draft-ietf-netmod-syslog-model-09.txt   draft-ietf-netmod-syslog-model-10.txt 
NETMOD WG C. Wildes, Ed. NETMOD WG C. Wildes, Ed.
Internet-Draft K. Koushik, Ed. Internet-Draft K. Koushik, Ed.
Intended status: Standards Track Cisco Systems Inc. Intended status: Standards Track Cisco Systems Inc.
Expires: January 9, 2017 July 8, 2016 Expires: May 4, 2017 October 31, 2016
Syslog YANG Model A YANG Data Model for Syslog Configuration
draft-ietf-netmod-syslog-model-09 draft-ietf-netmod-syslog-model-10
Abstract Abstract
This document describes a data model for the configuration of syslog. This document describes a data model for the configuration of syslog.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on January 9, 2017. This Internet-Draft will expire on May 4, 2017.
Copyright Notice Copyright Notice
Copyright (c) 2016 IETF Trust and the persons identified as the Copyright (c) 2016 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 3, line 16 skipping to change at page 3, line 16
RFC. RFC.
1.1. Requirements Language 1.1. Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [RFC2119]. document are to be interpreted as described in RFC 2119 [RFC2119].
1.2. Terminology 1.2. Terminology
The term "message originator" is derived from the term "originator" The term "originator" is defined in [RFC5424]: an "originator"
as defined in [RFC5424]: an "originator" generates syslog content to generates syslog content to be carried in a message.
be carried in a message.
The term "message distributor" is defined as a function that filters
log messages and then distributes them.
The terms "relay" and "collectors" are as defined in [RFC5424]. The terms "relay" and "collectors" are as defined in [RFC5424].
2. Problem Statement 2. Problem Statement
This document defines a YANG [RFC6020] configuration data model that This document defines a YANG [RFC6020] configuration data model that
may be used to configure one or more syslog processes running on a may be used to configure the syslog feature running on a system.
system. YANG models can be used with network management protocols YANG models can be used with network management protocols such as
such as NETCONF [RFC6241] to install, manipulate, and delete the NETCONF [RFC6241] to install, manipulate, and delete the
configuration of network devices. configuration of network devices.
The data model makes use of the YANG "feature" construct which allows The data model makes use of the YANG "feature" construct which allows
implementations to support only those syslog features that lie within implementations to support only those syslog features that lie within
their capabilities. their capabilities.
This module can be used to configure the syslog application This module can be used to configure the syslog application
conceptual layer [RFC5424]. conceptual layers as implemented on the target system [RFC5424].
3. Design of the Syslog Model 3. Design of the Syslog Model
The syslog model was designed by comparing various syslog features The syslog model was designed by comparing various syslog features
implemented by various vendors' in different implementations. implemented by various vendors' in different implementations.
This draft addresses the common leafs between implementations and This draft addresses the common leafs between implementations and
creates a common model, which can be augmented with proprietary creates a common model, which can be augmented with proprietary
features, if necessary. The base model is designed to be very simple features, if necessary. The base model is designed to be very simple
for maximum flexibility. for maximum flexibility.
Syslog consists of message originators, and message distributors. Syslog consists of originators, and collectors. The following digram
The following digram shows syslog messages flowing from a message shows syslog messages flowing from an originator, to collectors where
originator, to message distributors where suppression filtering can suppression filtering can take place.
take place.
Many vendors extend the list of facilities available for logging in Many vendors extend the list of facilities available for logging in
their implementation. An example is included in Extending Facilities their implementation. An example is included in Extending Facilities
(Appendix A.1). (Appendix A.1).
Message Originators Originators
+-------------+ +-------------+ +-------------+ +-------------+ +-------------+ +-------------+ +-------------+ +-------------+
| Various | | OS | | | | Remote | | Various | | OS | | | | Remote |
| Components | | Kernel | | Line Cards | | Servers | | Components | | Kernel | | Line Cards | | Servers |
+-------------+ +-------------+ +-------------+ +-------------+ +-------------+ +-------------+ +-------------+ +-------------+
+-------------+ +-------------+ +-------------+ +-------------+ +-------------+ +-------------+ +-------------+ +-------------+
| SNMP | | Interface | | Standby | | Syslog | | SNMP | | Interface | | Standby | | Syslog |
| Events | | Events | | Supervisor | | Itself | | Events | | Events | | Supervisor | | Itself |
+-------------+ +-------------+ +-------------+ +-------------+ +-------------+ +-------------+ +-------------+ +-------------+
| | | |
+----------------------------------------------------------------+ +----------------------------------------------------------------+
| |
| |
| |
| |
+-----------+------------+--------------+ +-----------+------------+--------------+
| | | | | | | |
v v v | v v v |
Message Distributors | Collectors |
+----------+ +----------+ +----------+ | +----------+ +----------+ +----------+ |
| | | Log | | Log | | | | | Log | | Log | |
| Console | | Buffer | | File(s) | | | Console | | Buffer | | File(s) | |
+----------+ +----------+ +----------+ | +----------+ +----------+ +----------+ |
| |
+-+-------------+ +-+-------------+
| | | |
v v v v
+----------------+ +-----------+ +----------------+ +-----------+
|Remote Relay(s)/| |User | |Remote Relay(s)/| |User |
|Collectors(s) | |Sessions(s)| |Collectors(s) | |Sessions(s)|
+----------------+ +-----------+ +----------------+ +-----------+
The leaves in the base syslog model log-input-transports container Figure 1. Syslog Processing Flow
correspond to remote message originators or remote message relays.
The leaves in the base syslog model log-actions container correspond The leaves in the base syslog model log-actions container correspond
to each message distributor: to each message collector:
console console
log buffer log buffer
log file(s) log file(s)
remote relay(s)/collector(s) remote relay(s)/collector(s)
user session(s). user session(s).
Optional features are used to specified functionality that is present Optional features are used to specified functionality that is present
in specific vendor configurations. in specific vendor configurations.
skipping to change at page 6, line 14 skipping to change at page 6, line 5
If the type is a leafref, the type is printed as "-> TARGET", where If the type is a leafref, the type is printed as "-> TARGET", where
TARGET is either the leafref path, with prefixed removed if possible. TARGET is either the leafref path, with prefixed removed if possible.
<if-features> is the list of features this node depends on, printed <if-features> is the list of features this node depends on, printed
within curly brackets and a question mark "{...}?" within curly brackets and a question mark "{...}?"
module: ietf-syslog module: ietf-syslog
+--rw syslog +--rw syslog
+--rw actions +--rw actions
+--rw console! +--rw console!
| +--rw log-selector | +--rw selector
| +--rw (selector-facility) | +--rw (selector-facility)
| | +--:(no-log-facility) | | +--:(facility)
| | | +--rw no-facilities? empty | | | +--rw no-facilities? empty
| | +--:(log-facility) | | +--:(name)
| | +--rw log-facility* [facility] | | +--rw facility* [facility]
| | +--rw facility union | | +--rw facility union
| | +--rw severity union | | +--rw severity union
| | +--rw compare-op? enumeration {select-sev-compare}? | | +--rw compare-op? enumeration {select-sev-compare}?
| +--rw pattern-match? string {select-match}? | +--rw pattern-match? string {select-match}?
+--rw buffer +--rw buffer
| +--rw log-selector | +--rw selector
| | +--rw (selector-facility) | | +--rw (selector-facility)
| | | +--:(no-log-facility) | | | +--:(facility)
| | | | +--rw no-facilities? empty | | | | +--rw no-facilities? empty
| | | +--:(log-facility) | | | +--:(name)
| | | +--rw log-facility* [facility] | | | +--rw facility* [facility]
| | | +--rw facility union | | | +--rw facility union
| | | +--rw severity union | | | +--rw severity union
| | | +--rw compare-op? enumeration {select-sev-compare}? | | | +--rw compare-op? enumeration {select-sev-compare}?
| | +--rw pattern-match? string {select-match}? | | +--rw pattern-match? string {select-match}?
| +--rw structured-data? boolean {structured-data}?
| +--rw buffer-limit-bytes? uint64 {buffer-limit-bytes}? | +--rw buffer-limit-bytes? uint64 {buffer-limit-bytes}?
| +--rw buffer-limit-messages? uint64 {buffer-limit-messages}? | +--rw buffer-limit-messages? uint64 {buffer-limit-messages}?
| +--rw structured-data? boolean {structured-data}?
+--rw file +--rw file
| +--rw log-file* [name] | +--rw log-file* [name]
| +--rw name inet:uri | +--rw name inet:uri
| +--rw log-selector | +--rw selector
| | +--rw (selector-facility) | | +--rw (selector-facility)
| | | +--:(no-log-facility) | | | +--:(facility)
| | | | +--rw no-facilities? empty | | | | +--rw no-facilities? empty
| | | +--:(log-facility) | | | +--:(name)
| | | +--rw log-facility* [facility] | | | +--rw facility* [facility]
| | | +--rw facility union | | | +--rw facility union
| | | +--rw severity union | | | +--rw severity union
| | | +--rw compare-op? enumeration {select-sev-compare}? | | | +--rw compare-op? enumeration {select-sev-compare}?
| | +--rw pattern-match? string {select-match}? | | +--rw pattern-match? string {select-match}?
| +--rw structured-data? boolean {structured-data}? | +--rw structured-data? boolean {structured-data}?
| +--rw file-archive | +--rw file-rotation
| +--rw number-of-files? uint32 {file-limit-size}? | +--rw number-of-files? uint32 {file-limit-size}?
| +--rw max-file-size? uint64 {file-limit-size}? | +--rw max-file-size? uint64 {file-limit-size}?
| +--rw rollover? uint32 {file-limit-duration}? | +--rw rollover? uint32 {file-limit-duration}?
| +--rw retention? uint16 {file-limit-duration}? | +--rw retention? uint16 {file-limit-duration}?
+--rw remote +--rw remote
| +--rw destination* [name] | +--rw destination* [name]
| +--rw name string | +--rw name string
| +--rw (transport) | +--rw (transport)
| | +--:(tcp) | | +--:(tcp)
| | | +--rw tcp | | | +--rw tcp
| | | +--rw address? inet:host | | | +--rw address? inet:host
| | | +--rw port? inet:port-number | | | +--rw port? inet:port-number
| | +--:(udp) | | +--:(udp)
| | | +--rw udp | | | +--rw udp
| | | +--rw address? inet:host | | | +--rw address? inet:host
| | | +--rw port? inet:port-number | | | +--rw port? inet:port-number
| | +--:(tls) | | +--:(tls)
| | +--rw tls | | +--rw tls
| +--rw log-selector | +--rw selector
| | +--rw (selector-facility) | | +--rw (selector-facility)
| | | +--:(no-log-facility) | | | +--:(facility)
| | | | +--rw no-facilities? empty | | | | +--rw no-facilities? empty
| | | +--:(log-facility) | | | +--:(name)
| | | +--rw log-facility* [facility] | | | +--rw facility* [facility]
| | | +--rw facility union | | | +--rw facility union
| | | +--rw severity union | | | +--rw severity union
| | | +--rw compare-op? enumeration {select-sev-compare}? | | | +--rw compare-op? enumeration {select-sev-compare}?
| | +--rw pattern-match? string {select-match}? | | +--rw pattern-match? string {select-match}?
| +--rw destination-facility? identityref | +--rw structured-data? boolean {structured-data}?
| +--rw source-interface? if:interface-ref | +--rw facility-override? identityref
| +--rw structured-data? boolean {structured-data}? | +--rw source-interface? if:interface-ref
| +--rw syslog-sign! {signed-messages}? | +--rw syslog-sign! {signed-messages}?
| +--rw cert-initial-repeat uint16 | +--rw cert-initial-repeat uint16
| +--rw cert-resend-delay uint16 | +--rw cert-resend-delay uint16
| +--rw cert-resend-count uint16 | +--rw cert-resend-count uint16
| +--rw sig-max-delay uint16 | +--rw sig-max-delay uint16
| +--rw sig-number-resends uint16 | +--rw sig-number-resends uint16
| +--rw sig-resend-delay uint16 | +--rw sig-resend-delay uint16
| +--rw sig-resend-count uint16 | +--rw sig-resend-count uint16
+--rw session +--rw session
+--rw all-users! +--rw all-users!
| +--rw log-selector | +--rw selector
| +--rw (selector-facility) | +--rw (selector-facility)
| | +--:(no-log-facility) | | +--:(facility)
| | | +--rw no-facilities? empty | | | +--rw no-facilities? empty
| | +--:(log-facility) | | +--:(name)
| | +--rw log-facility* [facility] | | +--rw facility* [facility]
| | +--rw facility union | | +--rw facility union
| | +--rw severity union | | +--rw severity union
| | +--rw compare-op? enumeration {select-sev-compare}? | | +--rw compare-op? enumeration {select-sev-compare}?
| +--rw pattern-match? string {select-match}? | +--rw pattern-match? string {select-match}?
+--rw user* [name] +--rw user* [name]
+--rw name string +--rw name string
+--rw log-selector +--rw selector
+--rw (selector-facility) +--rw (selector-facility)
| +--:(no-log-facility) | +--:(facility)
| | +--rw no-facilities? empty | | +--rw no-facilities? empty
| +--:(log-facility) | +--:(name)
| +--rw log-facility* [facility] | +--rw facility* [facility]
| +--rw facility union | +--rw facility union
| +--rw severity union | +--rw severity union
| +--rw compare-op? enumeration {select-sev-compare}? | +--rw compare-op? enumeration {select-sev-compare}?
+--rw pattern-match? string {select-match}? +--rw pattern-match? string {select-match}?
Figure 2. ietf-syslog Module Tree
4. Syslog YANG Modules 4. Syslog YANG Modules
4.1. The ietf-syslog-types Module 4.1. The ietf-syslog-types Module
This module references [RFC5424]. This module references [RFC5424].
<CODE BEGINS> file "ietf-syslog-types.yang" <CODE BEGINS> file "ietf-syslog-types.yang"
module ietf-syslog-types { module ietf-syslog-types {
namespace "urn:ietf:params:xml:ns:yang:ietf-syslog-types"; namespace "urn:ietf:params:xml:ns:yang:ietf-syslog-types";
prefix syslogtypes; prefix syslogtypes;
skipping to change at page 9, line 27 skipping to change at page 9, line 20
'OPTIONAL' in the module text are to be interpreted as described 'OPTIONAL' in the module text are to be interpreted as described
in RFC 2119 (http://tools.ietf.org/html/rfc2119). in RFC 2119 (http://tools.ietf.org/html/rfc2119).
This version of this YANG module is part of RFC XXXX This version of this YANG module is part of RFC XXXX
(http://tools.ietf.org/html/rfcXXXX); see the RFC itself for (http://tools.ietf.org/html/rfcXXXX); see the RFC itself for
full legal notices."; full legal notices.";
reference reference
"RFC 5424: The Syslog Protocol"; "RFC 5424: The Syslog Protocol";
revision 2016-07-08 { revision 2016-10-30 {
description description
"Initial Revision"; "Initial Revision";
reference reference
"RFC XXXX: SYSLOG YANG Model"; "RFC XXXX: SYSLOG YANG Model";
} }
typedef severity { typedef severity {
type enumeration { type enumeration {
enum "emergency" { enum "emergency" {
value 0; value 0;
description description
"Emergency Level Msg"; "The severity level 'Emergency' indicating that the system
is unusable.";
} }
enum "alert" { enum "alert" {
value 1; value 1;
description description
"Alert Level Msg"; "The severity level 'Alert' indicating that an action must be
taken immediately.";
} }
enum "critical" { enum "critical" {
value 2; value 2;
description description
"Critical Level Msg"; "The severity level 'Critical' indicating a critical condition.";
} }
enum "error" { enum "error" {
value 3; value 3;
description description
"Error Level Msg"; "The severity level 'Error' indicating an error condition.";
} }
enum "warning" { enum "warning" {
value 4; value 4;
description description
"Warning Level Msg"; "The severity level 'Warning' indicating a warning condition.";
} }
enum "notice" { enum "notice" {
value 5; value 5;
description description
"Notification Level Msg"; "The severity level 'Notice' indicating a normal but significant
condition.";
} }
enum "info" { enum "info" {
value 6; value 6;
description description
"Informational Level Msg"; "The severity level 'Info' indicating an informational message.";
} }
enum "debug" { enum "debug" {
value 7; value 7;
description description
"Debugging Level Msg"; "The severity level 'Debug' indicating a debug-level message.";
} }
} }
description description
"The definitions for Syslog message severity as per RFC 5424."; "The definitions for Syslog message severity as per RFC 5424.";
} }
identity syslog-facility { identity syslog-facility {
description description
"This identity is used as a base for all syslog facilities as "This identity is used as a base for all syslog facilities as
per RFC 5424."; per RFC 5424.";
skipping to change at page 11, line 25 skipping to change at page 11, line 21
base syslog-facility; base syslog-facility;
description description
"The facility for security/authorization messages (4) as defined "The facility for security/authorization messages (4) as defined
in RFC 5424."; in RFC 5424.";
} }
identity syslog { identity syslog {
base syslog-facility; base syslog-facility;
description description
"The facility for messages generated internally by syslogd "The facility for messages generated internally by syslogd
facility (5)as defined in RFC 5424."; facility (5) as defined in RFC 5424.";
} }
identity lpr { identity lpr {
base syslog-facility; base syslog-facility;
description description
"The facility for the line printer subsystem (6) as defined in "The facility for the line printer subsystem (6) as defined in
RFC 5424."; RFC 5424.";
} }
identity news { identity news {
skipping to change at page 14, line 6 skipping to change at page 13, line 51
identity local7 { identity local7 {
base syslog-facility; base syslog-facility;
description description
"The facility for local use 7 messages (23) as defined in "The facility for local use 7 messages (23) as defined in
RFC 5424."; RFC 5424.";
} }
} }
<CODE ENDS> <CODE ENDS>
Figure 3. ietf-syslog-types Module
4.2. The ietf-syslog Module 4.2. The ietf-syslog Module
This module imports typedefs from [RFC6021] and [RFC7223], and it This module imports typedefs from [RFC6021] and [RFC7223], and it
references [RFC5424], [RFC5425], [RFC5426], [RFC6587], and [RFC5848]. references [RFC5424], [RFC5425], [RFC5426], [RFC6587], and [RFC5848].
<CODE BEGINS> file "ietf-syslog.yang" <CODE BEGINS> file "ietf-syslog.yang"
module ietf-syslog { module ietf-syslog {
namespace "urn:ietf:params:xml:ns:yang:ietf-syslog"; namespace "urn:ietf:params:xml:ns:yang:ietf-syslog";
prefix syslog; prefix syslog;
skipping to change at page 15, line 31 skipping to change at page 15, line 29
(http://tools.ietf.org/html/rfcXXXX); see the RFC itself for (http://tools.ietf.org/html/rfcXXXX); see the RFC itself for
full legal notices."; full legal notices.";
reference reference
"RFC 5424: The Syslog Protocol "RFC 5424: The Syslog Protocol
RFC 5425: Transport Layer Security (TLS) Transport Mapping for Syslog RFC 5425: Transport Layer Security (TLS) Transport Mapping for Syslog
RFC 5426: Transmission of Syslog Messages over UDP RFC 5426: Transmission of Syslog Messages over UDP
RFC 6587: Transmission of Syslog Messages over TCP RFC 6587: Transmission of Syslog Messages over TCP
RFC 5848: Signed Syslog Messages"; RFC 5848: Signed Syslog Messages";
revision 2016-07-08 { revision 2016-10-30 {
description description
"Initial Revision"; "Initial Revision";
reference reference
"RFC XXXX: Syslog YANG Model"; "RFC XXXX: Syslog YANG Model";
} }
feature buffer-limit-bytes { feature buffer-limit-bytes {
description description
"This feature indicates that local memory logging buffers "This feature indicates that local memory logging buffers
are limited in size using a limit expressed in bytes."; are limited in size using a limit expressed in bytes.";
skipping to change at page 18, line 14 skipping to change at page 18, line 13
"This leaf describes the option to specify how the "This leaf describes the option to specify how the
severity comparison is performed."; severity comparison is performed.";
} }
} }
grouping selector { grouping selector {
description description
"This grouping defines a syslog selector which is used to "This grouping defines a syslog selector which is used to
select log messages for the log-action (buffer, file, select log messages for the log-action (buffer, file,
etc). Choose one of the following: etc). Choose one of the following:
no-log-facility no-facility
log-facility [<facility> <severity>...]"; facility [<facility> <severity>...]";
container log-selector { container selector {
description description
"This container describes the log selector parameters "This container describes the log selector parameters
for syslog."; for syslog.";
choice selector-facility { choice selector-facility {
mandatory true; mandatory true;
description description
"This choice describes the option to specify no "This choice describes the option to specify no
facilities, or a specific facility which can be facilities, or a specific facility which can be
all for all facilities."; all for all facilities.";
case no-log-facility { case facility {
description description
"This case specifies no facilities will match when "This case specifies no facilities will match when
comparing the syslog message facility. This is a comparing the syslog message facility. This is a
method that can be used to effectively disable a method that can be used to effectively disable a
particular log-action (buffer, file, etc)."; particular log-action (buffer, file, etc).";
leaf no-facilities { leaf no-facilities {
type empty; type empty;
description description
"This leaf specifies that no facilities are selected "This leaf specifies that no facilities are selected
for this log-action."; for this log-action.";
} }
} }
case log-facility { case name {
description description
"This case specifies one or more specified facilities "This case specifies one or more specified facilities
will match when comparing the syslog message facility."; will match when comparing the syslog message facility.";
list log-facility { list facility {
key facility; key facility;
description description
"This list describes a collection of syslog "This list describes a collection of syslog
facilities and severities."; facilities and severities.";
leaf facility { leaf facility {
type union { type union {
type identityref { type identityref {
base syslogtypes:syslog-facility; base syslogtypes:syslog-facility;
} }
type enumeration { type enumeration {
enum all { enum all {
description description
"This enum describes the case where all "This enum describes the case where all
facilities are requested."; facilities are requested.";
} }
} }
} }
description description
skipping to change at page 20, line 25 skipping to change at page 20, line 24
uses selector; uses selector;
} }
container buffer { container buffer {
description description
"This container describes the configuration parameters for "This container describes the configuration parameters for
local memory buffer logging. The buffer is circular in local memory buffer logging. The buffer is circular in
nature, so newer messages overwrite older messages after nature, so newer messages overwrite older messages after
the buffer is filled. The method used to read syslog messages the buffer is filled. The method used to read syslog messages
from the buffer is supplied by the local implementation."; from the buffer is supplied by the local implementation.";
uses selector; uses selector;
uses structured-data;
leaf buffer-limit-bytes { leaf buffer-limit-bytes {
if-feature buffer-limit-bytes; if-feature buffer-limit-bytes;
type uint64; type uint64;
units "bytes"; units "bytes";
description description
"This leaf configures the amount of memory (in bytes) that "This leaf configures the amount of memory (in bytes) that
will be dedicated to the local memory logging buffer. will be dedicated to the local memory logging buffer.
The default value varies by implementation."; The default value varies by implementation.";
} }
leaf buffer-limit-messages { leaf buffer-limit-messages {
if-feature buffer-limit-messages; if-feature buffer-limit-messages;
type uint64; type uint64;
units "log messages"; units "log messages";
description description
"This leaf configures the number of log messages that "This leaf configures the number of log messages that
will be dedicated to the local memory logging buffer. will be dedicated to the local memory logging buffer.
The default value varies by implementation."; The default value varies by implementation.";
} }
uses structured-data;
} }
container file { container file {
description description
"This container describes the configuration parameters for "This container describes the configuration parameters for
file logging. If file-archive limits are not supplied, it file logging. If file-archive limits are not supplied, it
is assumed that the local implementation defined limits will is assumed that the local implementation defined limits will
be used."; be used.";
list log-file { list log-file {
key "name"; key "name";
description description
skipping to change at page 21, line 18 skipping to change at page 21, line 17
leaf name { leaf name {
type inet:uri { type inet:uri {
pattern 'file:.*'; pattern 'file:.*';
} }
description description
"This leaf specifies the name of the log file which "This leaf specifies the name of the log file which
MUST use the uri scheme file:."; MUST use the uri scheme file:.";
} }
uses selector; uses selector;
uses structured-data; uses structured-data;
container file-archive { container file-rotation {
description description
"This container describes the configuration "This container describes the configuration
parameters for log file archiving."; parameters for log file rotation.";
leaf number-of-files { leaf number-of-files {
if-feature file-limit-size; if-feature file-limit-size;
type uint32; type uint32;
description description
"This leaf specifies the maximum number of log "This leaf specifies the maximum number of log
files retained. Specify 1 for implementations files retained. Specify 1 for implementations
that only support one log file."; that only support one log file.";
} }
leaf max-file-size { leaf max-file-size {
if-feature file-limit-size; if-feature file-limit-size;
skipping to change at page 23, line 50 skipping to change at page 23, line 49
// default 6514; // default 6514;
// description // description
// "TCP port 6514 has been allocated as the default // "TCP port 6514 has been allocated as the default
// port for syslog over TLS."; // port for syslog over TLS.";
// } // }
// } // }
} }
} }
} }
uses selector; uses selector;
leaf destination-facility { uses structured-data;
leaf facility-override {
type identityref { type identityref {
base syslogtypes:syslog-facility; base syslogtypes:syslog-facility;
} }
default syslogtypes:local7;
description description
"This leaf specifies the facility used in messages "If specified, this leaf specifies the facility used
delivered to the remote server."; to override the facility in messages delivered to the
remote server.";
} }
leaf source-interface { leaf source-interface {
type if:interface-ref; type if:interface-ref;
description description
"This leaf sets the source interface for the remote "This leaf sets the source interface to be used to send
syslog server. Either the interface name or the message to the remote syslog server. If not set,
interface IP address can be specified. If not set,
messages sent to a remote syslog server will messages sent to a remote syslog server will
contain the IP address of the interface the syslog contain the IP address of the interface the syslog
message uses to exit the network element"; message uses to exit the network element";
} }
uses structured-data;
container syslog-sign { container syslog-sign {
if-feature signed-messages; if-feature signed-messages;
presence presence
"If present, syslog-sign is activated."; "If present, syslog-sign is activated.";
description description
"This container describes the configuration "This container describes the configuration
parameters for signed syslog messages as described parameters for signed syslog messages as described
by RFC 5848."; by RFC 5848.";
reference reference
"RFC 5848: Signed Syslog Messages"; "RFC 5848: Signed Syslog Messages";
leaf cert-initial-repeat { leaf cert-initial-repeat {
type uint16; type uint16;
mandatory true; mandatory true;
description description
"This leaf specifies the number of times each "This leaf specifies the number of times each
Certificate Block should be sent before the first Certificate Block should be sent before the first
message is sent."; message is sent.";
} }
leaf cert-resend-delay { leaf cert-resend-delay {
type uint16; type uint16;
units "seconds";
mandatory true; mandatory true;
description description
"This leaf specifies the maximum time delay in "This leaf specifies the maximum time delay in
seconds until resending the Certificate Block."; seconds until resending the Certificate Block.";
} }
leaf cert-resend-count { leaf cert-resend-count {
type uint16; type uint16;
mandatory true; mandatory true;
description description
"This leaf specifies the maximum number of other "This leaf specifies the maximum number of other
skipping to change at page 25, line 5 skipping to change at page 25, line 4
"This leaf specifies the maximum time delay in "This leaf specifies the maximum time delay in
seconds until resending the Certificate Block."; seconds until resending the Certificate Block.";
} }
leaf cert-resend-count { leaf cert-resend-count {
type uint16; type uint16;
mandatory true; mandatory true;
description description
"This leaf specifies the maximum number of other "This leaf specifies the maximum number of other
syslog messages to send until resending the syslog messages to send until resending the
Certificate Block."; Certificate Block.";
} }
leaf sig-max-delay { leaf sig-max-delay {
type uint16; type uint16;
units "seconds";
mandatory true; mandatory true;
description description
"This leaf specifies when to generate a new "This leaf specifies when to generate a new
Signature Block. If this many seconds have Signature Block. If this many seconds have
elapsed since the message with the first message elapsed since the message with the first message
number of the Signature Block was sent, a new number of the Signature Block was sent, a new
Signature Block should be generated."; Signature Block should be generated.";
} }
leaf sig-number-resends { leaf sig-number-resends {
type uint16; type uint16;
mandatory true; mandatory true;
description description
"This leaf specifies the number of times a "This leaf specifies the number of times a
Signature Block is resent. (It is recommended to Signature Block is resent. (It is recommended to
select a value of greater than 0 in particular select a value of greater than 0 in particular
when the UDP transport [RFC5426] is used.)."; when the UDP transport [RFC5426] is used.).";
} }
leaf sig-resend-delay { leaf sig-resend-delay {
type uint16; type uint16;
units "seconds";
mandatory true; mandatory true;
description description
"This leaf specifies when to send the next "This leaf specifies when to send the next
Signature Block transmission based on time. If Signature Block transmission based on time. If
this many seconds have elapsed since the previous this many seconds have elapsed since the previous
sending of this Signature Block, resend it."; sending of this Signature Block, resend it.";
} }
leaf sig-resend-count { leaf sig-resend-count {
type uint16; type uint16;
mandatory true; mandatory true;
skipping to change at page 26, line 29 skipping to change at page 26, line 31
is to receive log messages."; is to receive log messages.";
} }
uses selector; uses selector;
} }
} }
} }
} }
} }
<CODE ENDS> <CODE ENDS>
5. Usage Examples Figure 4. ietf-syslog Module
5. Usage Examples
Requirement: Requirement:
Enable console logging of syslogs of severity critical Enable console logging of syslogs of severity critical
Here is the example syslog configuration xml: Here is the example syslog configuration xml:
<rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> <config xmlns:xc="urn:ietf:params:xml:ns:netconf:base:1.0">
<edit-config> <syslog xmlns="urn:ietf:params:xml:ns:yang:ietf-syslog"
<target> xmlns:syslog="urn:ietf:params:xml:ns:yang:ietf-syslog">
<candidate/> <actions>
</target> <console>
<config xmlns:xc="urn:ietf:params:xml:ns:netconf:base:1.0"> <selector>
<syslog xmlns="urn:ietf:params:xml:ns:yang:ietf-syslog" <facility>
xmlns:syslog="urn:ietf:params:xml:ns:yang:ietf-syslog"> <facility>all</facility>
<actions> <severity>critical</severity>
<console> </facility>
<log-selector> </selector>
<log-facility> </console>
<facility>all</facility> </actions>
<severity>critical</severity> </syslog>
</log-facility> </config>
</log-selector>
</console>
</actions>
</syslog>
</config>
</edit-config>
</rpc>
<?xml version="1.0" encoding="UTF-8"?>
<rpc-reply message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<ok/>
</rpc-reply>
Enable remote logging of syslogs to udp destination 2001:db8:a0b:12f0::1 Enable remote logging of syslogs to udp destination 2001:db8:a0b:12f0::1
for facility auth, severity error for facility auth, severity error
<rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> <config xmlns:xc="urn:ietf:params:xml:ns:netconf:base:1.0">
<edit-config> <syslog xmlns="urn:ietf:params:xml:ns:yang:ietf-syslog"
<target> xmlns:syslog="urn:ietf:params:xml:ns:yang:ietf-syslog">
<candidate/> <actions>
</target> <remote>
<config xmlns:xc="urn:ietf:params:xml:ns:netconf:base:1.0"> <destination>
<syslog xmlns="urn:ietf:params:xml:ns:yang:ietf-syslog" <name>remote1</name>
xmlns:syslog="urn:ietf:params:xml:ns:yang:ietf-syslog"> <udp>
<actions> <address>2001:db8:a0b:12f0::1</address>
<remote> </udp>
<destination> <selector>
<name>remote1</name> <facility>
<udp> <facility xmlns:syslogtypes=
<address>2001:db8:a0b:12f0::1</address> "urn:ietf:params:xml:ns:yang:ietf-syslog-types">
</udp> syslogtypes:auth</facility>
<log-selector> <severity>error</severity>
<log-facility> <facility>
<facility xmlns:syslogtypes= <selector>
"urn:ietf:params:xml:ns:yang:ietf-syslog-types"> </destination>
syslogtypes:auth</facility> </remote>
<severity>error</severity> </actions>
</log-facility> </syslog>
</log-selector> </config>
</destination>
</remote>
</actions>
</syslog>
</config>
</edit-config>
</rpc>
<?xml version="1.0" encoding="UTF-8"?> Figure 5. ietf-syslog Examples
<rpc-reply message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<ok/>
</rpc-reply>
6. Acknowledgements 6. Acknowledgements
The authors wish to thank the following who commented on this The authors wish to thank the following who commented on this
proposal: proposal:
Martin Bjorklund Martin Bjorklund
Jim Gibson Jim Gibson
Jeffrey Haas Jeffrey Haas
John Heasley John Heasley
skipping to change at page 29, line 48 skipping to change at page 29, line 45
Network administrators must take the time to estimate the appropriate Network administrators must take the time to estimate the appropriate
memory limits caused by the configuration of actions/buffer using memory limits caused by the configuration of actions/buffer using
buffer-limit-bytes and/or buffer-limit-messages where necessary to buffer-limit-bytes and/or buffer-limit-messages where necessary to
limit the amount of memory used. limit the amount of memory used.
Network administrators must take the time to estimate the appropriate Network administrators must take the time to estimate the appropriate
storage capacity caused by the configuration of actions/file using storage capacity caused by the configuration of actions/file using
file-archive attributes to limit storage used. file-archive attributes to limit storage used.
It is the responsibility of the network admisintrator to ensure that It is the responsibility of the network administrator to ensure that
the configured message flow does not overwhelm system resources. the configured message flow does not overwhelm system resources.
8.2. Inappropriate Configuration 8.2. Inappropriate Configuration
It is the responsibility of the network admisintrator to ensure that It is the responsibility of the network admisintrator to ensure that
the messages are actually going to the intended recipients. the messages are actually going to the intended recipients.
9. References 9. References
9.1. Normative References 9.1. Normative References
skipping to change at page 32, line 13 skipping to change at page 32, line 13
two facilities are added): two facilities are added):
module vendor-syslog-types-example { module vendor-syslog-types-example {
namespace "urn:vendor:params:xml:ns:yang:vendor-syslog-types"; namespace "urn:vendor:params:xml:ns:yang:vendor-syslog-types";
prefix vendor-syslogtypes; prefix vendor-syslogtypes;
import ietf-syslog-types { import ietf-syslog-types {
prefix syslogtypes; prefix syslogtypes;
} }
organization "Vendor, Inc."; organization "Example, Inc.";
contact contact
"Vendor, Inc. "Example, Inc.
Customer Service Customer Service
E-mail: syslog-yang@vendor.com"; E-mail: syslog-yang@example.com";
description description
"This module contains a collection of vendor-sprecific YANG type "This module contains a collection of vendor-specific YANG type
definitions for SYSLOG."; definitions for SYSLOG.";
revision 2016-03-20 { revision 2016-03-20 {
description description
"Version 1.0"; "Version 1.0";
reference reference
"Vendor SYSLOG Types: SYSLOG YANG Model"; "Vendor SYSLOG Types: SYSLOG YANG Model";
} }
identity vendor_specific_type_1 { identity vendor_specific_type_1 {
 End of changes. 75 change blocks. 
151 lines changed or deleted 132 lines changed or added

This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/