draft-ietf-netmod-syslog-model-04.txt   draft-ietf-netmod-syslog-model-05.txt 
NETMOD WG Clyde Wildes NETMOD WG Clyde Wildes
Internet-Draft Cisco Systems Internet-Draft Kiran Koushik
Intended status: Informational Agrahara Kiran Koushik Intended status: Informational Cisco Systems Inc.
Expires: Jan 06, 2016 Brocade Communication Systems Expires: Apr 16, 2016 Oct 16, 2015
Jul 06, 2015
SYSLOG YANG model SYSLOG YANG model
draft-ietf-netmod-syslog-model-04 draft-ietf-netmod-syslog-model-05
Abstract Abstract
This document describes a data model for Syslog This document describes a data model for Syslog
protocol which is used to convey event notification messages. protocol which is used to convey event notification messages.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
skipping to change at page 5, line 9 skipping to change at page 5, line 9
- user terminals - user terminals
- remote server(s). - remote server(s).
Optional features are used to specified fields that are not present in Optional features are used to specified fields that are not present in
all vendor configurations. all vendor configurations.
3.1. SYSLOG Module 3.1. SYSLOG Module
module: ietf-syslog module: ietf-syslog
+--rw syslog +--rw syslog
+--rw log-actions +--rw log-actions
+--rw console +--rw console!
| +--rw log-selector | +--rw log-selector
| +--rw (logging-level-scope)? | +--rw (selector-facility)
| | +--:(logging-facility-all) | | +--:(no-log-facility)
| | | +--rw all-facilities? empty | | | +--rw no-facilities? empty
| | | +--rw severity? union | | +--:(log-facility)
| | +--:(logging-facility-none) | | +--rw log-facility* [facility]
| | | +--rw no-facilities? empty | | +--rw facility union
| | +--:(logging-facility) | | +--rw severity union
| | +--rw facilities* [facility] | | +--rw severity-operator? enumeration {selector-severity-operator-config}?
| | +--rw facility identityref | +--rw pattern-match? string {selector-match-processing-config}?
| | +--rw severity? union
| +--rw severity-operator? enumeration {selector-severity-operator-config}?
| +--rw pattern-match? string {selector-match-processing-config}?
+--rw buffer +--rw buffer
| +--rw log-buffer* [name] | +--rw log-buffer* [name]
| +--rw name string | +--rw name string
| +--rw log-selector | +--rw log-selector
| | +--rw (logging-level-scope)? | | +--rw (selector-facility)
| | | +--:(logging-facility-all) | | | +--:(no-log-facility)
| | | | +--rw all-facilities? empty | | | | +--rw no-facilities? empty
| | | | +--rw severity? union | | | +--:(log-facility)
| | | +--:(logging-facility-none) | | | +--rw log-facility* [facility]
| | | | +--rw no-facilities? empty | | | +--rw facility union
| | | +--:(logging-facility) | | | +--rw severity union
| | | +--rw facilities* [facility] | | | +--rw severity-operator? enumeration {selector-severity-operator-config}?
| | | +--rw facility identityref | | +--rw pattern-match? string {selector-match-processing-config}?
| | | +--rw severity? union
| | +--rw severity-operator? enumeration {selector-severity-operator-config}?
| | +--rw pattern-match? string {selector-match-processing-config}?
| +--rw buffer-size-bytes? uint64 {buffer-limit-bytes}? | +--rw buffer-size-bytes? uint64 {buffer-limit-bytes}?
| +--rw buffer-size-messages? uint64 {buffer-limit-messages}? | +--rw buffer-size-messages? uint64 {buffer-limit-messages}?
+--rw file +--rw file
| +--rw log-file* [name] | +--rw log-file* [name]
| +--rw name inet:uri | +--rw name inet:uri
| +--rw log-selector | +--rw log-selector
| | +--rw (logging-level-scope)? | | +--rw (selector-facility)
| | | +--:(logging-facility-all) | | | +--:(no-log-facility)
| | | | +--rw all-facilities? empty | | | | +--rw no-facilities? empty
| | | | +--rw severity? union | | | +--:(log-facility)
| | | +--:(logging-facility-none) | | | +--rw log-facility* [facility]
| | | | +--rw no-facilities? empty | | | +--rw facility union
| | | +--:(logging-facility) | | | +--rw severity union
| | | +--rw facilities* [facility] | | | +--rw severity-operator? enumeration {selector-severity-operator-config}?
| | | +--rw facility identityref | | +--rw pattern-match? string {selector-match-processing-config}?
| | | +--rw severity? union
| | +--rw severity-operator? enumeration {selector-severity-operator-config}?
| | +--rw pattern-match? string {selector-match-processing-config}?
| +--rw structured-data? boolean {structured-data-config}? | +--rw structured-data? boolean {structured-data-config}?
| +--rw file-archive | +--rw file-archive
| +--rw number-of-files? uint32 {file-limit-size}? | +--rw number-of-files? uint32 {file-limit-size}?
| +--rw max-file-size? uint64 {file-limit-size}? | +--rw max-file-size? uint64 {file-limit-size}?
| +--rw rollover? uint32 {file-limit-duration}? | +--rw rollover? uint32 {file-limit-duration}?
| +--rw retention? uint16 {file-limit-duration}? | +--rw retention? uint16 {file-limit-duration}?
+--rw remote +--rw remote
| +--rw remote-logging-destination* [name] | +--rw destination* [name]
| +--rw name string | +--rw name string
| +--rw (transport) | +--rw (transport)
| | +--:(tcp) | | +--:(tcp)
| | | +--rw tcp | | | +--rw tcp
| | | +--rw address? inet:host | | | +--rw address? inet:host
| | | +--rw port? inet:port-number | | | +--rw port? inet:port-number
| | +--:(udp) | | +--:(udp)
| | +--rw udp | | +--rw udp
| | +--rw address? inet:host | | +--rw address? inet:host
| | +--rw port? inet:port-number | | +--rw port? inet:port-number
| +--rw log-selector | +--rw log-selector
| | +--rw (logging-level-scope)? | | +--rw (selector-facility)
| | | +--:(logging-facility-all) | | | +--:(no-log-facility)
| | | | +--rw all-facilities? empty | | | | +--rw no-facilities? empty
| | | | +--rw severity? union | | | +--:(log-facility)
| | | +--:(logging-facility-none) | | | +--rw log-facility* [facility]
| | | | +--rw no-facilities? empty | | | +--rw facility union
| | | +--:(logging-facility) | | | +--rw severity union
| | | +--rw facilities* [facility] | | | +--rw severity-operator? enumeration {selector-severity-operator-config}?
| | | +--rw facility identityref | | +--rw pattern-match? string {selector-match-processing-config}?
| | | +--rw severity? union
| | +--rw severity-operator? enumeration {selector-severity-operator-config}?
| | +--rw pattern-match? string {selector-match-processing-config}?
| +--rw destination-facility? identityref | +--rw destination-facility? identityref
| +--rw source-interface? if:interface-ref | +--rw source-interface? if:interface-ref
| +--rw syslog-sign! {signed-messages-config}? | +--rw syslog-sign! {signed-messages-config}?
| +--rw cert-initial-repeat uint16 | +--rw cert-initial-repeat uint16
| +--rw cert-resend-delay uint16 | +--rw cert-resend-delay uint16
| +--rw cert-resend-count uint16 | +--rw cert-resend-count uint16
| +--rw sig-max-delay uint16 | +--rw sig-max-delay uint16
| +--rw sig-number-resends uint16 | +--rw sig-number-resends uint16
| +--rw sig-resend-delay uint16 | +--rw sig-resend-delay uint16
| +--rw sig-resend-count uint16 | +--rw sig-resend-count uint16
+--rw terminal +--rw terminal
+--rw (user-scope)? +--rw (user-scope)
+--:(all-users) +--:(all-users)
| +--rw all-users | +--rw all-users
| +--rw log-selector | +--rw log-selector
| +--rw (logging-level-scope)? | +--rw (selector-facility)
| | +--:(logging-facility-all) | | +--:(no-log-facility)
| | | +--rw all-facilities? empty | | | +--rw no-facilities? empty
| | | +--rw severity? union | | +--:(log-facility)
| | +--:(logging-facility-none) | | +--rw log-facility* [facility]
| | | +--rw no-facilities? empty | | +--rw facility union
| | +--:(logging-facility) | | +--rw severity union
| | +--rw facilities* [facility] | | +--rw severity-operator? enumeration {selector-severity-operator-config}?
| | +--rw facility identityref | +--rw pattern-match? string {selector-match-processing-config}?
| | +--rw severity? union
| +--rw severity-operator? enumeration {selector-severity-operator-config}?
| +--rw pattern-match? string {selector-match-processing-config}?
+--:(per-user) {terminal-facility-user-logging-config}? +--:(per-user) {terminal-facility-user-logging-config}?
+--rw user-name* [uname] +--rw user-name* [uname]
+--rw uname string +--rw uname string
+--rw log-selector +--rw log-selector
+--rw (logging-level-scope)? +--rw (selector-facility)
| +--:(logging-facility-all) | +--:(no-log-facility)
| | +--rw all-facilities? empty | | +--rw no-facilities? empty
| | +--rw severity? union | +--:(log-facility)
| +--:(logging-facility-none) | +--rw log-facility* [facility]
| | +--rw no-facilities? empty | +--rw facility union
| +--:(logging-facility) | +--rw severity union
| +--rw facilities* [facility] | +--rw severity-operator? enumeration {selector-severity-operator-config}?
| +--rw facility identityref +--rw pattern-match? string {selector-match-processing-config}?
| +--rw severity? union
+--rw severity-operator? enumeration {selector-severity-operator-config}?
+--rw pattern-match? string {selector-match-processing-config}?
4. SYSLOG YANG Models 4. SYSLOG YANG Models
4.1. SYSLOG-TYPES module 4.1. SYSLOG-TYPES module
<CODE BEGINS> file "ietf-syslog-types.yang" <CODE BEGINS> file "ietf-syslog-types.yang"
module ietf-syslog-types { module ietf-syslog-types {
namespace "urn:ietf:params:xml:ns:yang:ietf-syslog-types"; namespace "urn:ietf:params:xml:ns:yang:ietf-syslog-types";
prefix syslogtypes; prefix syslogtypes;
organization "IETF NETMOD (NETCONF Data Modeling Language) Working organization "IETF NETMOD (NETCONF Data Modeling Language) Working
Group"; Group";
contact contact
"WG Web: <http://tools.ietf.org/wg/netmod/> "WG Web: <http://tools.ietf.org/wg/netmod/>
WG List: <mailto:netmod@ietf.org> WG List: <mailto:netmod@ietf.org>
skipping to change at page 6, line 24 skipping to change at page 6, line 23
organization "IETF NETMOD (NETCONF Data Modeling Language) Working organization "IETF NETMOD (NETCONF Data Modeling Language) Working
Group"; Group";
contact contact
"WG Web: <http://tools.ietf.org/wg/netmod/> "WG Web: <http://tools.ietf.org/wg/netmod/>
WG List: <mailto:netmod@ietf.org> WG List: <mailto:netmod@ietf.org>
WG Chair: Tom Nadeau WG Chair: Tom Nadeau
<mailto:tnadeau@lucidvision.com> <mailto:tnadeau@lucidvision.com>
WG Chair: Juergen Schoenwaelder WG Chair: Kent Watson
<mailto:j.schoenwaelder@jacobs-university.de> <mailto:kwatsen@juniper.net>
Editor: Ladislav Lhotka Editor: Ladislav Lhotka
<mailto:lhotka@nic.cz>"; <mailto:lhotka@nic.cz>";
description description
"This module contains a collection of YANG type definitions for "This module contains a collection of YANG type definitions for
SYSLOG."; SYSLOG.";
revision 2015-07-06 { revision 2015-10-14 {
description description
"Initial Revision"; "Initial Revision";
reference reference
"This model references RFC 5424 - The Syslog Protocol, "This model references RFC 5424 - The Syslog Protocol,
and RFC 5848 - Signed Syslog Messages."; and RFC 5848 - Signed Syslog Messages.";
} }
typedef severity { typedef severity {
type enumeration { type enumeration {
enum "emergency" { enum "emergency" {
skipping to change at page 8, line 20 skipping to change at page 7, line 56
identity mail { identity mail {
base syslog-facility; base syslog-facility;
description description
"The facility for the mail system as defined in RFC 5424."; "The facility for the mail system as defined in RFC 5424.";
} }
identity daemon { identity daemon {
base syslog-facility; base syslog-facility;
description description
"The facility for the system daemons as defined in RFC 5424."; "The facility for the system daemons as defined in RFC 5424.";
} }
identity auth { identity auth {
base syslog-facility; base syslog-facility;
description description
"The facility for security/authorization messages as defined "The facility for security/authorization messages as defined
in RFC 5424."; in RFC 5424.";
} }
identity syslog { identity syslog {
base syslog-facility; base syslog-facility;
description description
"The facility for messages generated internally by syslogd "The facility for messages generated internally by syslogd
facility as defined in RFC 5424."; facility as defined in RFC 5424.";
} }
identity lpr { identity lpr {
base syslog-facility; base syslog-facility;
description description
skipping to change at page 10, line 33 skipping to change at page 10, line 32
organization "IETF NETMOD (NETCONF Data Modeling Language) organization "IETF NETMOD (NETCONF Data Modeling Language)
Working Group"; Working Group";
contact contact
"WG Web: <http://tools.ietf.org/wg/netmod/> "WG Web: <http://tools.ietf.org/wg/netmod/>
WG List: <mailto:netmod@ietf.org> WG List: <mailto:netmod@ietf.org>
WG Chair: Tom Nadeau WG Chair: Tom Nadeau
<mailto:tnadeau@lucidvision.com> <mailto:tnadeau@lucidvision.com>
WG Chair: Juergen Schoenwaelder WG Chair: Kent Watson
<mailto:j.schoenwaelder@jacobs-university.de> <mailto:kwatsen@juniper.net>
Editor: Ladislav Lhotka Editor: Ladislav Lhotka
<mailto:lhotka@nic.cz>"; <mailto:lhotka@nic.cz>";
description description
"This module contains a collection of YANG definitions "This module contains a collection of YANG definitions
for Syslog configuration."; for Syslog configuration.";
revision 2015-07-06 { revision 2015-10-14 {
description description
"Initial Revision"; "Initial Revision";
reference reference
"RFC 5424: The Syslog Protocol "RFC 5424: The Syslog Protocol
RFC 5848: Signed Syslog Messages"; RFC 5848: Signed Syslog Messages";
} }
feature buffer-limit-bytes { feature buffer-limit-bytes {
description description
"This feature indicates that local memory logging buffers "This feature indicates that local memory logging buffers
skipping to change at page 11, line 57 skipping to change at page 11, line 44
feature signed-messages-config { feature signed-messages-config {
description description
"This feature represents the ability to configure signed "This feature represents the ability to configure signed
syslog messages according to RFC 5848."; syslog messages according to RFC 5848.";
} }
grouping syslog-severity { grouping syslog-severity {
description description
"This grouping defines the Syslog severity which is used to "This grouping defines the Syslog severity which is used to
filter log messages."; select log messages.";
leaf severity { leaf severity {
type union { type union {
type syslogtypes:severity; type syslogtypes:severity;
type enumeration { type enumeration {
enum all { enum all {
value -1; value -1;
description description
"This enum describes the case where all severities "This enum describes the case where all severities
are requested."; are requested.";
} }
enum none {
value -2;
description
"This enum describes the case where no severities
are requested.";
}
} }
} }
mandatory true;
description description
"This leaf specifies the Syslog message severity. When "This leaf specifies the Syslog message severity. When
severity is specified the default severity comparison severity is specified, the default severity comparison
is all messages of the specified severity and greater are is all messages of the specified severity and greater are
logged unless all is specified which means all severities logged. 'all' is a special case which means all severities
are requested. No value implies no severity is requested."; are requested. 'none' is a special case which means that
no severity selection should occur.";
}
leaf severity-operator {
if-feature selector-severity-operator-config;
type enumeration {
enum equals-or-higher {
description
"This enum specifies all messages of the specified
severity and higher are logged according to the
given log-action";
}
enum equals {
description
"This enum specifies all messages that are for
the specified severity are logged according to the
given log-action";
}
enum not-equals {
description
"This enum specifies all messages that are not for
the specified severity are logged according to the
given log-action";
}
}
default equals-or-higher;
description
"This leaf describes the option to specify how the
severity comparison is performed.";
} }
} }
grouping syslog-selector { grouping syslog-selector {
description description
"This grouping defines a Syslog selector which is used to "This grouping defines a Syslog selector which is used to
filter log messages for the given action in which the select log messages for the log-action (buffer, file,
selector appears. Choose one of the following: etc). Choose one of the following:
logging-facility-all <severity> no-log-facility
logging-facility-none log-facility [<facility> <severity>...]";
logging-facility [<facility> <severity>...]
Additional severity comparison operations are available
using the severity-operator leaf. If the severity-operator
leaf is not present all messages of the specified severity
and higher are logged according to the given action.";
container log-selector { container log-selector {
description description
"This container describes the log selector parameters "This container describes the log selector parameters
for Syslog."; for Syslog.";
choice logging-level-scope { choice selector-facility {
default logging-facility-all; mandatory true;
description description
"This choice describes the option to specify all "This choice describes the option to specify no
facilities, no facilities, or a specific facility."; facilities, or a specific facility which can be
case logging-facility-all { all for all facilities.";
description case no-log-facility {
"This case specifies all facilities will match when
comparing the Syslog message facility.";
leaf all-facilities {
type empty;
description
"This leaf specifies that all facilities participate in
the filtering of Syslog messages for this action.";
}
uses syslog-severity;
}
case logging-facility-none {
description description
"This case specifies no facilities will match when "This case specifies no facilities will match when
comparing the Syslog message facility. This is a method comparing the Syslog message facility. This is a
that can be used to turn an action off."; method that can be used to effectively disable a
particular log-action (buffer, file, etc).";
leaf no-facilities { leaf no-facilities {
type empty; type empty;
description description
"This leaf specifies that no facilities participate in "This leaf specifies that no facilities are selected
the filtering of Syslog messages for this action."; for this log-action.";
} }
} }
case logging-facility { case log-facility {
description description
"This case specifies one or more specified facilities "This case specifies one or more specified facilities
will match when comparing the Syslog message facility."; will match when comparing the Syslog message facility.";
list facilities { list log-facility {
key "facility"; key facility;
description description
"This list describes a collection of Syslog facilities "This list describes a collection of Syslog
and severities."; facilities and severities.";
leaf facility { leaf facility {
type identityref { type union {
base syslogtypes:syslog-facility; type identityref {
base syslogtypes:syslog-facility;
}
type enumeration {
enum all {
description
"This enum describes the case where all
facilities are requested.";
}
}
} }
description description
"The leaf uniquely identifies a Syslog facility."; "The leaf uniquely identifies a Syslog facility.";
} }
uses syslog-severity; uses syslog-severity;
} }
} }
} }
leaf severity-operator {
if-feature selector-severity-operator-config;
type enumeration {
enum equals-or-higher {
description
"This enum specifies all messages of the specified
severity and higher are logged according to the
given action";
}
enum equals {
description
"This enum specifies all messages that are for
the specified severity are logged according to the
given action";
}
enum not-equals {
description
"This enum specifies all messages that are not for
the specified severity are logged according to the
given action";
}
}
default equals-or-higher;
description
"This leaf describes the option to specify how the
severity comparison is performed.";
}
leaf pattern-match { leaf pattern-match {
if-feature selector-match-processing-config; if-feature selector-match-processing-config;
type string; type string;
description description
"This leaf desribes a Posix 1003.2 regular expression "This leaf desribes a Posix 1003.2 regular expression
string that can be used to select a Syslog message for string that can be used to select a Syslog message for
logging. The match is performed on the RFC 5424 logging. The match is performed on the RFC 5424
SYSLOG-MSG field."; SYSLOG-MSG field.";
} }
} }
} }
container syslog { container syslog {
description description
"This container describes the configuration parameters for "This container describes the configuration parameters for
Syslog."; Syslog.";
container log-actions { container log-actions {
description description
"This container describes the log action parameters "This container describes the log-action parameters
for Syslog."; for Syslog.";
container console { container console {
presence "Enables logging console configuration";
description description
"This container describes the configuration parameters for "This container describes the configuration parameters for
console logging."; console logging.";
uses syslog-selector; uses syslog-selector;
} }
container buffer { container buffer {
description description
"This container describes the configuration parameters for "This container describes the configuration parameters for
local memory buffer logging. The buffer is circular in local memory buffer logging. The buffer is circular in
nature, so newer messages overwrite older messages after nature, so newer messages overwrite older messages after
skipping to change at page 14, line 26 skipping to change at page 14, line 26
type string; type string;
description description
"This leaf specifies the name of the log buffer."; "This leaf specifies the name of the log buffer.";
} }
uses syslog-selector; uses syslog-selector;
leaf buffer-size-bytes { leaf buffer-size-bytes {
if-feature buffer-limit-bytes; if-feature buffer-limit-bytes;
type uint64; type uint64;
units "bytes"; units "bytes";
description description
"This leaf configures the amount of memory (in bytes) "This leaf configures the amount of memory
that will be dedicated to the local memory logging (in bytes) that will be dedicated to the local
buffer. The default value varies by implementation."; memory logging buffer. The default value varies
by implementation.";
} }
leaf buffer-size-messages { leaf buffer-size-messages {
if-feature buffer-limit-messages; if-feature buffer-limit-messages;
type uint64; type uint64;
units "log messages"; units "log messages";
description description
"This leaf configures the amount number of log "This leaf configures the amount number of log
messages that can be stored in the local memory messages that can be stored in the local memory
logging buffer. The default value varies by logging buffer. The default value varies by
implementation."; implementation.";
skipping to change at page 15, line 11 skipping to change at page 15, line 11
"This leaf specifies the name of the log file which "This leaf specifies the name of the log file which
MUST use the uri scheme file:."; MUST use the uri scheme file:.";
} }
uses syslog-selector; uses syslog-selector;
leaf structured-data { leaf structured-data {
if-feature structured-data-config; if-feature structured-data-config;
type boolean; type boolean;
default false; default false;
description description
"This leaf describes how log messages are written to "This leaf describes how log messages are written to
the log file. If true, messages will be written with the log file. If true, messages will be written
one or more STRUCTURED-DATA elements as per RFC5424; with one or more STRUCTURED-DATA elements as per
if false, messages will be written with RFC5424; if false, messages will be written with
STRUCTURED-DATA = NILVALUE."; STRUCTURED-DATA = NILVALUE.";
} }
container file-archive { container file-archive {
description description
"This container describes the configuration parameters "This container describes the configuration
for log file archiving."; parameters for log file archiving.";
leaf number-of-files { leaf number-of-files {
if-feature file-limit-size; if-feature file-limit-size;
type uint32; type uint32;
description description
"This leaf specifies the maximum number of log files "This leaf specifies the maximum number of log
retained. Specify 1 for implementations that only files retained. Specify 1 for implementations
support one log file."; that only support one log file.";
} }
leaf max-file-size { leaf max-file-size {
if-feature file-limit-size; if-feature file-limit-size;
type uint64; type uint64;
units "megabytes"; units "megabytes";
description description
"This leaf specifies the maximum log file size."; "This leaf specifies the maximum log file size.";
} }
leaf rollover { leaf rollover {
if-feature file-limit-duration; if-feature file-limit-duration;
skipping to change at page 15, line 62 skipping to change at page 16, line 8
completed/closed log event files should be stored completed/closed log event files should be stored
in the file system before they are deleted."; in the file system before they are deleted.";
} }
} }
} }
} }
container remote { container remote {
description description
"This container describes the configuration parameters for "This container describes the configuration parameters for
remote logging."; remote logging.";
list remote-logging-destination { list destination {
key "name"; key "name";
description description
"This list describes a collection of remote logging "This list describes a collection of remote logging
destinations."; destinations.";
leaf name { leaf name {
type string; type string;
description description
"An arbitrary name for the endpoint to connect to."; "An arbitrary name for the endpoint to connect to.";
} }
choice transport { choice transport {
skipping to change at page 16, line 16 skipping to change at page 16, line 30
description description
"This choice describes the transport option."; "This choice describes the transport option.";
case tcp { case tcp {
container tcp { container tcp {
description description
"This container describes the TCP transport "This container describes the TCP transport
options."; options.";
leaf address { leaf address {
type inet:host; type inet:host;
description description
"The leaf uniquely specifies the address of the "The leaf uniquely specifies the address of
remote host. One of the following must be the remote host. One of the following must
specified: an ipv4 address, an ipv6 address, be specified: an ipv4 address, an ipv6
or a host name."; address, or a host name.";
} }
leaf port { leaf port {
type inet:port-number; type inet:port-number;
default 514; default 514;
description description
"This leaf specifies the port number used to "This leaf specifies the port number used to
deliver messages to the remote server."; deliver messages to the remote server.";
} }
} }
} }
case udp { case udp {
container udp { container udp {
description description
"This container describes the UDP transport "This container describes the UDP transport
options."; options.";
leaf address { leaf address {
type inet:host; type inet:host;
description description
"The leaf uniquely specifies the address of the "The leaf uniquely specifies the address of
remote host. One of the following must be the remote host. One of the following must be
specified: an ipv4 address, an ipv6 address, specified: an ipv4 address, an ipv6 address,
or a host name."; or a host name.";
} }
leaf port { leaf port {
type inet:port-number; type inet:port-number;
default 514; default 514;
description description
"This leaf specifies the port number used to "This leaf specifies the port number used to
deliver messages to the remote server."; deliver messages to the remote server.";
} }
skipping to change at page 16, line 69 skipping to change at page 17, line 20
description description
"This leaf specifies the facility used in messages "This leaf specifies the facility used in messages
delivered to the remote server."; delivered to the remote server.";
} }
leaf source-interface { leaf source-interface {
type if:interface-ref; type if:interface-ref;
description description
"This leaf sets the source interface for the remote "This leaf sets the source interface for the remote
Syslog server. Either the interface name or the Syslog server. Either the interface name or the
interface IP address can be specified. If not set, interface IP address can be specified. If not set,
messages sent to a remote syslog server will contain messages sent to a remote syslog server will
the IP address of the interface the syslog message contain the IP address of the interface the syslog
uses to exit the network element"; message uses to exit the network element";
} }
container syslog-sign { container syslog-sign {
if-feature signed-messages-config; if-feature signed-messages-config;
presence presence
"If present, syslog-sign is activated."; "If present, syslog-sign is activated.";
description description
"This container describes the configuration parameters "This container describes the configuration
for signed syslog messages as described by RFC 5848."; parameters for signed syslog messages as described
by RFC 5848.";
reference reference
"RFC 5848: Signed Syslog Messages"; "RFC 5848: Signed Syslog Messages";
leaf cert-initial-repeat { leaf cert-initial-repeat {
type uint16; type uint16;
mandatory true; mandatory true;
description description
"This leaf specifies the number of times each "This leaf specifies the number of times each
Certificate Block should be sent before the first Certificate Block should be sent before the first
message is sent."; message is sent.";
} }
skipping to change at page 17, line 41 skipping to change at page 17, line 62
description description
"This leaf specifies the maximum number of other "This leaf specifies the maximum number of other
syslog messages to send until resending the syslog messages to send until resending the
Certificate Block."; Certificate Block.";
} }
leaf sig-max-delay { leaf sig-max-delay {
type uint16; type uint16;
mandatory true; mandatory true;
description description
"This leaf specifies when to generate a new "This leaf specifies when to generate a new
Signature Block. If this many seconds have elapsed Signature Block. If this many seconds have
since the message with the first message number of elapsed since the message with the first message
the Signature Block was sent, a new Signature Block number of the Signature Block was sent, a new
should be generated."; Signature Block should be generated.";
} }
leaf sig-number-resends { leaf sig-number-resends {
type uint16; type uint16;
mandatory true; mandatory true;
description description
"This leaf specifies the number of times a Signature "This leaf specifies the number of times a
Block is resent. (It is recommended to select a Signature Block is resent. (It is recommended to
value of greater than 0 in particular when the UDP select a value of greater than 0 in particular
transport [RFC5426] is used.)."; when the UDP transport [RFC5426] is used.).";
} }
leaf sig-resend-delay { leaf sig-resend-delay {
type uint16; type uint16;
mandatory true; mandatory true;
description description
"This leaf specifies when to send the next Signature "This leaf specifies when to send the next
Block transmission based on time. If this many Signature Block transmission based on time. If
seconds have elapsed since the previous sending of this many seconds have elapsed since the previous
this Signature Block, resend it."; sending of this Signature Block, resend it.";
} }
leaf sig-resend-count { leaf sig-resend-count {
type uint16; type uint16;
mandatory true; mandatory true;
description description
"This leaf specifies when to send the next Signature "This leaf specifies when to send the next
Block transmission based on a count. If this many Signature Block transmission based on a count.
other syslog messages have been sent since the If this many other syslog messages have been sent
previous sending of this Signature Block, resend since the previous sending of this Signature
it."; Block, resend it.";
} }
} }
} }
} }
container terminal { container terminal {
description description
"This container describes the configuration parameters for "This container describes the configuration parameters for
the terminal logging configuration."; the terminal logging configuration.";
choice user-scope { choice user-scope {
default all-users; mandatory true;
description description
"This choice describes the option to specify all users "This choice describes the option to specify all users
or a specific user. The all users case implies that or a specific user. The all users case implies that
messages will be sent to all terminals"; messages will be sent to all terminals";
case all-users { case all-users {
description description
"This case specifies all users."; "This case specifies all users.";
container all-users { container all-users {
description description
"This container describes the configuration "This container describes the configuration
skipping to change at page 18, line 35 skipping to change at page 18, line 66
if-feature terminal-facility-user-logging-config; if-feature terminal-facility-user-logging-config;
description description
"This case specifies a specific user."; "This case specifies a specific user.";
list user-name { list user-name {
key "uname"; key "uname";
description description
"This list describes a collection of user names."; "This list describes a collection of user names.";
leaf uname { leaf uname {
type string; type string;
description description
"This leaf uniquely describes a user name which is "This leaf uniquely describes a user name which
the login name of the user whose terminal session is the login name of the user whose terminal
is to receive log messages."; session is to receive log messages.";
} }
uses syslog-selector; uses syslog-selector;
} }
} }
} }
} }
} }
} }
} }
<CODE ENDS> <CODE ENDS>
4.3. A SYSLOG Example 4.3. A SYSLOG Example
Requirement: Requirement:
Enable console logging of syslogs of severity Enable console logging of syslogs of severity critical
critical(1)
Here is the example syslog configuration xml: Here is the example syslog configuration xml:
<rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> <rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<edit-config> <edit-config>
<target> <target>
<running/> <candidate/>
</target> </target>
<config> <config xmlns:xc="urn:ietf:params:xml:ns:netconf:base:1.0">
<syslog xmlns="urn:ietf:params:xml:ns:yang:ietf-syslog"> <syslog xmlns="urn:ietf:params:xml:ns:yang:ietf-syslog"
xmlns:syslog="urn:ietf:params:xml:ns:yang:ietf-syslog">
<log-actions> <log-actions>
<console> <console>
<log-selector> <log-selector>
<severity>syslogtypes:critical</severity> <log-facility>
<facility>all</facility>
<severity>critical</severity>
</log-facility>
</log-selector> </log-selector>
</console> </console>
</log-actions> </log-actions>
</syslog> </syslog>
</config> </config>
</edit-config> </edit-config>
</rpc> </rpc>
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<rpc-reply message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> <rpc-reply message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<ok/> <ok/>
</rpc-reply> </rpc-reply>
Enable remote logging of syslogs to udp destination 1.1.1.1
for facility auth, severity error
<rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<edit-config>
<target>
<candidate/>
</target>
<config xmlns:xc="urn:ietf:params:xml:ns:netconf:base:1.0">
<syslog xmlns="urn:ietf:params:xml:ns:yang:ietf-syslog"
xmlns:syslog="urn:ietf:params:xml:ns:yang:ietf-syslog">
<log-actions>
<remote>
<destination>
<name>remote1</name>
<udp>
<address>1.1.1.1</address>
</udp>
<log-selector>
<log-facility>
<facility xmlns:syslogtypes=
"urn:ietf:params:xml:ns:yang:ietf-syslog-types">
syslogtypes:auth</facility>
<severity>error</severity>
</log-facility>
</log-selector>
</destination>
</remote>
</log-actions>
</syslog>
</config>
</edit-config>
</rpc>
<?xml version="1.0" encoding="UTF-8"?>
<rpc-reply message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<ok/>
</rpc-reply>
5. Implementation Status 5. Implementation Status
[Note to RFC Editor: Please remove this section before publication.] [Note to RFC Editor: Please remove this section before publication.]
This section records the status of known implementations of the Syslog This section records the status of known implementations of the Syslog
YANG model at the time of posting of this Internet-Draft. YANG model at the time of posting of this Internet-Draft.
Cisco Systems, Inc. has implemented the proposed IETF Syslog model Cisco Systems, Inc. has implemented the proposed IETF Syslog model
for the Nexus 7000 NXOS OS as a prototype, together with an for the Nexus 7000 NXOS OS as a prototype, together with an
skipping to change at page 20, line 25 skipping to change at page 20, line 25
XML: N/A, the requested URI is an XML namespace. XML: N/A, the requested URI is an XML namespace.
This document registers a YANG module in the YANG Module Names This document registers a YANG module in the YANG Module Names
registry [RFC6020]. registry [RFC6020].
name: syslog namespace: urn:ietf:params:xml:ns:yang:syslog name: syslog namespace: urn:ietf:params:xml:ns:yang:syslog
prefix: syslog reference: RFC XXXX prefix: syslog reference: RFC XXXX
8. Acknowledgements 8. Acknowledgements
The authors wish to thank the following who commented on versions 01 through 03 The authors wish to thank the following who commented on versions 01 through 05
of this proposal: of this proposal:
Martin Bjorklund <mbjorklu@cisco.com> Martin Bjorklund <mbjorklu@cisco.com>
Jim Gibson <gibson@cisco.com> Jim Gibson <gibson@cisco.com>
Jeffrey Haas <jhaas@pfrc.org> Jeffrey Haas <jhaas@pfrc.org>
John Heasley <heas@shrubbery.net> John Heasley <heas@shrubbery.net>
Giles Heron <giheron@cisco.com> Giles Heron <giheron@cisco.com>
Lisa Huang <yihuan@cisco.com> Lisa Huang <yihuan@cisco.com>
Jeffrey K Lange <jeffrey.K.lange@ge.com> Jeffrey K Lange <jeffrey.K.lange@ge.com>
Jan Lindblad <jlindbla@cisco.com> Jan Lindblad <jlindbla@cisco.com>
 End of changes. 57 change blocks. 
209 lines changed or deleted 235 lines changed or added

This html diff was produced by rfcdiff 1.42. The latest version is available from http://tools.ietf.org/tools/rfcdiff/