-syslog" | <name>remote1</name> | |||
| xmlns:syslog="urn:ietf:params:xml:ns:yang:ietf-syslog"> | <udp> | |||
| <actions> | <address>2001:db8:a0b:12f0::1</address> | |||
| <remote> | </udp> | |||
| <destination> | <selector> | |||
| <name>remote1</name> | <facility> | |||
| <udp> | <facility xmlns:syslogtypes= | |||
| <address>2001:db8:a0b:12f0::1</address> | "urn:ietf:params:xml:ns:yang:ietf-syslog-types"> | |||
| </udp> | syslogtypes:auth</facility> | |||
| <log-selector> | <severity>error</severity> | |||
| <log-facility> | <facility> | |||
| <facility xmlns:syslogtypes= | <selector> | |||
| "urn:ietf:params:xml:ns:yang:ietf-syslog-types"> | </destination> | |||
| syslogtypes:auth</facility> | </remote> | |||
| <severity>error</severity> | </actions> | |||
| </log-facility> | </syslog> | |||
| </log-selector> | </config> | |||
| </destination> | ||||
| </remote> | ||||
| </actions> | ||||
| </syslog> | ||||
| </config> | ||||
| </edit-config> | ||||
| </rpc> | ||||
| <?xml version="1.0" encoding="UTF-8"?> | Figure 5. ietf-syslog Examples | |||
| <rpc-reply message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> | ||||
| <ok/> | ||||
| </rpc-reply> | ||||
| 6. Acknowledgements | 6. Acknowledgements | |||
| The authors wish to thank the following who commented on this | The authors wish to thank the following who commented on this | |||
| proposal: | proposal: | |||
| Martin Bjorklund | Martin Bjorklund | |||
| Jim Gibson | Jim Gibson | |||
| Jeffrey Haas | Jeffrey Haas | |||
| John Heasley | John Heasley | |||
| skipping to change at page 29, line 48 ¶ | skipping to change at page 29, line 45 ¶ | |||
| Network administrators must take the time to estimate the appropriate | Network administrators must take the time to estimate the appropriate | |||
| memory limits caused by the configuration of actions/buffer using | memory limits caused by the configuration of actions/buffer using | |||
| buffer-limit-bytes and/or buffer-limit-messages where necessary to | buffer-limit-bytes and/or buffer-limit-messages where necessary to | |||
| limit the amount of memory used. | limit the amount of memory used. | |||
| Network administrators must take the time to estimate the appropriate | Network administrators must take the time to estimate the appropriate | |||
| storage capacity caused by the configuration of actions/file using | storage capacity caused by the configuration of actions/file using | |||
| file-archive attributes to limit storage used. | file-archive attributes to limit storage used. | |||
| It is the responsibility of the network admisintrator to ensure that | It is the responsibility of the network administrator to ensure that | |||
| the configured message flow does not overwhelm system resources. | the configured message flow does not overwhelm system resources. | |||
| 8.2. Inappropriate Configuration | 8.2. Inappropriate Configuration | |||
| It is the responsibility of the network admisintrator to ensure that | It is the responsibility of the network admisintrator to ensure that | |||
| the messages are actually going to the intended recipients. | the messages are actually going to the intended recipients. | |||
| 9. References | 9. References | |||
| 9.1. Normative References | 9.1. Normative References | |||
| skipping to change at page 32, line 13 ¶ | skipping to change at page 32, line 13 ¶ | |||
| two facilities are added): | two facilities are added): | |||
| module vendor-syslog-types-example { | module vendor-syslog-types-example { | |||
| namespace "urn:vendor:params:xml:ns:yang:vendor-syslog-types"; | namespace "urn:vendor:params:xml:ns:yang:vendor-syslog-types"; | |||
| prefix vendor-syslogtypes; | prefix vendor-syslogtypes; | |||
| import ietf-syslog-types { | import ietf-syslog-types { | |||
| prefix syslogtypes; | prefix syslogtypes; | |||
| } | } | |||
| organization "Vendor, Inc."; | organization "Example, Inc."; | |||
| contact | contact | |||
| "Vendor, Inc. | "Example, Inc. | |||
| Customer Service | Customer Service | |||
| E-mail: syslog-yang@vendor.com"; | E-mail: syslog-yang@example.com"; | |||
| description | description | |||
| "This module contains a collection of vendor-sprecific YANG type | "This module contains a collection of vendor-specific YANG type | |||
| definitions for SYSLOG."; | definitions for SYSLOG."; | |||
| revision 2016-03-20 { | revision 2016-03-20 { | |||
| description | description | |||
| "Version 1.0"; | "Version 1.0"; | |||
| reference | reference | |||
| "Vendor SYSLOG Types: SYSLOG YANG Model"; | "Vendor SYSLOG Types: SYSLOG YANG Model"; | |||
| } | } | |||
| identity vendor_specific_type_1 { | identity vendor_specific_type_1 { | |||
| End of changes. 75 change blocks. | ||||
| 151 lines changed or deleted | 132 lines changed or added | |||
This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||