draft-ietf-netmod-syslog-model-10.txt   draft-ietf-netmod-syslog-model-11.txt 
NETMOD WG C. Wildes, Ed. NETMOD WG C. Wildes, Ed.
Internet-Draft K. Koushik, Ed. Internet-Draft K. Koushik, Ed.
Intended status: Standards Track Cisco Systems Inc. Intended status: Standards Track Cisco Systems Inc.
Expires: May 4, 2017 October 31, 2016 Expires: May 17, 2017 November 13, 2016
A YANG Data Model for Syslog Configuration A YANG Data Model for Syslog Configuration
draft-ietf-netmod-syslog-model-10 draft-ietf-netmod-syslog-model-11
Abstract Abstract
This document describes a data model for the configuration of syslog. This document describes a data model for the configuration of syslog.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on May 4, 2017. This Internet-Draft will expire on May 17, 2017.
Copyright Notice Copyright Notice
Copyright (c) 2016 IETF Trust and the persons identified as the Copyright (c) 2016 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 24 skipping to change at page 2, line 24
4.1. The ietf-syslog-types Module . . . . . . . . . . . . . . 8 4.1. The ietf-syslog-types Module . . . . . . . . . . . . . . 8
4.2. The ietf-syslog Module . . . . . . . . . . . . . . . . . 14 4.2. The ietf-syslog Module . . . . . . . . . . . . . . . . . 14
5. Usage Examples . . . . . . . . . . . . . . . . . . . . . . . 26 5. Usage Examples . . . . . . . . . . . . . . . . . . . . . . . 26
6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 28 6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 28
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 28 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 28
8. Security Considerations . . . . . . . . . . . . . . . . . . . 29 8. Security Considerations . . . . . . . . . . . . . . . . . . . 29
8.1. Resource Constraints . . . . . . . . . . . . . . . . . . 29 8.1. Resource Constraints . . . . . . . . . . . . . . . . . . 29
8.2. Inappropriate Configuration . . . . . . . . . . . . . . . 30 8.2. Inappropriate Configuration . . . . . . . . . . . . . . . 30
9. References . . . . . . . . . . . . . . . . . . . . . . . . . 30 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 30
9.1. Normative References . . . . . . . . . . . . . . . . . . 30 9.1. Normative References . . . . . . . . . . . . . . . . . . 30
9.2. Informative References . . . . . . . . . . . . . . . . . 31 9.2. Informative References . . . . . . . . . . . . . . . . . 30
Appendix A. Implementor Guidelines . . . . . . . . . . . . . . . 31 Appendix A. Implementor Guidelines . . . . . . . . . . . . . . . 31
A.1. Extending Facilities . . . . . . . . . . . . . . . . . . 31 A.1. Extending Facilities . . . . . . . . . . . . . . . . . . 31
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 32 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 32
1. Introduction 1. Introduction
Operating systems, processes and applications generate messages Operating systems, processes and applications generate messages
indicating their own status or the occurrence of events. These indicating their own status or the occurrence of events. These
messages are useful for managing and/or debugging the network and its messages are useful for managing and/or debugging the network and its
services. The BSD syslog protocol is a widely adopted protocol that services. The BSD syslog protocol is a widely adopted protocol that
skipping to change at page 4, line 42 skipping to change at page 4, line 42
| | | |
v v v v
+----------------+ +-----------+ +----------------+ +-----------+
|Remote Relay(s)/| |User | |Remote Relay(s)/| |User |
|Collectors(s) | |Sessions(s)| |Collectors(s) | |Sessions(s)|
+----------------+ +-----------+ +----------------+ +-----------+
Figure 1. Syslog Processing Flow Figure 1. Syslog Processing Flow
The leaves in the base syslog model log-actions container correspond The leaves in the base syslog model actions container correspond to
to each message collector: each message collector:
console console
log buffer log buffer
log file(s) log file(s)
remote relay(s)/collector(s) remote relay(s)/collector(s)
user session(s). user session(s).
Within each action, a selector is used to filter syslog messages. A
selector consists of two parts: one or more facility-severity
matches, and if supported via the select-match feature, an optional
regular expression pattern match that is performed on the SYSLOG-MSG
field.
The facility is one of a specific syslogtypes:syslog-facility, none,
or all facilities. None is a special case that can be used to
disable an action.
The severity is one of syslogtypes:severity, all severities, or none.
None is a special case that can be used to disable a facility. When
filtering severity, the default comparison is that all messages of
the specified severity and higher are logged. This is shown in the
model as ?default equals-or-higher?. This behavior can be altered if
the select-sev-compare feature is enabled to specify: ?equals? to
specify only this single severity; ?not-equals? to ignore that
severity; ?equals-or-higher? to specify all messages of the specified
severity and higher.
Optional features are used to specified functionality that is present Optional features are used to specified functionality that is present
in specific vendor configurations. in specific vendor configurations.
3.1. Syslog Module 3.1. Syslog Module
A simplified graphical representation of the complete data tree is A simplified graphical representation of the complete data tree is
presented here. presented here.
Each node is printed as: Each node is printed as:
skipping to change at page 5, line 51 skipping to change at page 6, line 24
<type> is the name of the type for leafs and leaf-lists <type> is the name of the type for leafs and leaf-lists
If the type is a leafref, the type is printed as "-> TARGET", where If the type is a leafref, the type is printed as "-> TARGET", where
TARGET is either the leafref path, with prefixed removed if possible. TARGET is either the leafref path, with prefixed removed if possible.
<if-features> is the list of features this node depends on, printed <if-features> is the list of features this node depends on, printed
within curly brackets and a question mark "{...}?" within curly brackets and a question mark "{...}?"
module: ietf-syslog module: ietf-syslog
+--rw syslog +--rw syslog!
+--rw actions +--rw actions
+--rw console! +--rw console!
| +--rw selector | +--rw selector
| +--rw (selector-facility) | +--rw (selector-facility)
| | +--:(facility) | | +--:(facility)
| | | +--rw no-facilities? empty | | | +--rw no-facilities? empty
| | +--:(name) | | +--:(name)
| | +--rw facility* [facility] | | +--rw facility-list* [facility]
| | +--rw facility union | | +--rw facility union
| | +--rw severity union | | +--rw severity union
| | +--rw compare-op? enumeration {select-sev-compare}? | | +--rw compare? enumeration {select-sev-compare}?
| +--rw pattern-match? string {select-match}? | +--rw pattern-match? string {select-match}?
+--rw buffer +--rw buffer {buffer-action}?
| +--rw selector | +--rw selector
| | +--rw (selector-facility) | | +--rw (selector-facility)
| | | +--:(facility) | | | +--:(facility)
| | | | +--rw no-facilities? empty | | | | +--rw no-facilities? empty
| | | +--:(name) | | | +--:(name)
| | | +--rw facility* [facility] | | | +--rw facility-list* [facility]
| | | +--rw facility union | | | +--rw facility union
| | | +--rw severity union | | | +--rw severity union
| | | +--rw compare-op? enumeration {select-sev-compare}? | | | +--rw compare? enumeration {select-sev-compare}?
| | +--rw pattern-match? string {select-match}? | | +--rw pattern-match? string {select-match}?
| +--rw structured-data? boolean {structured-data}? | +--rw structured-data? boolean {structured-data}?
| +--rw buffer-limit-bytes? uint64 {buffer-limit-bytes}? | +--rw buffer-limit-bytes? uint64 {buffer-limit-bytes}?
| +--rw buffer-limit-messages? uint64 {buffer-limit-messages}? | +--rw buffer-limit-messages? uint64 {buffer-limit-messages}?
+--rw file +--rw file
| +--rw log-file* [name] | +--rw log-file* [name]
| +--rw name inet:uri | +--rw name inet:uri
| +--rw selector | +--rw selector
| | +--rw (selector-facility) | | +--rw (selector-facility)
| | | +--:(facility) | | | +--:(facility)
| | | | +--rw no-facilities? empty | | | | +--rw no-facilities? empty
| | | +--:(name) | | | +--:(name)
| | | +--rw facility* [facility] | | | +--rw facility-list* [facility]
| | | +--rw facility union | | | +--rw facility union
| | | +--rw severity union | | | +--rw severity union
| | | +--rw compare-op? enumeration {select-sev-compare}? | | | +--rw compare? enumeration {select-sev-compare}?
| | +--rw pattern-match? string {select-match}? | | +--rw pattern-match? string {select-match}?
| +--rw structured-data? boolean {structured-data}? | +--rw structured-data? boolean {structured-data}?
| +--rw file-rotation | +--rw file-rotation
| +--rw number-of-files? uint32 {file-limit-size}? | +--rw number-of-files? uint32 {file-limit-size}?
| +--rw max-file-size? uint64 {file-limit-size}? | +--rw max-file-size? uint64 {file-limit-size}?
| +--rw rollover? uint32 {file-limit-duration}? | +--rw rollover? uint32 {file-limit-duration}?
| +--rw retention? uint16 {file-limit-duration}? | +--rw retention? uint16 {file-limit-duration}?
+--rw remote +--rw remote
| +--rw destination* [name] | +--rw destination* [name]
| +--rw name string | +--rw name string
| +--rw (transport) | +--rw (transport)
| | +--:(tcp) | | +--:(tcp)
| | | +--rw tcp | | | +--rw tcp
| | | +--rw address? inet:host | | | +--rw address? inet:host
| | | +--rw port? inet:port-number | | | +--rw port? inet:port-number
| | +--:(udp) | | +--:(udp)
| | | +--rw udp | | +--rw udp
| | | +--rw address? inet:host | | +--rw address? inet:host
| | | +--rw port? inet:port-number | | +--rw port? inet:port-number
| | +--:(tls)
| | +--rw tls
| +--rw selector | +--rw selector
| | +--rw (selector-facility) | | +--rw (selector-facility)
| | | +--:(facility) | | | +--:(facility)
| | | | +--rw no-facilities? empty | | | | +--rw no-facilities? empty
| | | +--:(name) | | | +--:(name)
| | | +--rw facility* [facility] | | | +--rw facility-list* [facility]
| | | +--rw facility union | | | +--rw facility union
| | | +--rw severity union | | | +--rw severity union
| | | +--rw compare-op? enumeration {select-sev-compare}? | | | +--rw compare? enumeration {select-sev-compare}?
| | +--rw pattern-match? string {select-match}? | | +--rw pattern-match? string {select-match}?
| +--rw structured-data? boolean {structured-data}? | +--rw structured-data? boolean {structured-data}?
| +--rw facility-override? identityref | +--rw facility-override? identityref
| +--rw source-interface? if:interface-ref | +--rw source-interface? if:interface-ref
| +--rw syslog-sign! {signed-messages}? | +--rw signing-options! {signed-messages}?
| +--rw cert-initial-repeat uint16 | +--rw cert-initial-repeat uint16
| +--rw cert-resend-delay uint16 | +--rw cert-resend-delay uint16
| +--rw cert-resend-count uint16 | +--rw cert-resend-count uint16
| +--rw sig-max-delay uint16 | +--rw max-delay uint16
| +--rw sig-number-resends uint16 | +--rw number-resends uint16
| +--rw sig-resend-delay uint16 | +--rw resend-delay uint16
| +--rw sig-resend-count uint16 | +--rw resend-count uint16
+--rw session +--rw session
+--rw all-users! +--rw all-users!
| +--rw selector | +--rw selector
| +--rw (selector-facility) | +--rw (selector-facility)
| | +--:(facility) | | +--:(facility)
| | | +--rw no-facilities? empty | | | +--rw no-facilities? empty
| | +--:(name) | | +--:(name)
| | +--rw facility* [facility] | | +--rw facility-list* [facility]
| | +--rw facility union | | +--rw facility union
| | +--rw severity union | | +--rw severity union
| | +--rw compare-op? enumeration {select-sev-compare}? | | +--rw compare? enumeration {select-sev-compare}?
| +--rw pattern-match? string {select-match}? | +--rw pattern-match? string {select-match}?
+--rw user* [name] +--rw user* [name]
+--rw name string +--rw name string
+--rw selector +--rw selector
+--rw (selector-facility) +--rw (selector-facility)
| +--:(facility) | +--:(facility)
| | +--rw no-facilities? empty | | +--rw no-facilities? empty
| +--:(name) | +--:(name)
| +--rw facility* [facility] | +--rw facility-list* [facility]
| +--rw facility union | +--rw facility union
| +--rw severity union | +--rw severity union
| +--rw compare-op? enumeration {select-sev-compare}? | +--rw compare? enumeration {select-sev-compare}?
+--rw pattern-match? string {select-match}? +--rw pattern-match? string {select-match}?
Figure 2. ietf-syslog Module Tree Figure 2. ietf-syslog Module Tree
4. Syslog YANG Modules 4. Syslog YANG Modules
4.1. The ietf-syslog-types Module 4.1. The ietf-syslog-types Module
This module references [RFC5424]. This module references [RFC5424].
skipping to change at page 9, line 20 skipping to change at page 9, line 39
'OPTIONAL' in the module text are to be interpreted as described 'OPTIONAL' in the module text are to be interpreted as described
in RFC 2119 (http://tools.ietf.org/html/rfc2119). in RFC 2119 (http://tools.ietf.org/html/rfc2119).
This version of this YANG module is part of RFC XXXX This version of this YANG module is part of RFC XXXX
(http://tools.ietf.org/html/rfcXXXX); see the RFC itself for (http://tools.ietf.org/html/rfcXXXX); see the RFC itself for
full legal notices."; full legal notices.";
reference reference
"RFC 5424: The Syslog Protocol"; "RFC 5424: The Syslog Protocol";
revision 2016-10-30 { revision 2016-11-13 {
description description
"Initial Revision"; "Initial Revision";
reference reference
"RFC XXXX: SYSLOG YANG Model"; "RFC XXXX: SYSLOG YANG Model";
} }
typedef severity { typedef severity {
type enumeration { type enumeration {
enum "emergency" { enum "emergency" {
value 0; value 0;
skipping to change at page 14, line 23 skipping to change at page 14, line 40
prefix syslog; prefix syslog;
import ietf-inet-types { import ietf-inet-types {
prefix inet; prefix inet;
} }
import ietf-interfaces { import ietf-interfaces {
prefix if; prefix if;
} }
//import ietf-tls-client {
// prefix tlsc;
//}
import ietf-syslog-types { import ietf-syslog-types {
prefix syslogtypes; prefix syslogtypes;
} }
organization "IETF NETMOD (NETCONF Data Modeling Language) organization "IETF NETMOD (NETCONF Data Modeling Language)
Working Group"; Working Group";
contact contact
"WG Web: <http://tools.ietf.org/wg/netmod/> "WG Web: <http://tools.ietf.org/wg/netmod/>
WG List: <mailto:netmod@ietf.org> WG List: <mailto:netmod@ietf.org>
skipping to change at page 15, line 24 skipping to change at page 15, line 38
NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'MAY', and NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'MAY', and
'OPTIONAL' in the module text are to be interpreted as described 'OPTIONAL' in the module text are to be interpreted as described
in RFC 2119 (http://tools.ietf.org/html/rfc2119). in RFC 2119 (http://tools.ietf.org/html/rfc2119).
This version of this YANG module is part of RFC XXXX This version of this YANG module is part of RFC XXXX
(http://tools.ietf.org/html/rfcXXXX); see the RFC itself for (http://tools.ietf.org/html/rfcXXXX); see the RFC itself for
full legal notices."; full legal notices.";
reference reference
"RFC 5424: The Syslog Protocol "RFC 5424: The Syslog Protocol
RFC 5425: Transport Layer Security (TLS) Transport Mapping for Syslog
RFC 5426: Transmission of Syslog Messages over UDP RFC 5426: Transmission of Syslog Messages over UDP
RFC 6587: Transmission of Syslog Messages over TCP RFC 6587: Transmission of Syslog Messages over TCP
RFC 5848: Signed Syslog Messages"; RFC 5848: Signed Syslog Messages";
revision 2016-10-30 { revision 2016-11-13 {
description description
"Initial Revision"; "Initial Revision";
reference reference
"RFC XXXX: Syslog YANG Model"; "RFC XXXX: Syslog YANG Model";
} }
feature buffer-action {
description
"This feature indicates that the local memory logging buffer
action is supported.";
}
feature buffer-limit-bytes { feature buffer-limit-bytes {
description description
"This feature indicates that local memory logging buffers "This feature indicates that the local memory logging buffer
are limited in size using a limit expressed in bytes."; is limited in size using a limit expressed in bytes.";
} }
feature buffer-limit-messages { feature buffer-limit-messages {
description description
"This feature indicates that local memory logging buffers "This feature indicates that the local memory logging buffer
are limited in size using a limit expressed in number is limited in size using a limit expressed in number of log
of log messages."; messages.";
} }
feature file-limit-size { feature file-limit-size {
description description
"This feature indicates that file logging resources "This feature indicates that file logging resources
are managed using size and number limits."; are managed using size and number limits.";
} }
feature file-limit-duration { feature file-limit-duration {
description description
skipping to change at page 16, line 46 skipping to change at page 17, line 16
} }
grouping log-severity { grouping log-severity {
description description
"This grouping defines the severity value that is used to "This grouping defines the severity value that is used to
select log messages."; select log messages.";
leaf severity { leaf severity {
type union { type union {
type syslogtypes:severity; type syslogtypes:severity;
type enumeration { type enumeration {
enum all {
value -1;
description
"This enum describes the case where all severities
are selected.";
}
enum none { enum none {
value -2; value -2;
description description
"This enum describes the case where no severities "This enum describes the case where no severities
are selected."; are selected.";
} }
enum all {
value -1;
description
"This enum describes the case where all severities
are selected.";
}
} }
} }
mandatory true; mandatory true;
description description
"This leaf specifies the syslog message severity. When "This leaf specifies the syslog message severity. When
severity is specified, the default severity comparison severity is specified, the default severity comparison
is all messages of the specified severity and greater are is all messages of the specified severity and greater are
selected. 'all' is a special case which means all severities selected. 'all' is a special case which means all severities
are selected. 'none' is a special case which means that are selected. 'none' is a special case which means that
no selection should occur or disable this filter."; no selection should occur or disable this filter.";
} }
leaf compare-op { leaf compare {
when '../severity != "all" and when '../severity != "all" and
../severity != "none"' { ../severity != "none"' {
description description
"The compare-op is not applicable for severity 'all' or "The compare leaf is not applicable for severity 'all' or
severity 'none'"; severity 'none'";
} }
if-feature select-sev-compare; if-feature select-sev-compare;
type enumeration { type enumeration {
enum equals-or-higher { enum equals-or-higher {
description description
"This enum specifies all messages of the specified "This enum specifies all messages of the specified
severity and higher are logged according to the severity and higher are logged according to the
given log-action"; given log-action";
} }
skipping to change at page 18, line 11 skipping to change at page 18, line 29
default equals-or-higher; default equals-or-higher;
description description
"This leaf describes the option to specify how the "This leaf describes the option to specify how the
severity comparison is performed."; severity comparison is performed.";
} }
} }
grouping selector { grouping selector {
description description
"This grouping defines a syslog selector which is used to "This grouping defines a syslog selector which is used to
select log messages for the log-action (buffer, file, select log messages for the log-action (console, file,
etc). Choose one of the following: remote, etc). Choose one of the following:
no-facility no-facility
facility [<facility> <severity>...]"; facility [<facility> <severity>...]";
container selector { container selector {
description description
"This container describes the log selector parameters "This container describes the log selector parameters
for syslog."; for syslog.";
choice selector-facility { choice selector-facility {
mandatory true; mandatory true;
description description
"This choice describes the option to specify no "This choice describes the option to specify no
skipping to change at page 18, line 42 skipping to change at page 19, line 12
type empty; type empty;
description description
"This leaf specifies that no facilities are selected "This leaf specifies that no facilities are selected
for this log-action."; for this log-action.";
} }
} }
case name { case name {
description description
"This case specifies one or more specified facilities "This case specifies one or more specified facilities
will match when comparing the syslog message facility."; will match when comparing the syslog message facility.";
list facility { list facility-list {
key facility; key facility;
description description
"This list describes a collection of syslog "This list describes a collection of syslog
facilities and severities."; facilities and severities.";
leaf facility { leaf facility {
type union { type union {
type identityref { type identityref {
base syslogtypes:syslog-facility; base syslogtypes:syslog-facility;
} }
type enumeration { type enumeration {
skipping to change at page 19, line 41 skipping to change at page 20, line 11
grouping structured-data { grouping structured-data {
description description
"This grouping defines the syslog structured data option "This grouping defines the syslog structured data option
which is used to select the format used to write log which is used to select the format used to write log
messages."; messages.";
leaf structured-data { leaf structured-data {
if-feature structured-data; if-feature structured-data;
type boolean; type boolean;
default false; default false;
description description
"This leaf describes how log messages are written to "This leaf describes how log messages are written.
the log file. If true, messages will be written If true, messages will be written with one or more
with one or more STRUCTURED-DATA elements as per STRUCTURED-DATA elements as per RFC5424; if false,
RFC5424; if false, messages will be written with messages will be written with STRUCTURED-DATA =
STRUCTURED-DATA = NILVALUE."; NILVALUE.";
} }
} }
container syslog { container syslog {
presence "Enables logging.";
description description
"This container describes the configuration parameters for "This container describes the configuration parameters for
syslog."; syslog.";
container actions { container actions {
description description
"This container describes the log-action parameters "This container describes the log-action parameters
for syslog."; for syslog.";
container console { container console {
presence "Enables logging console configuration"; presence "Enables logging console configuration";
description description
"This container describes the configuration parameters for "This container describes the configuration parameters for
console logging."; console logging.";
uses selector; uses selector;
} }
container buffer { container buffer {
if-feature buffer-action;
description description
"This container describes the configuration parameters for "This container describes the configuration parameters for
local memory buffer logging. The buffer is circular in local memory buffer logging. The buffer is circular in
nature, so newer messages overwrite older messages after nature, so newer messages overwrite older messages after
the buffer is filled. The method used to read syslog messages the buffer is filled. The method used to read syslog messages
from the buffer is supplied by the local implementation."; from the buffer is supplied by the local implementation.";
uses selector; uses selector;
uses structured-data; uses structured-data;
leaf buffer-limit-bytes { leaf buffer-limit-bytes {
if-feature buffer-limit-bytes; if-feature buffer-limit-bytes;
skipping to change at page 23, line 30 skipping to change at page 23, line 49
} }
leaf port { leaf port {
type inet:port-number; type inet:port-number;
default 514; default 514;
description description
"This leaf specifies the port number used to "This leaf specifies the port number used to
deliver messages to the remote server."; deliver messages to the remote server.";
} }
} }
} }
case tls {
container tls {
description
"This container describes the TLS transport options.";
reference
"RFC 5425: Transport Layer Security (TLS) Transport
Mapping for Syslog ";
// uses tlsc:initiating-tls-client-grouping {
// refine port {
// default 6514;
// description
// "TCP port 6514 has been allocated as the default
// port for syslog over TLS.";
// }
// }
}
}
} }
uses selector; uses selector;
uses structured-data; uses structured-data;
leaf facility-override { leaf facility-override {
type identityref { type identityref {
base syslogtypes:syslog-facility; base syslogtypes:syslog-facility;
} }
description description
"If specified, this leaf specifies the facility used "If specified, this leaf specifies the facility used
to override the facility in messages delivered to the to override the facility in messages delivered to the
remote server."; remote server.";
} }
leaf source-interface { leaf source-interface {
type if:interface-ref; type if:interface-ref;
description description
"This leaf sets the source interface to be used to send "This leaf sets the source interface to be used to send
skipping to change at page 24, line 20 skipping to change at page 24, line 22
} }
leaf source-interface { leaf source-interface {
type if:interface-ref; type if:interface-ref;
description description
"This leaf sets the source interface to be used to send "This leaf sets the source interface to be used to send
message to the remote syslog server. If not set, message to the remote syslog server. If not set,
messages sent to a remote syslog server will messages sent to a remote syslog server will
contain the IP address of the interface the syslog contain the IP address of the interface the syslog
message uses to exit the network element"; message uses to exit the network element";
} }
container syslog-sign { container signing-options {
if-feature signed-messages; if-feature signed-messages;
presence presence
"If present, syslog-sign is activated."; "If present, syslog-signing options is activated.";
description description
"This container describes the configuration "This container describes the configuration
parameters for signed syslog messages as described parameters for signed syslog messages as described
by RFC 5848."; by RFC 5848.";
reference reference
"RFC 5848: Signed Syslog Messages"; "RFC 5848: Signed Syslog Messages";
leaf cert-initial-repeat { leaf cert-initial-repeat {
type uint16; type uint16;
mandatory true; mandatory true;
description description
skipping to change at page 25, line 4 skipping to change at page 25, line 7
"This leaf specifies the maximum time delay in "This leaf specifies the maximum time delay in
seconds until resending the Certificate Block."; seconds until resending the Certificate Block.";
} }
leaf cert-resend-count { leaf cert-resend-count {
type uint16; type uint16;
mandatory true; mandatory true;
description description
"This leaf specifies the maximum number of other "This leaf specifies the maximum number of other
syslog messages to send until resending the syslog messages to send until resending the
Certificate Block."; Certificate Block.";
} }
leaf sig-max-delay { leaf max-delay {
type uint16; type uint16;
units "seconds"; units "seconds";
mandatory true; mandatory true;
description description
"This leaf specifies when to generate a new "This leaf specifies when to generate a new
Signature Block. If this many seconds have Signature Block. If this many seconds have
elapsed since the message with the first message elapsed since the message with the first message
number of the Signature Block was sent, a new number of the Signature Block was sent, a new
Signature Block should be generated."; Signature Block should be generated.";
} }
leaf sig-number-resends { leaf number-resends {
type uint16; type uint16;
mandatory true; mandatory true;
description description
"This leaf specifies the number of times a "This leaf specifies the number of times a
Signature Block is resent. (It is recommended to Signature Block is resent. (It is recommended to
select a value of greater than 0 in particular select a value of greater than 0 in particular
when the UDP transport [RFC5426] is used.)."; when the UDP transport [RFC5426] is used.).";
} }
leaf sig-resend-delay { leaf resend-delay {
type uint16; type uint16;
units "seconds"; units "seconds";
mandatory true; mandatory true;
description description
"This leaf specifies when to send the next "This leaf specifies when to send the next
Signature Block transmission based on time. If Signature Block transmission based on time. If
this many seconds have elapsed since the previous this many seconds have elapsed since the previous
sending of this Signature Block, resend it."; sending of this Signature Block, resend it.";
} }
leaf sig-resend-count { leaf resend-count {
type uint16; type uint16;
mandatory true; mandatory true;
description description
"This leaf specifies when to send the next "This leaf specifies when to send the next
Signature Block transmission based on a count. Signature Block transmission based on a count.
If this many other syslog messages have been sent If this many other syslog messages have been sent
since the previous sending of this Signature since the previous sending of this Signature
Block, resend it."; Block, resend it.";
} }
} }
skipping to change at page 27, line 14 skipping to change at page 27, line 14
Requirement: Requirement:
Enable console logging of syslogs of severity critical Enable console logging of syslogs of severity critical
Here is the example syslog configuration xml: Here is the example syslog configuration xml:
<config xmlns:xc="urn:ietf:params:xml:ns:netconf:base:1.0"> <config xmlns:xc="urn:ietf:params:xml:ns:netconf:base:1.0">
<syslog xmlns="urn:ietf:params:xml:ns:yang:ietf-syslog" <syslog xmlns="urn:ietf:params:xml:ns:yang:ietf-syslog"
xmlns:syslog="urn:ietf:params:xml:ns:yang:ietf-syslog"> xmlns:syslog="urn:ietf:params:xml:ns:yang:ietf-syslog">
<actions> <actions>
<console> <console>
<selector> <selector>
<facility> <facility-list>
<facility>all</facility> <facility>all</facility>
<severity>critical</severity> <severity>critical</severity>
</facility> </facility>
</selector> </selector>
</console> </console>
</actions> </actions>
</syslog> </syslog>
</config> </config>
Enable remote logging of syslogs to udp destination 2001:db8:a0b:12f0::1 Enable remote logging of syslogs to udp destination 2001:db8:a0b:12f0::1
skipping to change at page 27, line 38 skipping to change at page 27, line 38
<syslog xmlns="urn:ietf:params:xml:ns:yang:ietf-syslog" <syslog xmlns="urn:ietf:params:xml:ns:yang:ietf-syslog"
xmlns:syslog="urn:ietf:params:xml:ns:yang:ietf-syslog"> xmlns:syslog="urn:ietf:params:xml:ns:yang:ietf-syslog">
<actions> <actions>
<remote> <remote>
<destination> <destination>
<name>remote1</name> <name>remote1</name>
<udp> <udp>
<address>2001:db8:a0b:12f0::1</address> <address>2001:db8:a0b:12f0::1</address>
</udp> </udp>
<selector> <selector>
<facility> <facility-list>
<facility xmlns:syslogtypes= <facility xmlns:syslogtypes=
"urn:ietf:params:xml:ns:yang:ietf-syslog-types"> "urn:ietf:params:xml:ns:yang:ietf-syslog-types">
syslogtypes:auth</facility> syslogtypes:auth</facility>
<severity>error</severity> <severity>error</severity>
<facility> <facility>
<selector> <selector>
</destination> </destination>
</remote> </remote>
</actions> </actions>
</syslog> </syslog>
skipping to change at page 28, line 22 skipping to change at page 28, line 22
Jeffrey Haas Jeffrey Haas
John Heasley John Heasley
Giles Heron Giles Heron
Lisa Huang Lisa Huang
Mahesh Jethanandani Mahesh Jethanandani
Jeffrey K Lange Jeffrey K Lange
Jan Lindblad Jan Lindblad
Chris Lonvick Chris Lonvick
Tom Petch Tom Petch
Juergen Schoenwaelder Juergen Schoenwaelder
Phil Shafer
Jason Sterne Jason Sterne
Peter Van Horne Peter Van Horne
Bert Wijnen Bert Wijnen
Aleksandr Zhdankin Aleksandr Zhdankin
7. IANA Considerations 7. IANA Considerations
This document registers two URIs in the IETF XML registry [RFC3688]. This document registers two URIs in the IETF XML registry [RFC3688].
Following the format in RFC 3688, the following registration is Following the format in RFC 3688, the following registration is
skipping to change at page 30, line 23 skipping to change at page 30, line 23
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<http://www.rfc-editor.org/info/rfc2119>. <http://www.rfc-editor.org/info/rfc2119>.
[RFC5424] Gerhards, R., "The Syslog Protocol", RFC 5424, [RFC5424] Gerhards, R., "The Syslog Protocol", RFC 5424,
DOI 10.17487/RFC5424, March 2009, DOI 10.17487/RFC5424, March 2009,
<http://www.rfc-editor.org/info/rfc5424>. <http://www.rfc-editor.org/info/rfc5424>.
[RFC5425] Miao, F., Ed., Ma, Y., Ed., and J. Salowey, Ed.,
"Transport Layer Security (TLS) Transport Mapping for
Syslog", RFC 5425, DOI 10.17487/RFC5425, March 2009,
<http://www.rfc-editor.org/info/rfc5425>.
[RFC5426] Okmianski, A., "Transmission of Syslog Messages over UDP", [RFC5426] Okmianski, A., "Transmission of Syslog Messages over UDP",
RFC 5426, DOI 10.17487/RFC5426, March 2009, RFC 5426, DOI 10.17487/RFC5426, March 2009,
<http://www.rfc-editor.org/info/rfc5426>. <http://www.rfc-editor.org/info/rfc5426>.
[RFC5848] Kelsey, J., Callas, J., and A. Clemm, "Signed Syslog [RFC5848] Kelsey, J., Callas, J., and A. Clemm, "Signed Syslog
Messages", RFC 5848, DOI 10.17487/RFC5848, May 2010, Messages", RFC 5848, DOI 10.17487/RFC5848, May 2010,
<http://www.rfc-editor.org/info/rfc5848>. <http://www.rfc-editor.org/info/rfc5848>.
[RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for
the Network Configuration Protocol (NETCONF)", RFC 6020, the Network Configuration Protocol (NETCONF)", RFC 6020,
skipping to change at page 32, line 24 skipping to change at page 32, line 24
contact contact
"Example, Inc. "Example, Inc.
Customer Service Customer Service
E-mail: syslog-yang@example.com"; E-mail: syslog-yang@example.com";
description description
"This module contains a collection of vendor-specific YANG type "This module contains a collection of vendor-specific YANG type
definitions for SYSLOG."; definitions for SYSLOG.";
revision 2016-03-20 { revision 2016-11-13 {
description description
"Version 1.0"; "Version 1.0";
reference reference
"Vendor SYSLOG Types: SYSLOG YANG Model"; "Vendor SYSLOG Types: SYSLOG YANG Model";
} }
identity vendor_specific_type_1 { identity vendor_specific_type_1 {
base syslogtypes:syslog-facility; base syslogtypes:syslog-facility;
} }
 End of changes. 47 change blocks. 
103 lines changed or deleted 102 lines changed or added

This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/