-- extracted from draft-ietf-snmpconf-pm-05.txt -- at Thu Mar 8 06:04:43 2001 POLICY-MANAGEMENT-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, Counter32, Integer32, Gauge32, Unsigned32, experimental FROM SNMPv2-SMI RowStatus, RowPointer, TEXTUAL-CONVENTION, DateAndTime, StorageType, TDomain, TAddress FROM SNMPv2-TC MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP FROM SNMPv2-CONF SnmpAdminString FROM SNMP-FRAMEWORK-MIB; -- Policy-Based Management MIB policyMgt MODULE-IDENTITY LAST-UPDATED "200103011500Z" -- March 1, 2001 ORGANIZATION "IETF SNMP Configuration Working Group" CONTACT-INFO " Steve Waldbusser Phone: +1-650-948-6500 Fax: +1-650-745-0671 Email: waldbusser@nextbeacon.com Jon Saperia JDS Consulting, Inc. 174 Chapman St. Watertown MA 02472-3063 USA Phone: +1-617-744-1079 Fax: +1-617-249-0874 Email: saperia@jdscons.com Thippanna Hongal Riverstone Networks, Inc. 5200 Great America Parkway Santa Clara, CA, 95054 USA Phone: +1-408-878-6562 Fax: +1-408-878-6501 Email: hongal@riverstonenet.com" DESCRIPTION "The MIB module for rule-based configuration of SNMP infrastructures." REVISION "200103011500Z" -- March 1, 2001 DESCRIPTION "The original version of this MIB, published as RFCXXXX." ::= { experimental 107 } UTF8String ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "An octet string containing information typically in human-readable form. To facilitate internationalization, this information is represented using the ISO/IEC IS 10646-1 character set, encoded as an octet string using the UTF-8 transformation format described in [RFC2279]. Since additional code points are added by amendments to the 10646 standard from time to time, implementations must be prepared to encounter any code point from 0x00000000 to 0x7fffffff. Byte sequences that do not correspond to the valid UTF-8 encoding of a code point or are outside this range are prohibited. The use of control codes should be avoided. When it is necessary to represent a newline, the control code sequence CR LF should be used. For code points not directly supported by user interface hardware or software, an alternative means of entry and display, such as hexadecimal, may be provided. For information encoded in 7-bit US-ASCII, the UTF-8 encoding is identical to the US-ASCII encoding. UTF-8 may require multiple bytes to represent a single character / code point; thus the length of this object in octets may be different from the number of characters encoded. Similarly, size constraints refer to the number of encoded octets, not the number of characters represented by an encoding. Note that when this TC is used for an object that is used or envisioned to be used as an index, then a SIZE restriction MUST be specified so that the number of sub-identifiers for any object instance does not exceed the limit of 128, as defined by [RFC1905]. Note that the size of an UTF8String object is measured in octets, not characters." SYNTAX OCTET STRING -- The policy group pmPolicyTable OBJECT-TYPE SYNTAX SEQUENCE OF PmPolicyEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The policy table. A policy is a pairing of a policyFilter and a policyAction which is used to apply the action to a selected set of elements." ::= { policyMgt 1 } pmPolicyEntry OBJECT-TYPE SYNTAX PmPolicyEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry in the policy table." INDEX { pmPolicyIndex } ::= { pmPolicyTable 1 } PmPolicyEntry ::= SEQUENCE { pmPolicyIndex Unsigned32, pmPolicyGroup UTF8String, pmPolicyPrecedence Unsigned32, pmPolicySchedule Unsigned32, pmPolicyFilter Unsigned32, pmPolicyAction Unsigned32, pmPolicyParameters OCTET STRING, pmPolicyFilterMaxLatency Unsigned32, pmPolicyActionMaxLatency Unsigned32, pmPolicyMaxIterations Unsigned32, pmPolicyDescription UTF8String, pmPolicyMatches Gauge32, pmPolicyAbnormalTerminations Gauge32, pmPolicyExecutionErrors Counter32, pmPolicyDebugging INTEGER, pmPolicyAdminStatus INTEGER, pmPolicyStorageType StorageType, pmPolicyRowStatus RowStatus } pmPolicyIndex OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS not-accessible STATUS current DESCRIPTION "A unique index for this policy entry." ::= { pmPolicyEntry 1 } pmPolicyGroup OBJECT-TYPE SYNTAX UTF8String (SIZE (0..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "An administratively assigned string that is used to group policies. Of all policies in the same group, only one will have its policyAction active on an element at any instance." ::= { pmPolicyEntry 2 } pmPolicyPrecedence OBJECT-TYPE SYNTAX Unsigned32 (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "If while checking to see which policy filters match an element, 2 or more policies in the same group match the same element, the pmPolicyPrecedence object provides the rule to arbitrate which single policy action will be executed on this element. Of policies in the same group, only the matching policy with the highest precedence value will have its policy action periodically executed on this element. In the case where multiple policies share the highest value, it is an implementation-dependent matter as to which single policy action will be chosen." ::= { pmPolicyEntry 3 } pmPolicySchedule OBJECT-TYPE SYNTAX Unsigned32 (1..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "If this entry contains a valid pmSchedGroupIndex value, this policy will be activated as specified by the associated schedule entries. Whenever any schedule in the group is active, this policy will be active. If the value of this object is 0, this policy is always active." ::= { pmPolicyEntry 4 } pmPolicyFilter OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "A pointer to the row or rows in the pmPolicyCodeTable that contain the filter code for this policy. When a policy entry is created, an unused pmPolicyCodeIndex value will be assigned to this object. A policy filter is one or more PolicyScript statements which results in a boolean value that represents whether or not an element is a member of a set of elements upon which an action is to be performed. Filter evaluation stops immediately when any run-time exception is detected and the policyAction is not executed. The policyFilter is evaluated for various elements. Any element for which the policyFilter returns any nonzero value will match the filter and will have the associated policyAction executed on that element. If the filter object is empty (contains no code) or otherwise does not return a value, the element will not be matched. When executing this filter, if SNMP requests are made to the local system, access to objects is under the security credentials of the the requester who modified the most recently modified pmPolicyCodeEntry associated with either the pmPolicyFilter value or pmPolicyAction value. In other words, modification of any part of a policy's filter or action will change the credentials stored for the policy. These credentials are the input parameters for isAccessAllowed from the Architecture for Describing SNMP Management Frameworks[1]." ::= { pmPolicyEntry 5 } pmPolicyAction OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "A pointer to the row or rows in the pmPolicyCodeTable that contain the action code for this policy. When a policy entry is created, an unused pmPolicyCodeIndex value will be assigned to this object. A pmPolicyAction is an operation performed on a set of elements. Action evaluation stops immediately when any run-time exception is detected. When executing this action, if SNMP requests are made to the local system, access to objects is under the security credentials of the the requester who modified the most recently modified pmPolicyCodeEntry associated with either the pmPolicyFilter value or pmPolicyAction value. In other words, modification of any part of a policy's filter or action will change the credentials stored for the policy. These credentials are the input parameters for isAccessAllowed from the Architecture for Describing SNMP Management Frameworks[1]." ::= { pmPolicyEntry 6 } pmPolicyParameters OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-create STATUS current DESCRIPTION "From time to time, policy scripts may desire one or more parameters (e.g., site-specific constants). These parameters may be installed with the script in this object and are accessible to the script via the getParameters() accessor function. If it is necessary for multiple parameters to be passed to the script, the script can choose whatever encoding/deliminiting mechanism is most appropriate." ::= { pmPolicyEntry 7 } pmPolicyFilterMaxLatency OBJECT-TYPE SYNTAX Unsigned32 UNITS "milliseconds" MAX-ACCESS read-create STATUS current DESCRIPTION "Every element under the control of this agent is re-checked periodically to see if it is under control of this policy by re-running the filter for this policy. This object lets the manager control the maximum amount of time that may pass before an element is re-checked. In other words, in any given interval of this duration, all elements must be re-checked. Note that it is an implementation-dependent matter as to how the policy agent schedules the checking of various elements within this interval." ::= { pmPolicyEntry 8 } pmPolicyActionMaxLatency OBJECT-TYPE SYNTAX Unsigned32 UNITS "milliseconds" MAX-ACCESS read-create STATUS current DESCRIPTION "Every element that matches this policy's filter and is therefore under control of this policy will have this policy's action executed periodically to ensure that the element remains in the state dictated by the policy. This object lets the manager control the maximum amount of time that may pass before an element has the action run on it. In other words, in any given interval of this duration, all elements under control of this policy must have the action run on them. Note that it is an implementation-dependent matter as to how the policy agent schedules the policy action on various elements within this interval." ::= { pmPolicyEntry 9 } pmPolicyMaxIterations OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-create STATUS current DESCRIPTION "If a filter or action script iterates in loops too many time in one invocation, it may be considered by the execution environment to be in an infinite loop or otherwise not acting as intended and may be terminated by the execution environment. The execution environment will count the cumulative number of times all 'for' or 'while' loops iterated and will apply a threshold to determine when to terminate the script. It is an implementation-dependent manner as to what threshold the execution environment uses, but the value of this object SHOULD be the basis for choosing the threshold for each script. The value of this object represents a policy-specific threshold and can be tuned for policies of varying workloads. If this value is zero, no threshold will be enforced except for any implementation-dependent maximum. Note that the filter and action invocations are tracked separately." ::= { pmPolicyEntry 10 } pmPolicyDescription OBJECT-TYPE SYNTAX UTF8String MAX-ACCESS read-create STATUS current DESCRIPTION "A description of this rule and its significance, typically provided by a human." ::= { pmPolicyEntry 11 } pmPolicyMatches OBJECT-TYPE SYNTAX Gauge32 UNITS "elements" MAX-ACCESS read-only STATUS current DESCRIPTION "The number of elements that, in their most recent execution of the associated filter, were matched by the filter." ::= { pmPolicyEntry 12 } pmPolicyAbnormalTerminations OBJECT-TYPE SYNTAX Gauge32 UNITS "elements" MAX-ACCESS read-only STATUS current DESCRIPTION "The number of elements that, in their most recent execution of the associated filter or action, have experienced a run-time exception and terminated abnormally. Note that if a policy was experiencing a run-time exception while processing a particular element but on a subsequent invocation it runs normally, this number can decline." ::= { pmPolicyEntry 13 } pmPolicyExecutionErrors OBJECT-TYPE SYNTAX Counter32 UNITS "errors" MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of times that execution of this policy's filter or action has been terminated due to run-time exceptions." ::= { pmPolicyEntry 14 } pmPolicyDebugging OBJECT-TYPE SYNTAX INTEGER { off(0), on(1) } MAX-ACCESS read-create STATUS current DESCRIPTION "The status of debugging for this policy. If this is turned on(1), log entries will be created in the pmDebuggingTable for each run-time exception that is experienced by this policy." DEFVAL { off } ::= { pmPolicyEntry 15 } pmPolicyAdminStatus OBJECT-TYPE SYNTAX INTEGER { inactive(0), active(1), activeAutoRemove(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "The admin status of this policy. The policy will be runnable only if the associated pmPolicyRowStatus is set to active(1) or activeAutoRemove(2) and this object is set to active(1). If this object is set to activeAutoRemove(2), the next time the associated schedule moves from the active state to the inactive state, this policy will immediately be deleted, including any associated entries in the pmPolicyCodeTable. [Note to reader: This object exists because a row cannot sit for extended periods of time with it's rowstatus set to inactive (it is subject to garbage collection. This object allows policies to be downloaded but not run except at the convenience of the management station.]" ::= { pmPolicyEntry 16 } pmPolicyStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-create STATUS current DESCRIPTION "This object defines whether this policy and any associated entries in the pmPolicyCodeTable are kept in volatile storage and lost upon reboot or if this row is backed up by non-volatile or permanent storage." ::= { pmPolicyEntry 17 } pmPolicyRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The row status of this pmPolicyEntry. The status may not be set to active if any of the related entries in the pmPolicyCode table do not have a status of active and if any of the objects in this row are not set to valid values. If this row is deleted, any associated entries in the pmPolicyCodeTable will be deleted as well." ::= { pmPolicyEntry 18 } -- Policy Code Table pmPolicyCodeTable OBJECT-TYPE SYNTAX SEQUENCE OF PmPolicyCodeEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The pmPolicyCodeTable stores the code for policy filters and actions." ::= { policyMgt 2 } pmPolicyCodeEntry OBJECT-TYPE SYNTAX PmPolicyCodeEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry in the policy code table." INDEX { pmPolicyCodeProgramIndex, pmPolicyCodeSegment } ::= { pmPolicyCodeTable 1 } PmPolicyCodeEntry ::= SEQUENCE { pmPolicyCodeProgramIndex Unsigned32, pmPolicyCodeSegment Unsigned32, pmPolicyCodeText UTF8String, pmPolicyCodeStatus RowStatus } pmPolicyCodeProgramIndex OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS not-accessible STATUS current DESCRIPTION "A unique index for each policy filter or action. The code for each such filter or action may be composed of multiple entries in this table if the code cannot fit in one entry. Values of pmPolicyCodeProgramIndex may not be used unless they have previously been assigned in the pmPolicyFilterProgramIndex or pmPolicyActionProgramIndex objects." ::= { pmPolicyCodeEntry 1 } pmPolicyCodeSegment OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS not-accessible STATUS current DESCRIPTION "A unique index for each segment of a policy filter or action. When a policy filter or action spans multiple entries in this table, the code of that policy starts from the lowest-numbered segment and continues with increasing segment values until ending with the highest-numbered segment." ::= { pmPolicyCodeEntry 2 } pmPolicyCodeText OBJECT-TYPE SYNTAX UTF8String (SIZE (1..1024)) MAX-ACCESS read-create STATUS current DESCRIPTION "A segment of policy code (filter or action). Lengthy Policy filters or actions may be stored in multiple segments in this table that share the same value of pmPolicyCodeProgramIndex. When multiple segments are used, it is recommended that each segment be as large as practical. Entries in this table are associated with policies by values of the pmPolicyFilterProgramIndex and pmPolicyActionProgramIndex objects. If the status of the related policy is active, then this object may not be modified." ::= { pmPolicyCodeEntry 3 } pmPolicyCodeStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this code entry. Entries in this table are associated with policies by values of the pmPolicyFilterProgramIndex and pmPolicyActionProgramIndex objects. If the status of the related policy is active, then entries in this table may not be created or deleted." ::= { pmPolicyCodeEntry 4 } -- Element Type Registration Table -- The Element Type Registration table is used for the manager to -- learn what element types are being managed by the system and to -- register new types if necessary. An element type is registered by -- providing the OID of an SNMP object (i.e., without the -- instance). Each SNMP instance that exists under that object is a -- distinct element. The address of the element is the index part of -- the discovered OID. This address will be supplied to policy filters -- and actions so that this code can inspect and configure the -- element. pmElementTypeRegTable OBJECT-TYPE SYNTAX SEQUENCE OF PmElementTypeRegEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A registration table for element types managed by this system. Before registering an element type, it is the responsibility of a manager to inspect the table and see if it is already registered (by the agent or another manager). Note that entries that differ only in the last OID (which specifies which object in an entry) are effectively duplicates and should be treated as such by the manager. Note that agents may automatically configure elements in this table for frequently used element types (interfaces, circuits, etc.). In particular, it may configure elements for whom discovery is optimized in one or both of the following ways: 1. The agent may discover elements by scanning internal data structures as opposed to issuing local SNMP requests. It is possible to recreate the exact semantics described in this table even if local SNMP requests are not issued. 2. The agent may receive asynchronous notification of new elements (for example, 'card inserted') and use that information to instantly create elements rather than through polling. A similar feature might be available for the deletion of elements." ::= { policyMgt 3 } pmElementTypeRegEntry OBJECT-TYPE SYNTAX PmElementTypeRegEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A registration of an element type." INDEX { pmElementTypeRegIndex } ::= { pmElementTypeRegTable 1 } PmElementTypeRegEntry ::= SEQUENCE { pmElementTypeRegIndex Unsigned32, pmElementTypeRegOIDPrefix OBJECT IDENTIFIER, pmElementTypeRegMaxLatency Unsigned32, pmElementTypeRegName UTF8String, pmElementTypeRegStorageType StorageType, pmElementTypeRegRowStatus RowStatus } pmElementTypeRegIndex OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS not-accessible STATUS current DESCRIPTION "A unique index for this entry." ::= { pmElementTypeRegEntry 1 } pmElementTypeRegOIDPrefix OBJECT-TYPE SYNTAX OBJECT IDENTIFIER MAX-ACCESS read-create STATUS current DESCRIPTION "An OBJECT IDENTIFIER subtree under which all instances of this element type may be found. This OBJECT IDENTIFIER should be specified up to, but not including, any index objects. The agent will discover all instances in the system that are members of the specified subtree. Each instance in this subtree becomes a distinct element. The agent will then execute policy filters (and potentially policy actions) for each instance discovered. The index of each discovered instance becomes the address of the associated element. For each element, the address of 'this element' will be passed to each invocation of the policy filter. This is derived by taking the last N sub-identifiers from the discovered instance, where N is: X = number of sub-identifiers in pmElementTypeRegOIDPrefix Y = number of sub-identifiers in discovered instance N = Y - X A special OBJECT IDENTIFIER '0.0' can be written to this object. '0.0' represents the single instance of the system itself and provides an execution context for policies to operate on 'the system' as well as on MIB objects modelled as scalars. For example, '0.0' gives an execution context for policy-based selection of the operating system code version (likely modeled as a scalar MIB object). When a policy is invoked on behalf of a '0.0' entry in this table, the element name will be '0.0' and there is no address of 'this element' (in other words it has zero length)." ::= { pmElementTypeRegEntry 2 } pmElementTypeRegMaxLatency OBJECT-TYPE SYNTAX Unsigned32 UNITS "milliseconds" MAX-ACCESS read-create STATUS current DESCRIPTION "The PM agent is responsible for discovering new elements of types that are registered. This object lets the manager control the maximum amount of time that may pass between the time an element is created and when it is discovered. In other words, in any given interval of this duration, all new elements must be discovered. Note that it is an implementation-dependent matter as to how the policy agent schedules the checking of various elements within this interval." ::= { pmElementTypeRegEntry 3 } pmElementTypeRegName OBJECT-TYPE SYNTAX UTF8String (SIZE (0..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "A descriptive label for this registered type." ::= { pmElementTypeRegEntry 4 } pmElementTypeRegStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-create STATUS current DESCRIPTION "This object defines whether this row is kept in volatile storage and lost upon reboot or if this row is backed up by non-volatile or permanent storage." ::= { pmElementTypeRegEntry 5 } pmElementTypeRegRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this registration entry." ::= { pmElementTypeRegEntry 6 } -- Role Table -- The pmRoleTable is a read-create table that organizes role -- strings sorted by element. This table is used to create and modify -- role strings and their associations as well as to allow a -- management station to learn about the existence of roles and their -- associations. -- -- It is the responsibility of the agent to keep track of any -- re-indexing of the underlying SNMP elements and to continue to -- associate role strings with the element with which they were -- initially configured. -- -- Policy MIB agents that have elements in multiple local contexts -- need to allow some roles to be assigned to elements in particular -- contexts. This is particularly true when some elements have the -- same names in different contexts and the context is required to -- disambiguate them. In those situations, a value for the -- pmRoleContextName may be provided. When a pmRoleContextName value -- is not provided, the assignment is to the element in the default -- context. -- -- Policy MIB agents that discover elements on other systems and -- execute policies on their behalf need to have access to role -- information for these remote elements. In such situations, role -- assignements for other systems can be stored in this table by -- providing values for the pmRoleTDomain and pmRoleTAddress -- parameters. -- -- For example: -- Example: -- element role context address #comment -- ifindex.1 gold local, default context -- ifindex.2 gold local, default context -- repeaterid.1 foo rptr1 local, rptr1 context -- repeaterid.1 bar rptr2 local, rptr2 context -- ifindex.1 gold "" 10.1.2.3 different system -- ifindex.1 gold "" 10.1.2.4 different system pmRoleTable OBJECT-TYPE SYNTAX SEQUENCE OF PmRoleEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The role string table. The agent must store role string associations in nonvolatile storage." ::= { policyMgt 4 } pmRoleEntry OBJECT-TYPE SYNTAX PmRoleEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A role string entry associates a role string with an individual element." INDEX { pmRoleElement, pmRoleString, pmRoleContextName, pmRoleTDomain, IMPLIED pmRoleTAddress } ::= { pmRoleTable 1 } PmRoleEntry ::= SEQUENCE { pmRoleElement RowPointer, pmRoleString UTF8String, pmRoleContextName SnmpAdminString, pmRoleTDomain TDomain, pmRoleTAddress TAddress, pmRoleStatus RowStatus } pmRoleElement OBJECT-TYPE SYNTAX RowPointer MAX-ACCESS not-accessible STATUS current DESCRIPTION "The element to which this role string is associated. If the agent assigns new indexes in the MIB table to represent the same underlying element (re-indexing), the agent will modify this value to contain the new index for the underlying element." ::= { pmRoleEntry 1 } pmRoleString OBJECT-TYPE SYNTAX UTF8String (SIZE (0..64)) MAX-ACCESS read-create STATUS current DESCRIPTION "The role string that is associated with an element through this table. A role string is an administratively specified characteristic of a managed element (for example, an interface). It is a selector for policy rules, to determine the applicability of the rule to a particular managed element." ::= { pmRoleEntry 2 } pmRoleContextName OBJECT-TYPE SYNTAX SnmpAdminString MAX-ACCESS read-create STATUS current DESCRIPTION "If the associated element is not in the default context for the target system, this object is used to identify the context. If the element is in the default context, this object is equal to the empty string." ::= { pmRoleEntry 3 } pmRoleTDomain OBJECT-TYPE SYNTAX TDomain MAX-ACCESS read-create STATUS current DESCRIPTION "This object indicates the transport type of the address contained in the pmRoleTAddress object. If there is no address, this object will have the value '0.0'" ::= { pmRoleEntry 4 } pmRoleTAddress OBJECT-TYPE SYNTAX TAddress MAX-ACCESS read-create STATUS current DESCRIPTION "If the associated element is on a remote system, this object is used to identify the remote system. This object contains a transport address. The format of this address depends on the value of the snmpTargetAddrTDomain object. If the element is on the local system this object will be the empty string." ::= { pmRoleEntry 5 } pmRoleStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this role string." ::= { pmRoleEntry 6 } -- Capabilities table -- The pmCapabilitiesTable contains a description of -- the inherent capabilities of the system so that scripts can -- differentially apply code based on the capabilities and so that -- management stations can learn of an agent's capabilities and -- differentially install policies based on the capabilities. pmCapabilitiesTable OBJECT-TYPE SYNTAX SEQUENCE OF PmCapabilitiesEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The pmCapabilitiesTable contains a description of the inherent capabilities of the system. Note that it is not necessary to list all OIDs that a mechanism specific MIB Module supports, just the base OID if the implementation is a fully compliant one. If the implementation is not, then additional rows will exist in the table that list the limitations or enhancements." ::= { policyMgt 6 } pmCapabilitiesEntry OBJECT-TYPE SYNTAX PmCapabilitiesEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The description of a capability or limitation of a capability of the system. An entry will exist for each domain and mechanism specific ability the system has. In the case of a domain specific capability with no mechanism specific parameters, the pmCapabilitiesSubType and all other columns may be null. Entries will exist that contain values for the pmCapabilitiesRestrictOID, pmCapabilitiesRestrictType, pmCapabilitiesRestrictValue and pmCapabilitiesRestrictString objects only when an implementation is reporting a mechanism specific restriction. Multiple entries are possible when more than one restriction for a type or subtype are needed." INDEX { pmCapabilitiesIndex } ::= { pmCapabilitiesTable 1 } PmCapabilitiesEntry ::= SEQUENCE { pmCapabilitiesIndex Unsigned32, pmCapabilitiesType OBJECT IDENTIFIER, pmCapabilitiesSubType OBJECT IDENTIFIER, pmCapabilitiesModificationOID OBJECT IDENTIFIER, pmCapabilitiesModificationType INTEGER, pmCapabilitiesModificationValue Integer32, pmCapabilitiesModificationString OCTET STRING } pmCapabilitiesIndex OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS not-accessible STATUS current DESCRIPTION "A unique index for this entry." ::= { pmCapabilitiesEntry 1 } pmCapabilitiesType OBJECT-TYPE SYNTAX OBJECT IDENTIFIER MAX-ACCESS read-only STATUS current DESCRIPTION "The type of the capability represented by this entry. The IANA will publish the list of identifiers that are valid values for this object." ::= { pmCapabilitiesEntry 2 } pmCapabilitiesSubType OBJECT-TYPE SYNTAX OBJECT IDENTIFIER MAX-ACCESS read-only STATUS current DESCRIPTION "The sub type of capability is a pointer to a mechanism specific set of capabilities supporting a base technology. In the case of DIFFSERV, the OID value here would be the base OID of the Differentiated Services Policy MIB Module." ::= { pmCapabilitiesEntry 3 } pmCapabilitiesModificationOID OBJECT-TYPE SYNTAX OBJECT IDENTIFIER MAX-ACCESS read-only STATUS current DESCRIPTION "The OID of the object that is either not supported, supported with one or more limitations, or expanded by an implementation specific module. If this columnar object is other than null then there must be at least an entry in pmCapabilitiesModificationType. Note that this need not be a leaf node or scalar object. If an entire table is not supported, this value can be the base OID for the table." ::= { pmCapabilitiesEntry 4 } pmCapabilitiesModificationType OBJECT-TYPE SYNTAX INTEGER { unsupported(0), restricted(1), additional(2), addvalue(3), maxlimit(4), minlimit(5) } MAX-ACCESS read-only STATUS current DESCRIPTION "An unsupported value indicates that the OID in pmCapabilitiesModificationOID is not supported on this system. A value of 1 indicates that the OID is supported but with restricted values These constraints are described in the pmCapabilitiesModificationValue and pmCapabilitiesModificationString objects. A value of 2 indicates a vendor specific extension to a standard. The OID of the new object is pmCapabilitiesModificationOID. For some implementations, additional functions may be provided. addvalue indicates that this row of the table describes an additional value that the object can take. The specific value is in the pmCapabilitiesModificationValue. The values of 4 and 5 indicate restrictions or the removal of restrictions for the object identified." ::= { pmCapabilitiesEntry 5 } pmCapabilitiesModificationValue OBJECT-TYPE SYNTAX Integer32 (0..2147483647) MAX-ACCESS read-only STATUS current DESCRIPTION "If the value of pmCapabilitiesModificationType is 0, this object will be null since 0 indicates no support for the object at all. A value of 1 in the pmCapabilitiesModificationType will be further modified by a single integer value in this object that corresponds to enumerated integer values that are not supported by the system for the object that is identified in this row. This value can also represent the limit values in the pmCapabilitiesModificationType object." ::= { pmCapabilitiesEntry 6 } pmCapabilitiesModificationString OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-only STATUS current DESCRIPTION "Any additional details or description or parameters needed." ::= { pmCapabilitiesEntry 7 } pmSchedLocalTime OBJECT-TYPE SYNTAX DateAndTime (SIZE (11)) MAX-ACCESS read-only STATUS current DESCRIPTION "The local time used by the scheduler. Schedules which refer to calendar time will use the local time indicated by this object. An implementation MUST return all 11 bytes of the DateAndTime textual-convention so that a manager may retrieve the offset from GMT time." ::= { policyMgt 7 } -- -- The schedule table which controls the scheduler. -- pmSchedTable OBJECT-TYPE SYNTAX SEQUENCE OF PmSchedEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table defines schedules for policies." ::= { policyMgt 8 } pmSchedEntry OBJECT-TYPE SYNTAX PmSchedEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry describing a particular scheduled action. Unless noted otherwise, writable objects of this row can be modified independent of the current value of pmSchedRowStatus, pmSchedAdminStatus and pmSchedOperStatus. In particular, it is legal to modify pmSchedInterval, pmSchedWeekDay, pmSchedMonth, pmSchedDay, pmSchedHour, and pmSchedMinute when pmSchedRowStatus is active and pmSchedAdminStatus and pmSchedOperStatus are both enabled." INDEX { pmSchedIndex } ::= { pmSchedTable 1 } PmSchedEntry ::= SEQUENCE { pmSchedIndex Unsigned32, pmSchedGroupIndex Unsigned32, pmSchedDescr SnmpAdminString, pmSchedInterval Unsigned32, pmSchedWeekDay BITS, pmSchedMonth BITS, pmSchedDay BITS, pmSchedHour BITS, pmSchedMinute BITS, pmSchedDuration Unsigned32, pmSchedType INTEGER, pmSchedAdminStatus INTEGER, pmSchedOperStatus INTEGER, pmSchedStorageType StorageType, pmSchedRowStatus RowStatus } pmSchedIndex OBJECT-TYPE SYNTAX Unsigned32 (1..65535) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The locally-unique, administratively assigned index for this scheduling entry." ::= { pmSchedEntry 1 } pmSchedGroupIndex OBJECT-TYPE SYNTAX Unsigned32 (1..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The locally-unique, administratively assigned index for the group that this scheduling entry belongs to. To assign multiple schedule entries to the same group, the pmSchedGroupIndex of each entry in the group will be set to the same value. This pmSchedGroupIndex value must be equal to the pmSchedIndex of one of the entries in the group. If the entry is deleted whose pmSchedIndex equals the pmSchedGroupIndex for the group, the agent will assign a new pmSchedGroupIndex to all remaining members of the group. If an entry is not a member of a group, its pmSchedGroupIndex must be assigned to the value of its pmSchedIndex. Policies that are controlled by a group of schedule entries are active when any schedule in the group is active." ::= { pmSchedEntry 2 } pmSchedDescr OBJECT-TYPE SYNTAX SnmpAdminString MAX-ACCESS read-create STATUS current DESCRIPTION "The human readable description of the purpose of this scheduling entry." DEFVAL { ''H } ::= { pmSchedEntry 3 } pmSchedInterval OBJECT-TYPE SYNTAX Unsigned32 UNITS "seconds" MAX-ACCESS read-create STATUS current DESCRIPTION "The number of seconds between two activations of a periodic scheduler. Implementations must guarantee that activations will not occur before at least pmSchedInterval seconds have passed. The scheduler must ignore all periodic schedules that have a pmSchedInterval value of 0. A periodic schedule with a scheduling interval of 0 seconds will therefore never invoke an action. Implementations may be forced to delay invocations in the face of local constraints. A scheduled management function should therefore not rely on the accuracy provided by the scheduler implementation." DEFVAL { 0 } ::= { pmSchedEntry 4 } pmSchedWeekDay OBJECT-TYPE SYNTAX BITS { sunday(0), monday(1), tuesday(2), wednesday(3), thursday(4), friday(5), saturday(6) } MAX-ACCESS read-create STATUS current DESCRIPTION "The set of weekdays on which the schedule should be active. Setting multiple bits will include several weekdays in the set of possible weekdays for this schedule. Setting all bits will cause the scheduler to ignore the weekday." DEFVAL { {} } ::= { pmSchedEntry 5 } pmSchedMonth OBJECT-TYPE SYNTAX BITS { january(0), february(1), march(2), april(3), may(4), june(5), july(6), august(7), september(8), october(9), november(10), december(11) } MAX-ACCESS read-create STATUS current DESCRIPTION "The set of months during which the schedule should be active. Setting multiple bits will include several months in the set of possible months for this schedule. Setting all bits will cause the scheduler to ignore the month." DEFVAL { {} } ::= { pmSchedEntry 6 } pmSchedDay OBJECT-TYPE SYNTAX BITS { d1(0), d2(1), d3(2), d4(3), d5(4), d6(5), d7(6), d8(7), d9(8), d10(9), d11(10), d12(11), d13(12), d14(13), d15(14), d16(15), d17(16), d18(17), d19(18), d20(19), d21(20), d22(21), d23(22), d24(23), d25(24), d26(25), d27(26), d28(27), d29(28), d30(29), d31(30), r1(31), r2(32), r3(33), r4(34), r5(35), r6(36), r7(37), r8(38), r9(39), r10(40), r11(41), r12(42), r13(43), r14(44), r15(45), r16(46), r17(47), r18(48), r19(49), r20(50), r21(51), r22(52), r23(53), r24(54), r25(55), r26(56), r27(57), r28(58), r29(59), r30(60), r31(61) } MAX-ACCESS read-create STATUS current DESCRIPTION "The set of days in a month on which a schedule should be active. There are two sets of bits one can use to define the day within a month: Enumerations starting with the letter 'd' indicate a day in a month relative to the first day of a month. The first day of the month can therefore be specified by setting the bit d1(0) and d31(30) means the last day of a month with 31 days. Enumerations starting with the letter 'r' indicate a day in a month in reverse order, relative to the last day of a month. The last day in the month can therefore be specified by setting the bit r1(31), and r31(61) means the first day of a month with 31 days. Setting multiple bits will include several days in the set of possible days for this schedule. Setting all bits will cause the scheduler to ignore the day within a month. Setting all bits starting with the letter 'd' or the letter 'r' will also cause the scheduler to ignore the day within a month." DEFVAL { {} } ::= { pmSchedEntry 7 } pmSchedHour OBJECT-TYPE SYNTAX BITS { h0(0), h1(1), h2(2), h3(3), h4(4), h5(5), h6(6), h7(7), h8(8), h9(9), h10(10), h11(11), h12(12), h13(13), h14(14), h15(15), h16(16), h17(17), h18(18), h19(19), h20(20), h21(21), h22(22), h23(23) } MAX-ACCESS read-create STATUS current DESCRIPTION "The set of hours within a day during which the schedule should be active." DEFVAL { {} } ::= { pmSchedEntry 8 } pmSchedMinute OBJECT-TYPE SYNTAX BITS { m0(0), m1(1), m2(2), m3(3), m4(4), m5(5), m6(6), m7(7), m8(8), m9(9), m10(10), m11(11), m12(12), m13(13), m14(14), m15(15), m16(16), m17(17), m18(18), m19(19), m20(20), m21(21), m22(22), m23(23), m24(24), m25(25), m26(26), m27(27), m28(28), m29(29), m30(30), m31(31), m32(32), m33(33), m34(34), m35(35), m36(36), m37(37), m38(38), m39(39), m40(40), m41(41), m42(42), m43(43), m44(44), m45(45), m46(46), m47(47), m48(48), m49(49), m50(50), m51(51), m52(52), m53(53), m54(54), m55(55), m56(56), m57(57), m58(58), m59(59) } MAX-ACCESS read-create STATUS current DESCRIPTION "The set of minutes within an hour when the schedule should be active." DEFVAL { {} } ::= { pmSchedEntry 9 } pmSchedDuration OBJECT-TYPE SYNTAX Unsigned32 UNITS "seconds" MAX-ACCESS read-create STATUS current DESCRIPTION "The number of seconds the schedule will be active after invocation." ::= { pmSchedEntry 10 } pmSchedType OBJECT-TYPE SYNTAX INTEGER { periodic(1), calendar(2), oneshot(3) } MAX-ACCESS read-create STATUS current DESCRIPTION "The type of this schedule. The value periodic(1) indicates that this entry specifies a periodic schedule. A periodic schedule is defined by the value of pmSchedInterval. The values of pmSchedWeekDay, pmSchedMonth, pmSchedDay, pmSchedHour and pmSchedMinute are ignored. The value calendar(2) indicates that this entry describes a calendar schedule. A calendar schedule is defined by the values of pmSchedWeekDay, pmSchedMonth, pmSchedDay, pmSchedHour and pmSchedMinute. The value of pmSchedInterval is ignored. A calendar schedule will be active on all local times that satisfy the bits set in pmSchedWeekDay, pmSchedMonth, pmSchedDay, pmSchedHour and pmSchedMinute. The value oneshot(3) indicates that this entry describes a one-shot schedule. A one-shot schedule is similar to a calendar schedule with the additional feature that it disables itself by changing in the `finished' pmSchedOperStatus once the schedule becomes inactive after its first activation. Changing a schedule's type is equivalent to deleting the old-type schedule and creating a new-type one." DEFVAL { periodic } ::= { pmSchedEntry 11 } pmSchedAdminStatus OBJECT-TYPE SYNTAX INTEGER { enabled(1), disabled(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "The desired state of the schedule." DEFVAL { disabled } ::= { pmSchedEntry 12 } pmSchedOperStatus OBJECT-TYPE SYNTAX INTEGER { enabled(1), disabled(2), finished(3) } MAX-ACCESS read-only STATUS current DESCRIPTION "The current operational state of this schedule. The state enabled(1) indicates this entry is active and that the scheduler will invoke actions at appropriate times. The disabled(2) state indicates that this entry is currently inactive and ignored by the scheduler. The finished(3) state indicates that the schedule has ended. Schedules in the finished(3) state are ignored by the scheduler. A one-shot schedule enters the finished(3) state when it deactivates itself." ::= { pmSchedEntry 13 } pmSchedStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-create STATUS current DESCRIPTION "This object defines whether this scheduled action is kept in volatile storage and lost upon reboot or if this row is backed up by non-volatile or permanent storage. Conceptual rows having the value `permanent' must allow write access to the columnar objects pmSchedDescr, pmSchedInterval, pmSchedWeekDay, pmSchedMonth, pmSchedDay, pmSchedHour, pmSchedMinute and pmSchedAdminStatus." DEFVAL { volatile } ::= { pmSchedEntry 14 } pmSchedRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this scheduled action." ::= { pmSchedEntry 15 } -- Policy Tracking pmTrackingPolicyToElementTable OBJECT-TYPE SYNTAX SEQUENCE OF PmTrackingPolicyToElementEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The pmTrackingPolicyToElementTable describes what elements are under control of a policy. This table is indexed in order to optimize retrieval of the entire status for a given policy." ::= { policyMgt 9 } pmTrackingPolicyToElementEntry OBJECT-TYPE SYNTAX PmTrackingPolicyToElementEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry in the pmTrackingPolicyToElementTable. The pmPolicyIndex in the index specifies the policy tracked by this entry." INDEX { pmPolicyIndex, pmTrackingPolicyToElementElement } ::= { pmTrackingPolicyToElementTable 1 } PmTrackingPolicyToElementEntry ::= SEQUENCE { pmTrackingPolicyToElementElement RowPointer, pmTrackingPolicyToElementInfo BITS } pmTrackingPolicyToElementElement OBJECT-TYPE SYNTAX RowPointer MAX-ACCESS not-accessible STATUS current DESCRIPTION "The element that is configured by the associated policy." ::= { pmTrackingPolicyToElementEntry 1 } pmTrackingPolicyToElementInfo OBJECT-TYPE SYNTAX BITS { filterMatched(0), actionSkippedDueToPrecedence(1), filterRunTimeException(2), filterUserSignal(3), actionRunTimeException(4), actionUserSignal(5) } MAX-ACCESS read-only STATUS current DESCRIPTION "This object returns information about the previous policy script executions. If the filterMatched(0) bit is set, the last execution of the associated policy filter returned TRUE. If the actionSkippedDueToPrecedence(1) bit is set, the last execution of the associated policy filter returned TRUE but the action is not active because it was trumped by a matching policy filter in the same policy group with a higher precedence value. If the filterRunTimeException(2) bit is set, the last execution of the associated policy filter encountered a run-time exception and aborted. If the filterUserSignal(3) bit is set, the last execution of the associated policy filter called the signalException() function. If the actionRunTimeException(4) bit is set, the last execution of the associated policy action encountered a run-time exception and aborted. If the actionUserSignal(5) bit is set, the last execution of the associated policy action called the signalException() function. Entries will only exist in this table of one or more bits are set. In particular, if an entry does not exist for a particular policy/element combination, it can be assumed that the policy's filter did not match this element." ::= { pmTrackingPolicyToElementEntry 2 } -- Element to Policy Table pmTrackingElementToPolicyTable OBJECT-TYPE SYNTAX SEQUENCE OF PmTrackingElementToPolicyEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The pmTrackingElementToPolicyTable describes what policies are controlling an element. This table is indexed in order to optimize retrieval of the status of all policies active for a given element." ::= { policyMgt 10 } pmTrackingElementToPolicyEntry OBJECT-TYPE SYNTAX PmTrackingElementToPolicyEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry in the pmTrackingElementToPolicyTable. The pmPolicyIndex in the index specifies the policy tracked by this entry." INDEX { pmTrackingElementToPolicyElement, pmPolicyIndex } ::= { pmTrackingElementToPolicyTable 1 } PmTrackingElementToPolicyEntry ::= SEQUENCE { pmTrackingElementToPolicyElement RowPointer, pmTrackingElementToPolicyStatus INTEGER } pmTrackingElementToPolicyElement OBJECT-TYPE SYNTAX RowPointer MAX-ACCESS not-accessible STATUS current DESCRIPTION "The element configured by the associated policy." ::= { pmTrackingElementToPolicyEntry 1 } pmTrackingElementToPolicyStatus OBJECT-TYPE SYNTAX INTEGER { off(0), on(1), forceOff(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "The status of this policy-element relationship. This value will be on(1) if the calendar for the policy is active and if the associated policyFilter returned 1 for this element. Entries will not exist in this table if their status would be off(0). A policy can be forcibly disabled on a particular element by setting this value to forceOff(2). The agent should then act as if the policyFilter failed for this element. The forceOff(2) state will persist (even across reboots) until this value is set to on(1) by a management request. Even if the policyFilter later fails for this element, this value will stay in the forceOff(2) state." ::= { pmTrackingElementToPolicyEntry 2 } -- Policy Debugging Table -- Policies that have debugging turned on will generate a log entry in -- the policy debugging table for every runtine exception that occurs -- in either the filter or action code. pmDebuggingTable OBJECT-TYPE SYNTAX SEQUENCE OF PmDebuggingEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The pmDebuggingTable logs debugging messages when policies experience run-time exceptions in either the filter or action code and the associated pmPolicyDebugging object has been turned on." ::= { policyMgt 11 } pmDebuggingEntry OBJECT-TYPE SYNTAX PmDebuggingEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry in the pmDebuggingTable. The pmPolicyIndex in the index specifies the policy that encountered the exception that led to this log entry." INDEX { pmPolicyIndex, pmDebuggingElement, pmDebuggingLogIndex } ::= { pmDebuggingTable 1 } PmDebuggingEntry ::= SEQUENCE { pmDebuggingElement RowPointer, pmDebuggingLogIndex Unsigned32, pmDebuggingMessage UTF8String } pmDebuggingElement OBJECT-TYPE SYNTAX RowPointer MAX-ACCESS read-only STATUS current DESCRIPTION "The element the policy was executing on when it encountered the error that led to this log entry." ::= { pmDebuggingEntry 1 } pmDebuggingLogIndex OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "A unique index for this log entry amongst other log entries for this policy/element combination." ::= { pmDebuggingEntry 2 } pmDebuggingMessage OBJECT-TYPE SYNTAX UTF8String (SIZE (0..128)) MAX-ACCESS read-only STATUS current DESCRIPTION "An error message generated by the policy execution environment." ::= { pmDebuggingEntry 3 } -- Notification Registration Table -- A management station may choose not to install policies to a -- system that depend on roles or capabilities that don't exist on any -- elements in the system. However, the management station must be able -- to quickly learn if new roles or capabilities are added to the -- system so that it can immediately install the policies that make -- use of that new role or capability. This table allows a management -- station to register itself so that it will receive -- pmNewRoleNotifications and pmNewCapabilityNotifications whenever a -- role or capability first appears on the system. -- -- pmNewRoleNotifications and pmNewCapabilityNotifications are sent in -- Inform PDU's so they are automatically retransmitted if they are -- not acknowledged. -- -- The procedure to guarantee accurate knowledge of roles and -- capabilities is as follows: -- -- Step 1: The NMS registers itself in the pmNotificationRegTable -- Whenever it receives a notification, it adds the new role -- or capability to its internal database for that system. -- Followed immediately by: -- Step 2: The NMS retrieves the roles and capabilities from the -- system from the pmRoleTable and the -- pmCapabilitiesTable, adding this information to its -- internal database. -- Followed immediately by: -- Step 3: The NMS installs policies on the system, potentially -- skipping policies that depend on roles or capabilities -- that haven't been inserted into the internal database. -- Followed immediately by: -- Step 4: Whenever a notification indicates a new role or -- capability that requires new policies to be installed, -- it will immediately install such policies. The NMS will -- continue this step indefinitely. -- -- Note that using this algorithm to avoid installing "unnecessary" -- policies may result in delays in having the policy available when -- the policy becomes necessary. This delay could become extensive if -- an interruption of communications prevents the notification from -- being delivered and/or the policy from being installed, causing -- the sytem to not be in compliance with policy for a period of -- time. In particular, if the policy is enforcing security rules, -- this could open up security vulnerabilities during this period of -- time. pmNotificationRegTable OBJECT-TYPE SYNTAX SEQUENCE OF PmNotificationRegEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A manager that wishes to receive notifications about new roles or capabilities on an agent places an entry in the notification registration table. pmNewRoleNotifications and pmNewCapabilityNotifications will then be sent to the target specified in the associated snmpTargetAddr entry. These notifications will be sent until the entry is removed from this table." ::= { policyMgt 12 } pmNotificationRegEntry OBJECT-TYPE SYNTAX PmNotificationRegEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry in the pmNotificationRegTable." INDEX { pmNotificationRegIndex } ::= { pmNotificationRegTable 1 } PmNotificationRegEntry ::= SEQUENCE { pmNotificationRegIndex Unsigned32, pmNotificationRegSnmpTargetAddrName SnmpAdminString, pmNotificationRegStorageType StorageType, pmNotificationRegStatus RowStatus } pmNotificationRegIndex OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS not-accessible STATUS current DESCRIPTION "A unique index for this entry." ::= { pmNotificationRegEntry 1 } pmNotificationRegSnmpTargetAddrName OBJECT-TYPE SYNTAX SnmpAdminString MAX-ACCESS read-create STATUS current DESCRIPTION "The snmpTargetAddrName of an associated snmpTargetAddrEntry. When the following conditions are true, pmNewRoleNotifications and pmNewCapabilityNotifications should be sent to the specified target: 1) The pmNotificationRegEntry is active 2) The associated snmpTargetAddr entry is fully configured and active. 3) The associated snmpTargetParams entry is fully configured and active." ::= { pmNotificationRegEntry 2 } pmNotificationRegStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-create STATUS current DESCRIPTION "This object defines whether this row is kept in volatile storage and lost upon reboot or if this row is backed up by non-volatile or permanent storage." ::= { pmNotificationRegEntry 3 } pmNotificationRegStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this entry." ::= { pmNotificationRegEntry 4 } -- Notifications pmNotifications OBJECT IDENTIFIER ::= { policyMgt 13 } pmNewRoleNotification NOTIFICATION-TYPE OBJECTS { pmRoleString } STATUS current DESCRIPTION "The pmNewRoleNotification is sent when an agent is configured with its first instance of a previously unused role string (not every time a new element is given a particular role). An instance of the pmRoleString object is sent containing the new roleString. In the event that two or more elements are given the same role simultaneously, it is an implementation-dependent matter as to which pmRoleString instance will be included in the notification." ::= { pmNotifications 1 } pmNewCapabilityNotification NOTIFICATION-TYPE OBJECTS { pmCapabilitiesType } STATUS current DESCRIPTION "The pmNewCapabilityNotification is sent when an agent gains a new capability that did not previously exist in any element on the system (not every time an element gains a particular role). An instance of the pmCapabilitiesType object is sent containing the identity of the new capability. In the event that two or more elements gain the same role simultaneously, it is an implementation-dependent matter as to which pmCapabilitiesType instance will be included in the notification." ::= { pmNotifications 2 } -- Compliance Statements pmConformance OBJECT IDENTIFIER ::= { policyMgt 20 } pmCompliances OBJECT IDENTIFIER ::= { pmConformance 1 } pmGroups OBJECT IDENTIFIER ::= { pmConformance 2 } pmCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "Describes the requirements for conformance to the Policy-Based Management MIB" MODULE -- this module MANDATORY-GROUPS { pmPolicyManagementGroup, pmSchedGroup, pmNotificationGroup } ::= { pmCompliances 1 } pmPolicyManagementGroup OBJECT-GROUP OBJECTS { pmPolicyGroup, pmPolicyPrecedence, pmPolicySchedule, pmPolicyFilter, pmPolicyAction, pmPolicyParameters, pmPolicyFilterMaxLatency, pmPolicyActionMaxLatency, pmPolicyMaxIterations, pmPolicyDescription, pmPolicyMatches, pmPolicyAbnormalTerminations, pmPolicyExecutionErrors, pmPolicyDebugging, pmPolicyStorageType, pmPolicyAdminStatus, pmPolicyRowStatus, pmPolicyCodeText, pmPolicyCodeStatus, pmElementTypeRegOIDPrefix, pmElementTypeRegMaxLatency, pmElementTypeRegName, pmElementTypeRegStorageType, pmElementTypeRegRowStatus, pmRoleString, pmRoleContextName, pmRoleTDomain, pmRoleTAddress, pmRoleStatus, pmCapabilitiesType, pmCapabilitiesSubType, pmCapabilitiesModificationOID, pmCapabilitiesModificationType, pmCapabilitiesModificationValue, pmCapabilitiesModificationString, pmTrackingPolicyToElementInfo, pmTrackingElementToPolicyStatus, pmDebuggingElement, pmDebuggingLogIndex, pmDebuggingMessage, pmNotificationRegSnmpTargetAddrName, pmNotificationRegStorageType, pmNotificationRegStatus } STATUS current DESCRIPTION "Objects that allow for the creation and management of configuration policies." ::= { pmGroups 1 } pmSchedGroup OBJECT-GROUP OBJECTS { pmSchedLocalTime, pmSchedGroupIndex, pmSchedDescr, pmSchedInterval, pmSchedWeekDay, pmSchedMonth, pmSchedDay, pmSchedHour, pmSchedMinute, pmSchedDuration, pmSchedType, pmSchedAdminStatus, pmSchedOperStatus, pmSchedStorageType, pmSchedRowStatus } STATUS current DESCRIPTION "Objects that allow for the scheduling of policies." ::= { pmGroups 2 } pmNotificationGroup NOTIFICATION-GROUP NOTIFICATIONS { pmNewRoleNotification, pmNewCapabilityNotification } STATUS current DESCRIPTION "Notifications sent by an Policy MIB agent." ::= { pmGroups 3 } pmBaseFunctionLibrary OBJECT IDENTIFIER ::= { pmGroups 4 } END -- -- Copyright (C) The Internet Society (2001). All Rights Reserved. -- -- This document and translations of it may be copied and -- furnished to others, and derivative works that comment on or -- otherwise explain it or assist in its implementation may be -- prepared, copied, published and distributed, in whole or in -- part, without restriction of any kind, provided that the above -- copyright notice and this paragraph are included on all such -- copies and derivative works. However, this document itself -- may not be modified in any way, such as by removing the -- copyright notice or references to the Internet Society or -- other Internet organizations, except as needed for the -- purpose of developing Internet standards in which case the -- procedures for copyrights defined in the Internet Standards -- process must be followed, or as required to translate it into -- languages other than English. -- -- The limited permissions granted above are perpetual and will -- not be revoked by the Internet Society or its successors or -- assigns. -- -- This document and the information contained herein is provided -- on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET -- ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR -- IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE -- USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR -- ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A -- PARTICULAR PURPOSE.