draft-ietf-netmod-syslog-model-08.txt   draft-ietf-netmod-syslog-model-09.txt 
NETMOD WG C. Wildes, Ed. NETMOD WG C. Wildes, Ed.
Internet-Draft K. Koushik, Ed. Internet-Draft K. Koushik, Ed.
Intended status: Standards Track Cisco Systems Inc. Intended status: Standards Track Cisco Systems Inc.
Expires: November 11, 2016 May 10, 2016 Expires: January 9, 2017 July 8, 2016
SYSLOG YANG Model Syslog YANG Model
draft-ietf-netmod-syslog-model-08 draft-ietf-netmod-syslog-model-09
Abstract Abstract
This document describes a data model for the Syslog protocol which is This document describes a data model for the configuration of syslog.
used to convey event notification messages.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on November 11, 2016. This Internet-Draft will expire on January 9, 2017.
Copyright Notice Copyright Notice
Copyright (c) 2016 IETF Trust and the persons identified as the Copyright (c) 2016 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
1.1. Requirements Language . . . . . . . . . . . . . . . . . . 3 1.1. Requirements Language . . . . . . . . . . . . . . . . . . 3
1.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3
2. Problem Statement . . . . . . . . . . . . . . . . . . . . . . 3 2. Problem Statement . . . . . . . . . . . . . . . . . . . . . . 3
3. Design of the SYSLOG Model . . . . . . . . . . . . . . . . . 3 3. Design of the Syslog Model . . . . . . . . . . . . . . . . . 3
3.1. SYSLOG Module . . . . . . . . . . . . . . . . . . . . . . 5 3.1. Syslog Module . . . . . . . . . . . . . . . . . . . . . . 5
4. SYSLOG YANG Models . . . . . . . . . . . . . . . . . . . . . 9 4. Syslog YANG Modules . . . . . . . . . . . . . . . . . . . . . 8
4.1. SYSLOG-TYPES Module . . . . . . . . . . . . . . . . . . . 9 4.1. The ietf-syslog-types Module . . . . . . . . . . . . . . 8
4.2. Syslog Module . . . . . . . . . . . . . . . . . . . . . . 14 4.2. The ietf-syslog Module . . . . . . . . . . . . . . . . . 14
4.3. A Syslog Example . . . . . . . . . . . . . . . . . . . . 29 5. Usage Examples . . . . . . . . . . . . . . . . . . . . . . . 26
5. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 30 6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 28
6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 31 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 28
7. Security Considerations . . . . . . . . . . . . . . . . . . . 31 8. Security Considerations . . . . . . . . . . . . . . . . . . . 29
8. References . . . . . . . . . . . . . . . . . . . . . . . . . 32 8.1. Resource Constraints . . . . . . . . . . . . . . . . . . 29
8.1. Normative References . . . . . . . . . . . . . . . . . . 32 8.2. Inappropriate Configuration . . . . . . . . . . . . . . . 30
8.2. Informative References . . . . . . . . . . . . . . . . . 33 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 30
Appendix A. Implementor Guidelines . . . . . . . . . . . . . . . 33 9.1. Normative References . . . . . . . . . . . . . . . . . . 30
A.1. Extending Facilities . . . . . . . . . . . . . . . . . . 33 9.2. Informative References . . . . . . . . . . . . . . . . . 31
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 34 Appendix A. Implementor Guidelines . . . . . . . . . . . . . . . 31
A.1. Extending Facilities . . . . . . . . . . . . . . . . . . 31
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 32
1. Introduction 1. Introduction
Operating systems, processes and applications generate messages Operating systems, processes and applications generate messages
indicating their own status or the occurrence of events. These indicating their own status or the occurrence of events. These
messages are useful for managing and/or debugging the network and its messages are useful for managing and/or debugging the network and its
services. The BSD Syslog protocol is a widely adopted protocol that services. The BSD syslog protocol is a widely adopted protocol that
is used for transmission and processing of the messages. is used for transmission and processing of the messages.
Since each process, application and operating system was written Since each process, application and operating system was written
somewhat independently, there is little uniformity to the content of somewhat independently, there is little uniformity to the content of
Syslog messages. For this reason, no assumption is made upon the syslog messages. For this reason, no assumption is made upon the
formatting or contents of the messages. The protocol is simply formatting or contents of the messages. The protocol is simply
designed to transport these event messages. No acknowledgement of designed to transport these event messages. No acknowledgement of
the receipt is made. the receipt is made.
Essentially, a Syslog process receives messages (from the kernel, Essentially, a syslog process receives messages (from the kernel,
processes, applications or other Syslog processes) and processes processes, applications or other syslog processes) and processes
those. The processing involves logging to a local file, displaying those. The processing involves logging to a local file, displaying
on console, user terminal, and/or relaying to syslog processes on on console, user terminal, and/or relaying to syslog processes on
other machines. The processing is determined by the "facility" that other machines. The processing is determined by the "facility" that
originated the message and the "severity" assigned to the message by originated the message and the "severity" assigned to the message by
the facility. the facility.
We are using definitions of Syslog protocol from [RFC5424] in this We are using definitions of syslog protocol from [RFC5424] in this
RFC. RFC.
1.1. Requirements Language 1.1. Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [RFC2119]. document are to be interpreted as described in RFC 2119 [RFC2119].
1.2. Terminology
The term "message originator" is derived from the term "originator"
as defined in [RFC5424]: an "originator" generates syslog content to
be carried in a message.
The term "message distributor" is defined as a function that filters
log messages and then distributes them.
The terms "relay" and "collectors" are as defined in [RFC5424].
2. Problem Statement 2. Problem Statement
This document defines a YANG [RFC6020] configuration data model that This document defines a YANG [RFC6020] configuration data model that
may be used to monitor and control one or more syslog processes may be used to configure one or more syslog processes running on a
running on a system. YANG models can be used with network management system. YANG models can be used with network management protocols
agents such as NETCONF [RFC6241] to install, manipulate, and delete such as NETCONF [RFC6241] to install, manipulate, and delete the
the configuration of network devices. configuration of network devices.
This module makes use of the YANG "feature" construct which allows The data model makes use of the YANG "feature" construct which allows
implementations to support only those Syslog features that lie within implementations to support only those syslog features that lie within
their capabilities. their capabilities.
This module can be used to configure the SYSLOG application This module can be used to configure the syslog application
conceptual layer [RFC5424]. conceptual layer [RFC5424].
3. Design of the SYSLOG Model 3. Design of the Syslog Model
The syslog model was designed by comparing various syslog features The syslog model was designed by comparing various syslog features
implemented by various vendors' in different implementations. implemented by various vendors' in different implementations.
This draft addresses the common leafs between implementations and This draft addresses the common leafs between implementations and
creates a common model, which can be augmented with proprietary creates a common model, which can be augmented with proprietary
features, if necessary. The base model is designed to be very simple features, if necessary. The base model is designed to be very simple
for maximum flexibility. for maximum flexibility.
Syslog consists of message originators, and message distributors. Syslog consists of message originators, and message distributors.
skipping to change at page 4, line 31 skipping to change at page 4, line 37
| |
+-----------+------------+--------------+ +-----------+------------+--------------+
| | | | | | | |
v v v | v v v |
Message Distributors | Message Distributors |
+----------+ +----------+ +----------+ | +----------+ +----------+ +----------+ |
| | | Log | | Log | | | | | Log | | Log | |
| Console | | Buffer | | File(s) | | | Console | | Buffer | | File(s) | |
+----------+ +----------+ +----------+ | +----------+ +----------+ +----------+ |
| |
+-------------+-------------+ +-+-------------+
| | | | |
v v v v v
+----------------+ +-----------+ +-----------+ +----------------+ +-----------+
|Remote Relay(s)/| | | |User | |Remote Relay(s)/| |User |
|Collectors(s) | |Terminal(s)| |Sessions(s)| |Collectors(s) | |Sessions(s)|
+----------------+ +-----------+ +-----------+ +----------------+ +-----------+
The leaves in the base syslog model log-input-transports container The leaves in the base syslog model log-input-transports container
correspond to remote message originators or remote message relays. correspond to remote message originators or remote message relays.
The leaves in the base syslog model log-actions container correspond The leaves in the base syslog model log-actions container correspond
to each message distributor: to each message distributor:
console console
log buffer log buffer
log file(s) log file(s)
remote relay(s)/collector(s) remote relay(s)/collector(s)
terminal(s)
user session(s). user session(s).
Optional features are used to specified functionality that is present Optional features are used to specified functionality that is present
in specific vendor configurations. in specific vendor configurations.
3.1. SYSLOG Module 3.1. Syslog Module
A simplified graphical representation of the complete data tree is A simplified graphical representation of the complete data tree is
presented here. presented here.
Each node is printed as: Each node is printed as:
<status> <flags> <name> <opts> <type> <if-features> <status> <flags> <name> <opts> <type> <if-features>
<status> is one of: <status> is one of:
skipping to change at page 5, line 46 skipping to change at page 6, line 4
is printed as <prefix>:<name>. is printed as <prefix>:<name>.
<opts> is one of: <opts> is one of:
? for an optional leaf or choice ? for an optional leaf or choice
! for a presence container ! for a presence container
* for a leaf-list or list * for a leaf-list or list
[<keys>] for a list's keys [<keys>] for a list's keys
<type> is the name of the type for leafs and leaf-lists <type> is the name of the type for leafs and leaf-lists
If the type is a leafref, the type is printed as "-> TARGET", where If the type is a leafref, the type is printed as "-> TARGET", where
TARGET is either the leafref path, with prefixed removed if possible. TARGET is either the leafref path, with prefixed removed if possible.
<if-features> is the list of features this node depends on, printed <if-features> is the list of features this node depends on, printed
within curly brackets and a question mark "{...}?" within curly brackets and a question mark "{...}?"
module: ietf-syslog module: ietf-syslog
+--rw syslog +--rw syslog
+--rw log-input-transports {syslog-relay}? +--rw actions
| +--rw receiver* [name]
| +--rw name string
| +--rw (transport)
| | +--:(tcp)
| | | +--rw tcp
| | | +--rw address? inet:host
| | | +--rw port? inet:port-number
| | +--:(udp)
| | | +--rw udp
| | | +--rw address? inet:host
| | | +--rw port? inet:port-number
| | +--:(tls)
| | +--rw tls
| | +--rw address? inet:host
| | +--rw port? inet:port-number
| +--rw structured-data? boolean {structured-data}?
| +--rw syslog-sign! {signed-messages}?
+--rw log-actions
+--rw console! +--rw console!
| +--rw log-selector | +--rw log-selector
| +--rw (selector-facility) | +--rw (selector-facility)
| | +--:(no-log-facility) | | +--:(no-log-facility)
| | | +--rw no-facilities? empty | | | +--rw no-facilities? empty
| | +--:(log-facility) | | +--:(log-facility)
| | +--rw log-facility* [facility] | | +--rw log-facility* [facility]
| | +--rw facility union | | +--rw facility union
| | +--rw severity union | | +--rw severity union
| | +--rw compare-op? enumeration {select-sev-compare}? | | +--rw compare-op? enumeration {select-sev-compare}?
skipping to change at page 6, line 48 skipping to change at page 6, line 35
| +--rw log-selector | +--rw log-selector
| | +--rw (selector-facility) | | +--rw (selector-facility)
| | | +--:(no-log-facility) | | | +--:(no-log-facility)
| | | | +--rw no-facilities? empty | | | | +--rw no-facilities? empty
| | | +--:(log-facility) | | | +--:(log-facility)
| | | +--rw log-facility* [facility] | | | +--rw log-facility* [facility]
| | | +--rw facility union | | | +--rw facility union
| | | +--rw severity union | | | +--rw severity union
| | | +--rw compare-op? enumeration {select-sev-compare}? | | | +--rw compare-op? enumeration {select-sev-compare}?
| | +--rw pattern-match? string {select-match}? | | +--rw pattern-match? string {select-match}?
| +--rw buffer-size-bytes? uint64 {buffer-limit-bytes}? | +--rw buffer-limit-bytes? uint64 {buffer-limit-bytes}?
| +--rw structured-data? boolean {structured-data}? | +--rw buffer-limit-messages? uint64 {buffer-limit-messages}?
| +--rw structured-data? boolean {structured-data}?
+--rw file +--rw file
| +--rw log-file* [name] | +--rw log-file* [name]
| +--rw name inet:uri | +--rw name inet:uri
| +--rw log-selector | +--rw log-selector
| | +--rw (selector-facility) | | +--rw (selector-facility)
| | | +--:(no-log-facility) | | | +--:(no-log-facility)
| | | | +--rw no-facilities? empty | | | | +--rw no-facilities? empty
| | | +--:(log-facility) | | | +--:(log-facility)
| | | +--rw log-facility* [facility] | | | +--rw log-facility* [facility]
| | | +--rw facility union | | | +--rw facility union
skipping to change at page 7, line 34 skipping to change at page 7, line 23
| | +--:(tcp) | | +--:(tcp)
| | | +--rw tcp | | | +--rw tcp
| | | +--rw address? inet:host | | | +--rw address? inet:host
| | | +--rw port? inet:port-number | | | +--rw port? inet:port-number
| | +--:(udp) | | +--:(udp)
| | | +--rw udp | | | +--rw udp
| | | +--rw address? inet:host | | | +--rw address? inet:host
| | | +--rw port? inet:port-number | | | +--rw port? inet:port-number
| | +--:(tls) | | +--:(tls)
| | +--rw tls | | +--rw tls
| | +--rw address? inet:host
| | +--rw port? inet:port-number
| +--rw log-selector | +--rw log-selector
| | +--rw (selector-facility) | | +--rw (selector-facility)
| | | +--:(no-log-facility) | | | +--:(no-log-facility)
| | | | +--rw no-facilities? empty | | | | +--rw no-facilities? empty
| | | +--:(log-facility) | | | +--:(log-facility)
| | | +--rw log-facility* [facility] | | | +--rw log-facility* [facility]
| | | +--rw facility union | | | +--rw facility union
| | | +--rw severity union | | | +--rw severity union
| | | +--rw compare-op? enumeration {select-sev-compare}? | | | +--rw compare-op? enumeration {select-sev-compare}?
| | +--rw pattern-match? string {select-match}? | | +--rw pattern-match? string {select-match}?
skipping to change at page 8, line 9 skipping to change at page 7, line 44
| +--rw source-interface? if:interface-ref | +--rw source-interface? if:interface-ref
| +--rw structured-data? boolean {structured-data}? | +--rw structured-data? boolean {structured-data}?
| +--rw syslog-sign! {signed-messages}? | +--rw syslog-sign! {signed-messages}?
| +--rw cert-initial-repeat uint16 | +--rw cert-initial-repeat uint16
| +--rw cert-resend-delay uint16 | +--rw cert-resend-delay uint16
| +--rw cert-resend-count uint16 | +--rw cert-resend-count uint16
| +--rw sig-max-delay uint16 | +--rw sig-max-delay uint16
| +--rw sig-number-resends uint16 | +--rw sig-number-resends uint16
| +--rw sig-resend-delay uint16 | +--rw sig-resend-delay uint16
| +--rw sig-resend-count uint16 | +--rw sig-resend-count uint16
+--rw terminal
| +--rw all-terminals!
| | +--rw log-selector
| | +--rw (selector-facility)
| | | +--:(no-log-facility)
| | | | +--rw no-facilities? empty
| | | +--:(log-facility)
| | | +--rw log-facility* [facility]
| | | +--rw facility union
| | | +--rw severity union
| | | +--rw compare-op? enumeration {select-sev-compare}?
| | +--rw pattern-match? string {select-match}?
| +--rw terminal* [name] {terminal-facility-device-logging}?
| +--rw name string
| +--rw log-selector
| +--rw (selector-facility)
| | +--:(no-log-facility)
| | | +--rw no-facilities? empty
| | +--:(log-facility)
| | +--rw log-facility* [facility]
| | +--rw facility union
| | +--rw severity union
| | +--rw compare-op? enumeration {select-sev-compare}?
| +--rw pattern-match? string {select-match}?
+--rw session +--rw session
+--rw all-users! +--rw all-users!
| +--rw log-selector | +--rw log-selector
| +--rw (selector-facility) | +--rw (selector-facility)
| | +--:(no-log-facility) | | +--:(no-log-facility)
| | | +--rw no-facilities? empty | | | +--rw no-facilities? empty
| | +--:(log-facility) | | +--:(log-facility)
| | +--rw log-facility* [facility] | | +--rw log-facility* [facility]
| | +--rw facility union | | +--rw facility union
| | +--rw severity union | | +--rw severity union
| | +--rw compare-op? enumeration {select-sev-compare}? | | +--rw compare-op? enumeration {select-sev-compare}?
| +--rw pattern-match? string {select-match}? | +--rw pattern-match? string {select-match}?
+--rw user* [name] {session-facility-user-logging}? +--rw user* [name]
+--rw name string +--rw name string
+--rw log-selector +--rw log-selector
+--rw (selector-facility) +--rw (selector-facility)
| +--:(no-log-facility) | +--:(no-log-facility)
| | +--rw no-facilities? empty | | +--rw no-facilities? empty
| +--:(log-facility) | +--:(log-facility)
| +--rw log-facility* [facility] | +--rw log-facility* [facility]
| +--rw facility union | +--rw facility union
| +--rw severity union | +--rw severity union
| +--rw compare-op? enumeration {select-sev-compare}? | +--rw compare-op? enumeration {select-sev-compare}?
+--rw pattern-match? string {select-match}? +--rw pattern-match? string {select-match}?
4. SYSLOG YANG Models 4. Syslog YANG Modules
4.1. SYSLOG-TYPES Module 4.1. The ietf-syslog-types Module
This module references [RFC5424].
<CODE BEGINS> file "ietf-syslog-types.yang" <CODE BEGINS> file "ietf-syslog-types.yang"
module ietf-syslog-types { module ietf-syslog-types {
namespace "urn:ietf:params:xml:ns:yang:ietf-syslog-types"; namespace "urn:ietf:params:xml:ns:yang:ietf-syslog-types";
prefix syslogtypes; prefix syslogtypes;
organization "IETF NETMOD (NETCONF Data Modeling Language) Working organization "IETF NETMOD (NETCONF Data Modeling Language) Working
Group"; Group";
contact contact
"WG Web: <http://tools.ietf.org/wg/netmod/> "WG Web: <http://tools.ietf.org/wg/netmod/>
WG List: <mailto:netmod@ietf.org> WG List: <mailto:netmod@ietf.org>
WG Chair: Lou Berger WG Chair: Lou Berger
<mailto:lberger@labn.net> <mailto:lberger@labn.net>
WG Chair: Jurgen Schonwalder
<mailto:j.schoenwaelder@jacobs-university.de>
WG Chair: Kent Watsen WG Chair: Kent Watsen
<mailto:kwatsen@juniper.net> <mailto:kwatsen@juniper.net>
Editor: Kiran Agrahara Sreenivasa Editor: Kiran Agrahara Sreenivasa
<mailto:kkoushik@cisco.com> <mailto:kkoushik@cisco.com>
Editor: Clyde Wildes Editor: Clyde Wildes
<mailto:cwildes@cisco.com>"; <mailto:cwildes@cisco.com>";
description description
"This module contains a collection of YANG type definitions for "This module contains a collection of YANG type definitions for
skipping to change at page 10, line 16 skipping to change at page 9, line 27
'OPTIONAL' in the module text are to be interpreted as described 'OPTIONAL' in the module text are to be interpreted as described
in RFC 2119 (http://tools.ietf.org/html/rfc2119). in RFC 2119 (http://tools.ietf.org/html/rfc2119).
This version of this YANG module is part of RFC XXXX This version of this YANG module is part of RFC XXXX
(http://tools.ietf.org/html/rfcXXXX); see the RFC itself for (http://tools.ietf.org/html/rfcXXXX); see the RFC itself for
full legal notices."; full legal notices.";
reference reference
"RFC 5424: The Syslog Protocol"; "RFC 5424: The Syslog Protocol";
revision 2016-05-10 { revision 2016-07-08 {
description description
"Initial Revision"; "Initial Revision";
reference reference
"RFC XXXX: SYSLOG YANG Model"; "RFC XXXX: SYSLOG YANG Model";
} }
typedef severity { typedef severity {
type enumeration { type enumeration {
enum "emergency" { enum "emergency" {
value 0; value 0;
skipping to change at page 14, line 44 skipping to change at page 14, line 6
identity local7 { identity local7 {
base syslog-facility; base syslog-facility;
description description
"The facility for local use 7 messages (23) as defined in "The facility for local use 7 messages (23) as defined in
RFC 5424."; RFC 5424.";
} }
} }
<CODE ENDS> <CODE ENDS>
4.2. Syslog Module 4.2. The ietf-syslog Module
This module imports typedefs from [RFC6021] and [RFC7223], and it
references [RFC5424], [RFC5425], [RFC5426], [RFC6587], and [RFC5848].
<CODE BEGINS> file "ietf-syslog.yang" <CODE BEGINS> file "ietf-syslog.yang"
module ietf-syslog { module ietf-syslog {
namespace "urn:ietf:params:xml:ns:yang:ietf-syslog"; namespace "urn:ietf:params:xml:ns:yang:ietf-syslog";
prefix syslog; prefix syslog;
import ietf-inet-types { import ietf-inet-types {
prefix inet; prefix inet;
} }
import ietf-interfaces { import ietf-interfaces {
prefix if; prefix if;
} }
//import ietf-tls-client {
// prefix tlsc;
//}
import ietf-syslog-types { import ietf-syslog-types {
prefix syslogtypes; prefix syslogtypes;
} }
organization "IETF NETMOD (NETCONF Data Modeling Language) organization "IETF NETMOD (NETCONF Data Modeling Language)
Working Group"; Working Group";
contact contact
"WG Web: <http://tools.ietf.org/wg/netmod/> "WG Web: <http://tools.ietf.org/wg/netmod/>
WG List: <mailto:netmod@ietf.org> WG List: <mailto:netmod@ietf.org>
WG Chair: Lou Berger WG Chair: Lou Berger
<mailto:lberger@labn.net> <mailto:lberger@labn.net>
WG Chair: Jurgen Schonwalder
<mailto:j.schoenwaelder@jacobs-university.de>
WG Chair: Kent Watsen WG Chair: Kent Watsen
<mailto:kwatsen@juniper.net> <mailto:kwatsen@juniper.net>
Editor: Kiran Agrahara Sreenivasa Editor: Kiran Agrahara Sreenivasa
<mailto:kkoushik@cisco.com> <mailto:kkoushik@cisco.com>
Editor: Clyde Wildes Editor: Clyde Wildes
<mailto:cwildes@cisco.com>"; <mailto:cwildes@cisco.com>";
description description
"This module contains a collection of YANG definitions "This module contains a collection of YANG definitions
for Syslog configuration. for syslog configuration.
Copyright (c) 2015 IETF Trust and the persons identified as Copyright (c) 2016 IETF Trust and the persons identified as
authors of the code. All rights reserved. authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with or Redistribution and use in source and binary forms, with or
without modification, is permitted pursuant to, and subject to without modification, is permitted pursuant to, and subject to
the license terms contained in, the Simplified BSD License set the license terms contained in, the Simplified BSD License set
forth in Section 4.c of the IETF Trust's Legal Provisions forth in Section 4.c of the IETF Trust's Legal Provisions
Relating to IETF Documents Relating to IETF Documents
(http://trustee.ietf.org/license-info). (http://trustee.ietf.org/license-info).
The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL
NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'MAY', and NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'MAY', and
'OPTIONAL' in the module text are to be interpreted as described 'OPTIONAL' in the module text are to be interpreted as described
in RFC 2119 (http://tools.ietf.org/html/rfc2119). in RFC 2119 (http://tools.ietf.org/html/rfc2119).
This version of this YANG module is part of RFC XXXX This version of this YANG module is part of RFC XXXX
(http://tools.ietf.org/html/rfcXXXX); see the RFC itself for (http://tools.ietf.org/html/rfcXXXX); see the RFC itself for
full legal notices."; full legal notices.";
reference reference
"RFC 5424: The Syslog Protocol "RFC 5424: The Syslog Protocol
RFC 5425: Transport Layer Security (TLS) Transport Mapping for Syslog
RFC 5426: Transmission of Syslog Messages over UDP
RFC 6587: Transmission of Syslog Messages over TCP
RFC 5848: Signed Syslog Messages"; RFC 5848: Signed Syslog Messages";
revision 2016-03-20{ revision 2016-07-08 {
description description
"Initial Revision"; "Initial Revision";
reference reference
"RFC XXXX: SYSLOG YANG Model"; "RFC XXXX: Syslog YANG Model";
}
feature console-action {
description
"This feature indicates that logging to the console is
supported.";
}
feature buffer-action {
description
"This feature indicates that logging to an in-memory
buffer is supported.";
} }
feature buffer-limit-bytes { feature buffer-limit-bytes {
description description
"This feature indicates that local memory logging buffers "This feature indicates that local memory logging buffers
are limited in size using a limit expressed in bytes."; are limited in size using a limit expressed in bytes.";
} }
feature buffer-limit-messages { feature buffer-limit-messages {
description description
"This feature indicates that local memory logging buffers "This feature indicates that local memory logging buffers
are limited in size using a limit expressed in number are limited in size using a limit expressed in number
of messages."; of log messages.";
} }
feature file-limit-size { feature file-limit-size {
description description
"This feature indicates that file logging resources "This feature indicates that file logging resources
are managed using size and number limits."; are managed using size and number limits.";
} }
feature file-limit-duration { feature file-limit-duration {
description description
"This feature indicates that file logging resources "This feature indicates that file logging resources
are managed using time based limits."; are managed using time based limits.";
} }
feature terminal-action { feature select-sev-compare {
description
"This feature indicates that logging to a terminal
is supported.";
}
feature terminal-facility-user-logging-config {
description
"This feature represents the ability to adjust
log message settings for individual terminal
devices.";
}
feature session-action {
description
"This feature indicates that logging to user
CLI session is supported.";
}
feature session-facility-user-logging-config {
description
"This feature represents the ability to adjust
log message settings for individual user CLI
sessions.";
}
feature selector-sevop-config {
description description
"This feature represents the ability to select messages "This feature represents the ability to select messages
using the additional operators equal to, or not equal to using the additional operators equal to, or not equal to
when comparing the Syslog message severity."; when comparing the syslog message severity.";
} }
feature selector-match-config { feature select-match {
description description
"This feature represents the ability to select messages based "This feature represents the ability to select messages based
on a Posix 1003.2 regular expression pattern match."; on a Posix 1003.2 regular expression pattern match.";
} }
feature structured-data-config { feature structured-data {
description description
"This feature represents the ability to log messages "This feature represents the ability to log messages
in structured-data format as per RFC 5424."; in structured-data format as per RFC 5424.";
} }
feature signed-messages-config { feature signed-messages {
description description
"This feature represents the ability to configure signed "This feature represents the ability to configure signed
syslog messages according to RFC 5848."; syslog messages according to RFC 5848.";
} }
grouping syslog-severity { grouping log-severity {
description description
"This grouping defines the Syslog severity which is used to "This grouping defines the severity value that is used to
select log messages."; select log messages.";
leaf severity { leaf severity {
type union { type union {
type syslogtypes:severity; type syslogtypes:severity;
type enumeration { type enumeration {
enum all { enum all {
value -1; value -1;
description description
"This enum describes the case where all severities "This enum describes the case where all severities
are selected."; are selected.";
skipping to change at page 18, line 37 skipping to change at page 17, line 16
enum none { enum none {
value -2; value -2;
description description
"This enum describes the case where no severities "This enum describes the case where no severities
are selected."; are selected.";
} }
} }
} }
mandatory true; mandatory true;
description description
"This leaf specifies the Syslog message severity. When "This leaf specifies the syslog message severity. When
severity is specified, the default severity comparison severity is specified, the default severity comparison
is all messages of the specified severity and greater are is all messages of the specified severity and greater are
selected. 'all' is a special case which means all severities selected. 'all' is a special case which means all severities
are selected. 'none' is a special case which means that are selected. 'none' is a special case which means that
no selection should occur or disable this filter."; no selection should occur or disable this filter.";
} }
leaf severity-operator { leaf compare-op {
when '../severity != "all" and when '../severity != "all" and
../severity != "none"' { ../severity != "none"' {
description description
"The severity-operator is not applicable for severity 'all' or "The compare-op is not applicable for severity 'all' or
severity 'none'"; severity 'none'";
} }
if-feature selector-sevop-config; if-feature select-sev-compare;
type enumeration { type enumeration {
enum equals-or-higher { enum equals-or-higher {
description description
"This enum specifies all messages of the specified "This enum specifies all messages of the specified
severity and higher are logged according to the severity and higher are logged according to the
given log-action"; given log-action";
} }
enum equals { enum equals {
description description
"This enum specifies all messages that are for "This enum specifies all messages that are for
skipping to change at page 19, line 31 skipping to change at page 18, line 9
given log-action"; given log-action";
} }
} }
default equals-or-higher; default equals-or-higher;
description description
"This leaf describes the option to specify how the "This leaf describes the option to specify how the
severity comparison is performed."; severity comparison is performed.";
} }
} }
grouping syslog-selector { grouping selector {
description description
"This grouping defines a Syslog selector which is used to "This grouping defines a syslog selector which is used to
select log messages for the log-action (buffer, file, select log messages for the log-action (buffer, file,
etc). Choose one of the following: etc). Choose one of the following:
no-log-facility no-log-facility
log-facility [<facility> <severity>...]"; log-facility [<facility> <severity>...]";
container log-selector { container log-selector {
description description
"This container describes the log selector parameters "This container describes the log selector parameters
for Syslog."; for syslog.";
choice selector-facility { choice selector-facility {
mandatory true; mandatory true;
description description
"This choice describes the option to specify no "This choice describes the option to specify no
facilities, or a specific facility which can be facilities, or a specific facility which can be
all for all facilities."; all for all facilities.";
case no-log-facility { case no-log-facility {
description description
"This case specifies no facilities will match when "This case specifies no facilities will match when
comparing the Syslog message facility. This is a comparing the syslog message facility. This is a
method that can be used to effectively disable a method that can be used to effectively disable a
particular log-action (buffer, file, etc)."; particular log-action (buffer, file, etc).";
leaf no-facilities { leaf no-facilities {
type empty; type empty;
description description
"This leaf specifies that no facilities are selected "This leaf specifies that no facilities are selected
for this log-action."; for this log-action.";
} }
} }
case log-facility { case log-facility {
description description
"This case specifies one or more specified facilities "This case specifies one or more specified facilities
will match when comparing the Syslog message facility."; will match when comparing the syslog message facility.";
list log-facility { list log-facility {
key facility; key facility;
description description
"This list describes a collection of Syslog "This list describes a collection of syslog
facilities and severities."; facilities and severities.";
leaf facility { leaf facility {
type union { type union {
type identityref { type identityref {
base syslogtypes:syslog-facility; base syslogtypes:syslog-facility;
} }
type enumeration { type enumeration {
enum all { enum all {
description description
"This enum describes the case where all "This enum describes the case where all
facilities are requested."; facilities are requested.";
} }
} }
} }
description description
skipping to change at page 20, line 36 skipping to change at page 19, line 15
} }
type enumeration { type enumeration {
enum all { enum all {
description description
"This enum describes the case where all "This enum describes the case where all
facilities are requested."; facilities are requested.";
} }
} }
} }
description description
"The leaf uniquely identifies a Syslog facility."; "The leaf uniquely identifies a syslog facility.";
} }
uses syslog-severity; uses log-severity;
} }
} }
} }
leaf pattern-match { leaf pattern-match {
if-feature selector-match-config; if-feature select-match;
type string; type string;
description description
"This leaf desribes a Posix 1003.2 regular expression "This leaf desribes a Posix 1003.2 regular expression
string that can be used to select a Syslog message for string that can be used to select a syslog message for
logging. The match is performed on the RFC 5424 logging. The match is performed on the RFC 5424
SYSLOG-MSG field."; SYSLOG-MSG field.";
} }
} }
} }
grouping syslog-structured-data { grouping structured-data {
description description
"This grouping defines the Syslog structured data option "This grouping defines the syslog structured data option
which is used to select the format used to write log which is used to select the format used to write log
messages."; messages.";
leaf structured-data { leaf structured-data {
if-feature structured-data-config; if-feature structured-data;
type boolean; type boolean;
default false; default false;
description description
"This leaf describes how log messages are written to "This leaf describes how log messages are written to
the log file. If true, messages will be written the log file. If true, messages will be written
with one or more STRUCTURED-DATA elements as per with one or more STRUCTURED-DATA elements as per
RFC5424; if false, messages will be written with RFC5424; if false, messages will be written with
STRUCTURED-DATA = NILVALUE."; STRUCTURED-DATA = NILVALUE.";
} }
} }
container syslog { container syslog {
description description
"This container describes the configuration parameters for "This container describes the configuration parameters for
Syslog."; syslog.";
container log-actions { container actions {
description description
"This container describes the log-action parameters "This container describes the log-action parameters
for Syslog."; for syslog.";
container console { container console {
if-feature console-action;
presence "Enables logging console configuration"; presence "Enables logging console configuration";
description description
"This container describes the configuration parameters for "This container describes the configuration parameters for
console logging."; console logging.";
uses syslog-selector; uses selector;
} }
container buffer { container buffer {
if-feature buffer-action;
description description
"This container describes the configuration parameters for "This container describes the configuration parameters for
local memory buffer logging. The buffer is circular in local memory buffer logging. The buffer is circular in
nature, so newer messages overwrite older messages after nature, so newer messages overwrite older messages after
the buffer is filled. The method used to read syslog messages the buffer is filled. The method used to read syslog messages
from the buffer is supplied by the local implementation."; from the buffer is supplied by the local implementation.";
list log-buffer { uses selector;
key name; leaf buffer-limit-bytes {
if-feature buffer-limit-bytes;
type uint64;
units "bytes";
description description
"This list describes a collection of local logging "This leaf configures the amount of memory (in bytes) that
memory buffers. If buffer size limits are not supplied, it will be dedicated to the local memory logging buffer.
is assumed that the local implementation defined The default value varies by implementation.";
limits will be used.";
leaf name {
type string;
description
"This leaf specifies the name of the log buffer.";
}
uses syslog-selector;
leaf buffer-size-bytes {
if-feature buffer-limit-bytes;
type uint64;
units "bytes";
description
"This leaf configures the amount of memory (in bytes) that
will be dedicated to the local memory logging buffer.
The default value varies by implementation.";
}
leaf buffer-size-messages {
if-feature buffer-limit-messages;
type uint64;
units "log messages";
description
"This leaf configures the amount number of log messages that
can be stored in the local memory logging buffer. The
default value varies by implementation.";
}
uses syslog-structured-data;
} }
leaf buffer-limit-messages {
if-feature buffer-limit-messages;
type uint64;
units "log messages";
description
"This leaf configures the number of log messages that
will be dedicated to the local memory logging buffer.
The default value varies by implementation.";
}
uses structured-data;
} }
container file { container file {
description description
"This container describes the configuration parameters for "This container describes the configuration parameters for
file logging. If file-archive limits are not supplied, it file logging. If file-archive limits are not supplied, it
is assumed that the local implementation defined limits will is assumed that the local implementation defined limits will
be used."; be used.";
list log-file { list log-file {
key "name"; key "name";
description description
skipping to change at page 23, line 4 skipping to change at page 21, line 15
description description
"This list describes a collection of local logging "This list describes a collection of local logging
files."; files.";
leaf name { leaf name {
type inet:uri { type inet:uri {
pattern 'file:.*'; pattern 'file:.*';
} }
description description
"This leaf specifies the name of the log file which "This leaf specifies the name of the log file which
MUST use the uri scheme file:."; MUST use the uri scheme file:.";
} }
uses syslog-selector; uses selector;
uses syslog-structured-data; uses structured-data;
container file-archive { container file-archive {
description description
"This container describes the configuration "This container describes the configuration
parameters for log file archiving."; parameters for log file archiving.";
leaf number-of-files { leaf number-of-files {
if-feature file-limit-size; if-feature file-limit-size;
type uint32; type uint32;
description description
"This leaf specifies the maximum number of log "This leaf specifies the maximum number of log
files retained. Specify 1 for implementations files retained. Specify 1 for implementations
skipping to change at page 24, line 4 skipping to change at page 22, line 15
"This leaf specifies the length of time that "This leaf specifies the length of time that
completed/closed log event files should be stored completed/closed log event files should be stored
in the file system before they are deleted."; in the file system before they are deleted.";
} }
} }
} }
} }
container remote { container remote {
description description
"This container describes the configuration parameters for "This container describes the configuration parameters for
remote logging."; forwarding syslog messages to remote relays or collectors.";
list destination { list destination {
key "name"; key "name";
description description
"This list describes a collection of remote logging "This list describes a collection of remote logging
destinations."; destinations.";
leaf name { leaf name {
type string; type string;
description description
"An arbitrary name for the endpoint to connect to."; "An arbitrary name for the endpoint to connect to.";
} }
skipping to change at page 25, line 26 skipping to change at page 23, line 38
} }
} }
} }
case tls { case tls {
container tls { container tls {
description description
"This container describes the TLS transport options."; "This container describes the TLS transport options.";
reference reference
"RFC 5425: Transport Layer Security (TLS) Transport "RFC 5425: Transport Layer Security (TLS) Transport
Mapping for Syslog "; Mapping for Syslog ";
leaf address { // uses tlsc:initiating-tls-client-grouping {
type inet:host; // refine port {
description // default 6514;
"The leaf uniquely specifies the address of // description
the remote host. One of the following must be // "TCP port 6514 has been allocated as the default
specified: an ipv4 address, an ipv6 address, // port for syslog over TLS.";
or a host name."; // }
} // }
leaf port {
type inet:port-number;
default 6514;
description
"This leaf specifies the port number used to
deliver messages to the remote server.";
}
} }
} }
} }
uses syslog-selector; uses selector;
leaf destination-facility { leaf destination-facility {
type identityref { type identityref {
base syslogtypes:syslog-facility; base syslogtypes:syslog-facility;
} }
default syslogtypes:local7; default syslogtypes:local7;
description description
"This leaf specifies the facility used in messages "This leaf specifies the facility used in messages
delivered to the remote server."; delivered to the remote server.";
} }
leaf source-interface { leaf source-interface {
type if:interface-ref; type if:interface-ref;
description description
"This leaf sets the source interface for the remote "This leaf sets the source interface for the remote
skipping to change at page 26, line 10 skipping to change at page 24, line 15
} }
default syslogtypes:local7; default syslogtypes:local7;
description description
"This leaf specifies the facility used in messages "This leaf specifies the facility used in messages
delivered to the remote server."; delivered to the remote server.";
} }
leaf source-interface { leaf source-interface {
type if:interface-ref; type if:interface-ref;
description description
"This leaf sets the source interface for the remote "This leaf sets the source interface for the remote
Syslog server. Either the interface name or the syslog server. Either the interface name or the
interface IP address can be specified. If not set, interface IP address can be specified. If not set,
messages sent to a remote syslog server will messages sent to a remote syslog server will
contain the IP address of the interface the syslog contain the IP address of the interface the syslog
message uses to exit the network element"; message uses to exit the network element";
} }
uses syslog-structured-data; uses structured-data;
container syslog-sign { container syslog-sign {
if-feature signed-messages-config; if-feature signed-messages;
presence presence
"If present, syslog-sign is activated."; "If present, syslog-sign is activated.";
description description
"This container describes the configuration "This container describes the configuration
parameters for signed syslog messages as described parameters for signed syslog messages as described
by RFC 5848."; by RFC 5848.";
reference reference
"RFC 5848: Signed Syslog Messages"; "RFC 5848: Signed Syslog Messages";
leaf cert-initial-repeat { leaf cert-initial-repeat {
type uint16; type uint16;
skipping to change at page 27, line 43 skipping to change at page 25, line 47
description description
"This leaf specifies when to send the next "This leaf specifies when to send the next
Signature Block transmission based on a count. Signature Block transmission based on a count.
If this many other syslog messages have been sent If this many other syslog messages have been sent
since the previous sending of this Signature since the previous sending of this Signature
Block, resend it."; Block, resend it.";
} }
} }
} }
} }
container terminal {
if-feature terminal-action;
description
"This container describes the configuration parameters for
the terminal logging configuration.";
container all-terminals {
presence "Enables logging to all terminals.";
description
"This container describes the configuration
parameters for all terminals.";
uses syslog-selector;
}
list terminal {
if-feature terminal-facility-user-logging-config;
key "name";
description
"This list describes a collection of ";
leaf name {
type string;
description
"This leaf uniquely describes a terminal which
will receive log messages.";
}
uses syslog-selector;
}
}
container session { container session {
if-feature session-action;
description description
"This container describes the configuration parameters for "This container describes the configuration parameters for
user CLI session logging configuration."; user CLI session logging configuration.";
container all-users { container all-users {
presence "Enables logging to all user sessions."; presence "Enables logging to all user sessions.";
description description
"This container describes the configuration "This container describes the configuration
parameters for all users."; parameters for all users.";
uses syslog-selector; uses selector;
} }
list user { list user {
if-feature session-facility-user-logging-config;
key "name"; key "name";
description description
"This list describes a collection of user names."; "This list describes a collection of user names.";
leaf name { leaf name {
type string; type string;
description description
"This leaf uniquely describes a user name which "This leaf uniquely describes a user name which
is the login name of the user whose session is the login name of the user whose session
is to receive log messages."; is to receive log messages.";
} }
uses syslog-selector; uses selector;
} }
} }
} }
} }
} }
<CODE ENDS> <CODE ENDS>
4.3. A Syslog Example
5. Usage Examples
Requirement: Requirement:
Enable console logging of syslogs of severity critical Enable console logging of syslogs of severity critical
Here is the example syslog configuration xml: Here is the example syslog configuration xml:
<rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> <rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<edit-config> <edit-config>
<target> <target>
<candidate/> <candidate/>
</target> </target>
<config xmlns:xc="urn:ietf:params:xml:ns:netconf:base:1.0"> <config xmlns:xc="urn:ietf:params:xml:ns:netconf:base:1.0">
<syslog xmlns="urn:ietf:params:xml:ns:yang:ietf-syslog" <syslog xmlns="urn:ietf:params:xml:ns:yang:ietf-syslog"
xmlns:syslog="urn:ietf:params:xml:ns:yang:ietf-syslog"> xmlns:syslog="urn:ietf:params:xml:ns:yang:ietf-syslog">
<log-actions> <actions>
<console> <console>
<log-selector> <log-selector>
<log-facility> <log-facility>
<facility>all</facility> <facility>all</facility>
<severity>critical</severity> <severity>critical</severity>
</log-facility> </log-facility>
</log-selector> </log-selector>
</console> </console>
</log-actions>
</actions>
</syslog> </syslog>
</config> </config>
</edit-config> </edit-config>
</rpc> </rpc>
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<rpc-reply message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> <rpc-reply message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<ok/> <ok/>
</rpc-reply> </rpc-reply>
Enable remote logging of syslogs to udp destination 1.1.1.1 Enable remote logging of syslogs to udp destination 2001:db8:a0b:12f0::1
for facility auth, severity error for facility auth, severity error
<rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> <rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<edit-config> <edit-config>
<target> <target>
<candidate/> <candidate/>
</target> </target>
<config xmlns:xc="urn:ietf:params:xml:ns:netconf:base:1.0"> <config xmlns:xc="urn:ietf:params:xml:ns:netconf:base:1.0">
<syslog xmlns="urn:ietf:params:xml:ns:yang:ietf-syslog" <syslog xmlns="urn:ietf:params:xml:ns:yang:ietf-syslog"
xmlns:syslog="urn:ietf:params:xml:ns:yang:ietf-syslog"> xmlns:syslog="urn:ietf:params:xml:ns:yang:ietf-syslog">
<log-actions> <actions>
<remote> <remote>
<destination> <destination>
<name>remote1</name> <name>remote1</name>
<udp> <udp>
<address>1.1.1.1</address> <address>2001:db8:a0b:12f0::1</address>
</udp> </udp>
<log-selector> <log-selector>
<log-facility> <log-facility>
<facility xmlns:syslogtypes= <facility xmlns:syslogtypes=
"urn:ietf:params:xml:ns:yang:ietf-syslog-types"> "urn:ietf:params:xml:ns:yang:ietf-syslog-types">
syslogtypes:auth</facility> syslogtypes:auth</facility>
<severity>error</severity> <severity>error</severity>
</log-facility> </log-facility>
</log-selector> </log-selector>
</destination> </destination>
</remote> </remote>
</log-actions> </actions>
</syslog> </syslog>
</config> </config>
</edit-config> </edit-config>
</rpc> </rpc>
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<rpc-reply message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> <rpc-reply message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<ok/> <ok/>
</rpc-reply> </rpc-reply>
5. Acknowledgements 6. Acknowledgements
The authors wish to thank the following who commented on versions 01 The authors wish to thank the following who commented on this
through 06 of this proposal: proposal:
Martin Bjorklund Martin Bjorklund
Jim Gibson Jim Gibson
Jeffrey Haas Jeffrey Haas
John Heasley John Heasley
Giles Heron Giles Heron
Lisa Huang Lisa Huang
Mahesh Jethanandani Mahesh Jethanandani
Jeffrey K Lange Jeffrey K Lange
Jan Lindblad Jan Lindblad
Chris Lonvick Chris Lonvick
Tom Petch Tom Petch
Juergen Schoenwaelder Juergen Schoenwaelder
Jason Sterne Jason Sterne
Peter Van Horne Peter Van Horne
Bert Wijnen Bert Wijnen
Aleksandr Zhdankin Aleksandr Zhdankin
6. IANA Considerations 7. IANA Considerations
This document registers two URIs in the IETF XML registry [RFC3688]. This document registers two URIs in the IETF XML registry [RFC3688].
Following the format in RFC 3688, the following registration is Following the format in RFC 3688, the following registration is
requested to be made: requested to be made:
URI: urn:ietf:params:xml:ns:yang:ietf-syslog-types URI: urn:ietf:params:xml:ns:yang:ietf-syslog-types
Registrant Contact: The IESG. Registrant Contact: The IESG.
skipping to change at page 31, line 44 skipping to change at page 29, line 20
This document registers a YANG module in the YANG Module Names This document registers a YANG module in the YANG Module Names
registry [RFC6020]. registry [RFC6020].
name: ietf-syslog namespace: urn:ietf:params:xml:ns:yang:ietf-syslog name: ietf-syslog namespace: urn:ietf:params:xml:ns:yang:ietf-syslog
prefix: ietf-syslog prefix: ietf-syslog
reference: RFC XXXX reference: RFC XXXX
7. Security Considerations 8. Security Considerations
The YANG module defined in this memo is designed to be accessed via The YANG module defined in this memo is designed to be accessed via
the NETCONF protocol [RFC6241]. The lowest NETCONF layer is the the NETCONF protocol [RFC6241]. The lowest NETCONF layer is the
secure transport layer and the mandatory-to-implement secure secure transport layer and the mandatory-to-implement secure
transport is SSH [RFC6242]. The NETCONF access control model transport is SSH [RFC6242]. The NETCONF access control model
[RFC6536] provides the means to restrict access for particular [RFC6536] provides the means to restrict access for particular
NETCONF users to a pre-configured subset of all available NETCONF NETCONF users to a pre-configured subset of all available NETCONF
protocol operations and content. protocol operations and content.
There are a number of data nodes defined in the YANG module which are There are a number of data nodes defined in the YANG module which are
writable/creatable/deletable (i.e., config true, which is the writable/creatable/deletable (i.e., config true, which is the
default). These data nodes may be considered sensitive or vulnerable default). These data nodes may be considered sensitive or vulnerable
in some network environments. Write operations (e.g., <edit-config>) in some network environments. Write operations (e.g., <edit-config>)
to these data nodes without proper protection can have a negative to these data nodes without proper protection can have a negative
effect on network operations. effect on network operations.
8. References 8.1. Resource Constraints
8.1. Normative References Network administrators must take the time to estimate the appropriate
memory limits caused by the configuration of actions/buffer using
buffer-limit-bytes and/or buffer-limit-messages where necessary to
limit the amount of memory used.
Network administrators must take the time to estimate the appropriate
storage capacity caused by the configuration of actions/file using
file-archive attributes to limit storage used.
It is the responsibility of the network admisintrator to ensure that
the configured message flow does not overwhelm system resources.
8.2. Inappropriate Configuration
It is the responsibility of the network admisintrator to ensure that
the messages are actually going to the intended recipients.
9. References
9.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<http://www.rfc-editor.org/info/rfc2119>. <http://www.rfc-editor.org/info/rfc2119>.
[RFC5424] Gerhards, R., "The Syslog Protocol", RFC 5424, [RFC5424] Gerhards, R., "The Syslog Protocol", RFC 5424,
DOI 10.17487/RFC5424, March 2009, DOI 10.17487/RFC5424, March 2009,
<http://www.rfc-editor.org/info/rfc5424>. <http://www.rfc-editor.org/info/rfc5424>.
skipping to change at page 32, line 38 skipping to change at page 30, line 36
<http://www.rfc-editor.org/info/rfc5425>. <http://www.rfc-editor.org/info/rfc5425>.
[RFC5426] Okmianski, A., "Transmission of Syslog Messages over UDP", [RFC5426] Okmianski, A., "Transmission of Syslog Messages over UDP",
RFC 5426, DOI 10.17487/RFC5426, March 2009, RFC 5426, DOI 10.17487/RFC5426, March 2009,
<http://www.rfc-editor.org/info/rfc5426>. <http://www.rfc-editor.org/info/rfc5426>.
[RFC5848] Kelsey, J., Callas, J., and A. Clemm, "Signed Syslog [RFC5848] Kelsey, J., Callas, J., and A. Clemm, "Signed Syslog
Messages", RFC 5848, DOI 10.17487/RFC5848, May 2010, Messages", RFC 5848, DOI 10.17487/RFC5848, May 2010,
<http://www.rfc-editor.org/info/rfc5848>. <http://www.rfc-editor.org/info/rfc5848>.
[RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for
and A. Bierman, Ed., "Network Configuration Protocol the Network Configuration Protocol (NETCONF)", RFC 6020,
(NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, DOI 10.17487/RFC6020, October 2010,
<http://www.rfc-editor.org/info/rfc6241>. <http://www.rfc-editor.org/info/rfc6020>.
[RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure [RFC6021] Schoenwaelder, J., Ed., "Common YANG Data Types",
Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011, RFC 6021, DOI 10.17487/RFC6021, October 2010,
<http://www.rfc-editor.org/info/rfc6242>. <http://www.rfc-editor.org/info/rfc6021>.
[RFC6587] Gerhards, R. and C. Lonvick, "Transmission of Syslog [RFC6587] Gerhards, R. and C. Lonvick, "Transmission of Syslog
Messages over TCP", RFC 6587, DOI 10.17487/RFC6587, April Messages over TCP", RFC 6587, DOI 10.17487/RFC6587, April
2012, <http://www.rfc-editor.org/info/rfc6587>. 2012, <http://www.rfc-editor.org/info/rfc6587>.
8.2. Informative References [RFC7223] Bjorklund, M., "A YANG Data Model for Interface
Management", RFC 7223, DOI 10.17487/RFC7223, May 2014,
<http://www.rfc-editor.org/info/rfc7223>.
9.2. Informative References
[RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688,
DOI 10.17487/RFC3688, January 2004, DOI 10.17487/RFC3688, January 2004,
<http://www.rfc-editor.org/info/rfc3688>. <http://www.rfc-editor.org/info/rfc3688>.
[RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed.,
the Network Configuration Protocol (NETCONF)", RFC 6020, and A. Bierman, Ed., "Network Configuration Protocol
DOI 10.17487/RFC6020, October 2010, (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011,
<http://www.rfc-editor.org/info/rfc6020>. <http://www.rfc-editor.org/info/rfc6241>.
[RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure
Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011,
<http://www.rfc-editor.org/info/rfc6242>.
Appendix A. Implementor Guidelines Appendix A. Implementor Guidelines
A.1. Extending Facilities A.1. Extending Facilities
Many vendors extend the list of facilities available for logging in Many vendors extend the list of facilities available for logging in
their implementation. Here is an example that shows how additional their implementation. Additional facilities may not work with the
facilities could be added to the list of available facilities (in syslog protocol as defined in [RFC5424] and hence such facilities
this case two facilities are added): apply for local syslog-like logging functionality.
The following is an example that shows how additional facilities
could be added to the list of available facilities (in this example
two facilities are added):
module vendor-syslog-types-example { module vendor-syslog-types-example {
namespace "urn:vendor:params:xml:ns:yang:vendor-syslog-types"; namespace "urn:vendor:params:xml:ns:yang:vendor-syslog-types";
prefix vendor-syslogtypes; prefix vendor-syslogtypes;
import ietf-syslog-types { import ietf-syslog-types {
prefix syslogtypes; prefix syslogtypes;
} }
organization "Vendor, Inc."; organization "Vendor, Inc.";
 End of changes. 105 change blocks. 
290 lines changed or deleted 210 lines changed or added

This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/