-- extracted from draft-ietf-syslog-device-mib-04.txt -- at Wed Jul 2 06:13:47 2003 SYSLOG-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, Unsigned32, Counter32, mib-2 FROM SNMPv2-SMI RowStatus, TEXTUAL-CONVENTION, TimeStamp, TruthValue, StorageType FROM SNMPv2-TC InetAddressType, InetAddress, InetAddressPrefixLength FROM INET-ADDRESS-MIB MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF SnmpAdminString FROM SNMP-FRAMEWORK-MIB; syslogMIB MODULE-IDENTITY LAST-UPDATED "200306250000Z" -- Wed June 25 00:00 GMT 2003 ORGANIZATION "IETF Syslog Working Group" CONTACT-INFO " Glenn Mansfield Keeni Postal: Cyber Solutions Inc. 6-6-3, Minami Yoshinari Aoba-ku, Sendai, Japan 989-3204. Tel: +81-22-303-4012 Fax: +81-22-303-4015 E-mail: glenn@cysols.com " DESCRIPTION "The MIB module pertaining to the reception and processing of Syslog compatible messages." REVISION "200306250000Z" -- Wed June 25 00:00 GMT 2003 DESCRIPTION "The initial version of this MIB module." ::= { mib-2 999999 } -- Will be assigned by IANA -- ------------------------------------------------------------- -- Textual Conventions -- ------------------------------------------------------------- SyslogFacility ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "This textual convention enumerates the facilities that originate syslog messages. The value noMap(99) indicates that the appropriate facility will be provided by the application on the managed entity. If this option is not available on a particular entity, attempts to set the facillity to this value will fail with an error-status of wrongValue. " REFERENCE "The BSD syslog Protocol (RFC 3164) sec. 4.1.1 (Table 1). " SYNTAX INTEGER { kernel (0), -- kernel messages user (1), -- user-level messages mail (2), -- mail system daemon (3), -- system daemons auth (4), -- authorization messages syslog (5), -- messages generated by syslogd lpr (6), -- line printer subsystem news (7), -- network news subsystem uucp (8), -- UUCP subsystem cron (9), -- clock daemon authPriv (10),-- authorization messages -- (private) ftp (11),-- ftp daemon ntp (12),-- NTP subsystem security (13),-- security subsystems -- (firewalling, etc.) console (14),-- /dev/console output local0 (16), local1 (17), local2 (18), local3 (19), local4 (20), local5 (21), local6 (22), local7 (23), noMap (99) } SyslogSeverity ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "This textual convention enumerates the severity levels of syslog messages. The syslog protocol uses the values 0 (emergency), to 7 (debug)." REFERENCE "The BSD syslog Protocol (RFC 3164) sec. 4.1.1 (Table 2) " SYNTAX INTEGER { emergency (0), -- system is unusable alert (1), -- action must be taken -- immediately critical (2), -- critical conditions error (3), -- error conditions warning (4), -- warning conditions notice (5), -- normal but significant -- condition info (6), -- informational debug (7), -- debug-level messages other (99) -- none of the above } SyslogSeverityCompOP ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "The operator that will be applied to the severity before the selection for an action takes place. " SYNTAX INTEGER { none (1), greaterThanOrEqual (2), lessThanOrEqual (3), greaterThan (4), lessThan (5), notGreaterThanOrEqual (6), notLessThanOrEqual (7), notGreaterThan (8), notLessThan (9), equal (10), notEqual (11) } SyslogTransport ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "The Transport that will be used to send and/or receive messages. " REFERENCE "The The BSD syslog Protocol RFC 3164 Sec. 2. " SYNTAX INTEGER { any (1), udp (2), tcp (3) } SyslogService ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "The service name or port number that will be used to send and/or receive messages. The special name ''any'' is reserved. It denotes all ports and is applicable only in the context of message reception. In case the service name is given, and it is not ''any'', the service name must resolve to a port number on the local host. " SYNTAX OCTET STRING (SIZE (0..255)) -- ------------------------------------------------------------- -- syslogMIB - the main groups -- ------------------------------------------------------------- syslogSystem OBJECT IDENTIFIER ::= { syslogMIB 1 } syslogProc OBJECT IDENTIFIER ::= { syslogMIB 2 } syslogControl OBJECT IDENTIFIER ::= { syslogMIB 3 } -- ------------------------------------------------------------- -- syslogSystem -- ------------------------------------------------------------- -- The system wide parameters syslogDefaultTransport OBJECT-TYPE SYNTAX SyslogTransport MAX-ACCESS read-write STATUS current DESCRIPTION "The default transport that a syslog process will use to send syslog messages. " REFERENCE "The BSD syslog Protocol RFC 3164 Sec. 2. " DEFVAL {udp} ::= { syslogSystem 1 } syslogDefaultService OBJECT-TYPE SYNTAX SyslogService MAX-ACCESS read-write STATUS current DESCRIPTION "The default service name or port number that a syslog process will use to send syslog messages. " REFERENCE "The BSD syslog Protocol RFC 3164 Sec. 2. " DEFVAL { "514" } ::= { syslogSystem 2 } syslogDefaultFacility OBJECT-TYPE SYNTAX SyslogFacility MAX-ACCESS read-write STATUS current DESCRIPTION "The default syslog facility that will be added to syslog messages when the message needs to be relayed and does not have priority specified. " ::= { syslogSystem 3 } syslogDefaultSeverity OBJECT-TYPE SYNTAX SyslogSeverity MAX-ACCESS read-write STATUS current DESCRIPTION "The default syslog severity that will be added to syslog messages when the message needs to be relayed and does not have priority specified. " ::= { syslogSystem 4 } syslogMaxMessageSize OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-write STATUS current DESCRIPTION "The maximum size of the syslog messages in bytes. " DEFVAL { 1024 } ::= { syslogSystem 5 } -- ------------------------------------------------------------- -- syslogProc -- ------------------------------------------------------------- syslogProcTable OBJECT-TYPE SYNTAX SEQUENCE OF SyslogProcEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table containing information about the syslog processes serviced by an SNMP agent. " ::= { syslogProc 1 } syslogProcEntry OBJECT-TYPE SYNTAX SyslogProcEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The information pertaining to a syslog process. " INDEX { syslogProcIndex } ::= { syslogProcTable 1 } SyslogProcEntry ::= SEQUENCE { syslogProcIndex Unsigned32, syslogProcMsgsReceived Counter32, syslogProcMsgsRelayed Counter32, syslogProcMsgsDropped Counter32, syslogProcMsgsIllFormed Counter32, syslogProcMsgsIgnored Counter32, syslogProcMsgsRejected Counter32, syslogProcLastMsgRecdTime TimeStamp, syslogProcLastMsgDeliveredTime TimeStamp, syslogProcStartTime TimeStamp, syslogProcLastError SnmpAdminString, syslogProcLastErrorTime TimeStamp } -- option for allowed peers needs to be added syslogProcIndex OBJECT-TYPE SYNTAX Unsigned32 (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The Index that uniquely identifies the syslog process in the syslogProcess table. " ::= { syslogProcEntry 1 } syslogProcMsgsReceived OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of messages received by the syslog process. This includes messages that were ignored. " ::= { syslogProcEntry 2 } syslogProcMsgsRelayed OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of messages relayed by the syslog process to other syslog processes. " ::= { syslogProcEntry 3 } syslogProcMsgsDropped OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of messages that could not be relayed (could not be queued for transmitting)." ::= { syslogProcEntry 4 } syslogProcMsgsIllFormed OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of messages that were rejected by the syslog process because these were not well-formed. " ::= { syslogProcEntry 5 } syslogProcMsgsIgnored OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of messages that were not processed by the syslog process because the message did not meet the specification of 'allowed specifications' ( either the program name or the priority level of the message or both did not match any selection specified for this process in the syslogCtlSelectionTable). " ::= { syslogProcEntry 6 } syslogProcMsgsRejected OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of messages that were rejected by the syslog process because the messsage was from a host/service that did not match any selection specified for this process in the syslogCtlSelectionTable and was not on the allowed host/services list. " ::= { syslogProcEntry 7 } syslogProcLastMsgRecdTime OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION "The local time when the last message was received by the syslog process locally or from a remote syslog process. " ::= { syslogProcEntry 8 } syslogProcLastMsgDeliveredTime OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION "The local time when the last message was delivered by the syslog process. " ::= { syslogProcEntry 9 } syslogProcStartTime OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION "The local time when this process was started. " ::= { syslogProcEntry 10 } syslogProcLastError OBJECT-TYPE SYNTAX SnmpAdminString MAX-ACCESS read-only STATUS current DESCRIPTION "A description of the last error that was encountered by this process. " ::= { syslogProcEntry 11 } syslogProcLastErrorTime OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION "The local time when the last error was encountered. " ::= { syslogProcEntry 12 } syslogParamsTable OBJECT-TYPE SYNTAX SEQUENCE OF SyslogParamsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table containing information about the parameters that control the syslog processes. " ::= { syslogProc 2 } syslogParamsEntry OBJECT-TYPE SYNTAX SyslogParamsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The parameters pertaining to a syslog process." INDEX { syslogProcIndex } ::= { syslogParamsTable 1 } SyslogParamsEntry ::= SEQUENCE { syslogParamsProcDescr SnmpAdminString, syslogParamsBindAddrType InetAddressType, syslogParamsBindAddr InetAddress, syslogParamsSendToAllAddresses TruthValue, syslogParamsCompression INTEGER, syslogParamsConfFileName SnmpAdminString, syslogParamsFacilityTranslation INTEGER, syslogParamsPIDFileName SnmpAdminString, syslogParamsDNSLookup INTEGER, syslogParamsSeverityCompOP SyslogSeverityCompOP, syslogParamsSecuritySpecs INTEGER, syslogParamsProcessStatus INTEGER, syslogParamsStorageType StorageType, syslogParamsRowStatus RowStatus } syslogParamsProcDescr OBJECT-TYPE SYNTAX SnmpAdminString MAX-ACCESS read-create STATUS current DESCRIPTION "A user definable description of the syslog process. " ::= { syslogParamsEntry 1 } syslogParamsBindAddrType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-create STATUS current DESCRIPTION "The type of Internet address which follows in syslogParamsBindAddr. " ::= { syslogParamsEntry 2 } syslogParamsBindAddr OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The specific IP address or hostname the syslog process will bind to. If a hostname is specified, the IPv4 or IPv6 address corresponding to the hostname will be used. " ::= { syslogParamsEntry 3 } syslogParamsSendToAllAddresses OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "If the destination host, for a message to be forwarded, has more than one A or AAAA record process, Send the message to all the addresses (true) else send to only one of the addresses. " DEFVAL { false } ::= { syslogParamsEntry 4 } syslogParamsCompression OBJECT-TYPE SYNTAX INTEGER { off (1), offIfPipe (2), on (3) } MAX-ACCESS read-write STATUS current DESCRIPTION "If 'off', disable the compression of repeated instances of the same line into a single line of the form ``last message repeated N times''. If 'offIfPipe' disable the compression when the output is a pipe to another program. Otherwise the compression is enabled. " DEFVAL { on } ::= { syslogParamsEntry 5 } syslogParamsConfFileName OBJECT-TYPE SYNTAX SnmpAdminString MAX-ACCESS read-create STATUS current DESCRIPTION "The fullpath name of the configuration file where the syslog process's message selection and corresponding action rules will be read from. Data is loaded from this file into the syslogCtlSelectionTable and the syslogCtlLogActionTable. If the objects loaded from the file specified by this object have an access level of read-create this file MUST be be writable so that modifications to the corresponding objects, if any, will be effected in this file. If the system does not support the specification of a configuration file this field will not be accessible. " DEFVAL { "/etc/syslog.conf" } ::= { syslogParamsEntry 6 } syslogParamsFacilityTranslation OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "If false(2), disable the translation of messages received with facility ``kern'' to facility ``user''. Usually the ``kern'' facility is reserved for messages read directly from /dev/klog. " DEFVAL { true } ::= { syslogParamsEntry 7 } syslogParamsPIDFileName OBJECT-TYPE SYNTAX SnmpAdminString MAX-ACCESS read-create STATUS current DESCRIPTION "The fullpath name of the file where the syslog process ID will be recorded. In case the system does not support the feature of recording syslog's process ID - this object will not be accessible. " DEFVAL { "/etc/syslog.pid" } ::= { syslogParamsEntry 8 } syslogParamsDNSLookup OBJECT-TYPE SYNTAX INTEGER { useLocalCache (1), doNotUseLocalCache (2) } MAX-ACCESS read-write STATUS current DESCRIPTION "If doNotUseLocalCache is on, fresh DNS lookups will be carried out everytime a hostname is encountered. Else, DNS lookups will be carried out only once for each hostname. " DEFVAL { useLocalCache } ::= { syslogParamsEntry 9 } syslogParamsSeverityCompOP OBJECT-TYPE SYNTAX SyslogSeverityCompOP MAX-ACCESS read-create STATUS current DESCRIPTION "The default value of the operator that should be applied to the syslogCtlSelectionSeverity before the selection takes place. " DEFVAL { greaterThanOrEqual } ::= { syslogParamsEntry 10 } syslogParamsSecuritySpecs OBJECT-TYPE SYNTAX INTEGER { none (1), doNotRecvFromRemoteHosts (2), doNotOpenNetworkSockets (3) } MAX-ACCESS read-create STATUS current DESCRIPTION "If doNotRecvFromRemoteHosts is selected then the corresponding syslog process will not receive messages from remote hosts. If doNotOpenNetworkSockets is selected then the syslog process will not receive from or forward to remote hosts. " DEFVAL { none } ::= { syslogParamsEntry 11 } syslogParamsProcessStatus OBJECT-TYPE SYNTAX INTEGER { unknown (1), started (2), suspended(3), stopped (4) } MAX-ACCESS read-create STATUS current DESCRIPTION "The status of the process. The status of the process can be controlled by setting this object to the appropriate value. ''started'' indicates that the process should be started if it is not already running. ''suspended'' indicates that the process should be suspended if it is running. ''stopped'' indicates that the process should be stopped if it is running. The following are the allowed state changes started -> suspended started -> stopped suspended -> started suspended -> stopped Attempts to carry out any other state changes will result in in an error. The status can be set to ''started'' only when the rowStatus of the corresponding conceptual row is ''active''. " DEFVAL { unknown } ::= { syslogParamsEntry 12 } syslogParamsStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-create STATUS current DESCRIPTION "This object defines whether the parameters defined in this row are kept in volatile storage and lost upon reboot or are backed up by non-volatile (permanent) storage. Conceptual rows having the value 'permanent' need not allow write-access to any columnar objects in the row. " ::= { syslogParamsEntry 13 } syslogParamsRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "This object is used to create, modify and delete rows in the syslogParamsTable. Objects in a row can be modified only when the value of this object in the corresponding conceptual row is not ''active''. Thus to modify one or more of the objects in this conceptual row, a. change the row status to ''notInService'', b. change the values of the row c. change the row status to ''active'' The syslogParamsRowStatus may be changed to ''active'' iff all the MOs in the conceptual row have been assigned valid values. " ::= { syslogParamsEntry 14 } syslogAllowedHostsTable OBJECT-TYPE SYNTAX SEQUENCE OF SyslogAllowedHostsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table containing information about the Hosts from which messages will be accepted. " ::= { syslogProc 3 } syslogAllowedHostsEntry OBJECT-TYPE SYNTAX SyslogAllowedHostsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The host information." INDEX { syslogProcIndex } ::= { syslogAllowedHostsTable 1 } SyslogAllowedHostsEntry ::= SEQUENCE { syslogAllowedHostsAddressType InetAddressType, syslogAllowedHostsAddress InetAddress, syslogAllowedHostsMaskLen InetAddressPrefixLength, syslogAllowedHostsTransport SyslogTransport, syslogAllowedHostsPort SyslogService, syslogAllowedHostsStorageType StorageType, syslogAllowedHostsRowStatus RowStatus } syslogAllowedHostsAddressType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-create STATUS current DESCRIPTION "The type of Internet address which follows in syslogAllowedHostsAddress. " ::= { syslogAllowedHostsEntry 1 } syslogAllowedHostsAddress OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The IP address or hostname specification of the host from which the syslog process will accept messages. " ::= { syslogAllowedHostsEntry 2 } syslogAllowedHostsMaskLen OBJECT-TYPE SYNTAX InetAddressPrefixLength MAX-ACCESS read-create STATUS current DESCRIPTION "If the syslogAllowedHostsAddressType is ipv4(1), ipv6(2) this object represents the number of bits that will be taken into account when the address of the originating is being compared with syslogAllowedHostsAddress. The default value of this MO will be the length of the corresponding syslogAllowedHostsAddress. If the syslogAllowedHostsAddressType is not ipv4(1) or ipv6(2) this object is not used. A value of 0 indicates that the prefix is not used or is not applicable. " DEFVAL { 0 } ::= { syslogAllowedHostsEntry 3 } syslogAllowedHostsTransport OBJECT-TYPE SYNTAX SyslogTransport MAX-ACCESS read-create STATUS current DESCRIPTION "The Transport specification that will be used to decide whether the messsage will be accepted from a host or not. " DEFVAL { udp } ::= { syslogAllowedHostsEntry 4 } syslogAllowedHostsPort OBJECT-TYPE SYNTAX SyslogService MAX-ACCESS read-create STATUS current DESCRIPTION "The port specification that will be used to decide whether the messsage will be accepted from a host or not. " DEFVAL { "any" } ::= { syslogAllowedHostsEntry 5 } syslogAllowedHostsStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-create STATUS current DESCRIPTION "This object defines whether the parameters defined in this row are kept in volatile storage and lost upon reboot or are backed up by non-volatile (permanent) storage. Conceptual rows having the value 'permanent' need not allow write-access to any columnar objects in the row. " ::= { syslogAllowedHostsEntry 6 } syslogAllowedHostsRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "This object is used to create and delete rows in the syslogAllowedHostsTable. All the columns in this conceptual row MUST have valid values before this column can be assigned the value ''active''. " ::= { syslogAllowedHostsEntry 7 } -- ------------------------------------------------------------- -- syslogControl -- ------------------------------------------------------------- -- This group defines the rules for message selection and the -- action that will be carried out on the selected messages. -- The tables in this group represent the rules that would -- generally be present in the syslog.conf -- syslogCtlSelectionTable: -- This table defines the message selection rules for an action -- Each row maps a part of the "selector" field in the syslogd.conf -- that is traditionally input to the syslogd process syslogCtlSelectionTable OBJECT-TYPE SYNTAX SEQUENCE OF SyslogCtlSelectionEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table which defines the rules for selection of syslog messages for some specified actions. Entries within this table with an access level of read- create MUST be considered non-volatile and MUST be maintained across entity resets. " ::= { syslogControl 1 } syslogCtlSelectionEntry OBJECT-TYPE SYNTAX SyslogCtlSelectionEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines the information to generate syslog messages to an aggregating agent or collector. " INDEX { syslogProcIndex, syslogCtlActionIndex, syslogCtlSelectionIndex } ::= { syslogCtlSelectionTable 1 } SyslogCtlSelectionEntry ::= SEQUENCE { syslogCtlActionIndex Unsigned32, syslogCtlSelectionIndex Unsigned32, syslogCtlSelectionDescr SnmpAdminString, syslogCtlSelectionHostNameIncl INTEGER, syslogCtlSelectionHostName SnmpAdminString, syslogCtlSelectionProgNameIncl INTEGER, syslogCtlSelectionProgName SnmpAdminString, syslogCtlSelectionPriorityIncl INTEGER, syslogCtlSelectionFacility SyslogFacility, syslogCtlSelectionSeverity SyslogSeverity, syslogCtlSelectionSeverityCompOP SyslogSeverityCompOP, syslogCtlSelectionStorageType StorageType, syslogCtlSelectionRowStatus RowStatus } syslogCtlActionIndex OBJECT-TYPE SYNTAX Unsigned32 (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "An index that uniquely identifies an action group in the Table. " ::= { syslogCtlSelectionEntry 1 } syslogCtlSelectionIndex OBJECT-TYPE SYNTAX Unsigned32 (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "An index that uniquely identifies the row within the set of rows belonging to the same action group. " ::= { syslogCtlSelectionEntry 2 } syslogCtlSelectionDescr OBJECT-TYPE SYNTAX SnmpAdminString MAX-ACCESS read-create STATUS current DESCRIPTION "A description of the Selection " DEFVAL { "None" } ::= { syslogCtlSelectionEntry 3 } syslogCtlSelectionHostNameIncl OBJECT-TYPE SYNTAX INTEGER { included (1), excluded (2) } MAX-ACCESS read-create STATUS current DESCRIPTION "Indicates whether the hostname defined in the corresponding instance of syslogCtlSelectionHostName must be included or excluded from the selection for the action. " DEFVAL { included } ::= { syslogCtlSelectionEntry 4 } syslogCtlSelectionHostName OBJECT-TYPE SYNTAX SnmpAdminString MAX-ACCESS read-create STATUS current DESCRIPTION "The hostname of the host that must be included or excluded from the selection depending on the value of the corresponding syslogCtlSelectionHostNameIncl. An asterisk indicates all hosts. " DEFVAL { "*" } ::= { syslogCtlSelectionEntry 5 } syslogCtlSelectionProgNameIncl OBJECT-TYPE SYNTAX INTEGER { included (1), excluded (2) } MAX-ACCESS read-create STATUS current DESCRIPTION "Indicates whether the program name defined in the corresponding instance of syslogCtlSelectionProgName must be included or excluded from the selection for the action. " DEFVAL { included } ::= { syslogCtlSelectionEntry 6 } syslogCtlSelectionProgName OBJECT-TYPE SYNTAX SnmpAdminString MAX-ACCESS read-create STATUS current DESCRIPTION "The name of the program that must be included or excluded from the selection depending on the value of the corresponding syslogCtlSelectionProgNameIncl. An asterisk indicates all programs. " DEFVAL { "*" } ::= { syslogCtlSelectionEntry 7 } syslogCtlSelectionPriorityIncl OBJECT-TYPE SYNTAX INTEGER { included (1), excluded (2) } MAX-ACCESS read-create STATUS current DESCRIPTION "Indicates whether the priority specified in the corresponding instances of syslogCtlSelectionFacility and syslogCtlSelectionSeverity must be included or excluded from the selection for the action. " DEFVAL { included } ::= { syslogCtlSelectionEntry 8 } syslogCtlSelectionFacility OBJECT-TYPE SYNTAX SyslogFacility MAX-ACCESS read-create STATUS current DESCRIPTION "The facility. The value of the facility together with the value of the syslogCtlSelectionSeverityCompOP and the syslogCtlSelectionSeverity, of the same row, will be used to decide whether the priority must be included or excluded from the selection for the action. " ::= { syslogCtlSelectionEntry 9 } syslogCtlSelectionSeverityCompOP OBJECT-TYPE SYNTAX SyslogSeverityCompOP MAX-ACCESS read-create STATUS current DESCRIPTION "Represents the operator that be applied to the value of the syslogCtlSelectionSeverity MO to decide whether the corresponding priority must be included or excluded from the selection for the action. " DEFVAL { greaterThanOrEqual } ::= { syslogCtlSelectionEntry 10 } syslogCtlSelectionSeverity OBJECT-TYPE SYNTAX SyslogSeverity MAX-ACCESS read-create STATUS current DESCRIPTION "The severity. The syslogCtlSelectionSeverityCompOP will be applied to the severity to decide whether the priority must be included or excluded from the selection for the action. " ::= { syslogCtlSelectionEntry 11 } syslogCtlSelectionStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-create STATUS current DESCRIPTION "This object defines the type of storage in which the parameters defined in this conceptual row stored. Note that the values in this conceptual row MUST be stored in non-volatile storage. Thus, the possible values are nonVolatile(3), permanent(4) and readOnly(5). Conceptual rows having the value 'permanent' need not allow write-access to any columnar objects in the row. " ::= { syslogCtlSelectionEntry 12 } syslogCtlSelectionRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "This object is used to create and delete rows in the syslogCtlSelectionTable. All the columns in this conceptual row MUST have valid values before this column can be assigned the value ''active''. " ::= { syslogCtlSelectionEntry 13 } -- ------------------------------------------------------------- -- syslogCtlActionTable -- ------------------------------------------------------------- -- This table defines the Logging action for a selection from -- syslogCtlSelectionTable (group of rows having the same -- syslogCtlActionIndex). syslogCtlLogActionTable OBJECT-TYPE SYNTAX SEQUENCE OF SyslogCtlLogActionEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table containing Syslog LogAction Entries. Entries within this table with an access level of read- create MUST be considered non-volatile and MUST be maintained across entity resets. " ::= { syslogControl 2 } syslogCtlLogActionEntry OBJECT-TYPE SYNTAX SyslogCtlLogActionEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines the information to generate syslog messages to an aggregating agent or collector. " INDEX { syslogProcIndex, syslogCtlActionIndex} ::= { syslogCtlLogActionTable 1 } SyslogCtlLogActionEntry ::= SEQUENCE { syslogCtlLogActionFileName SnmpAdminString, syslogCtlLogActionStorageType StorageType, syslogCtlLogActionRowStatus RowStatus } syslogCtlLogActionFileName OBJECT-TYPE SYNTAX SnmpAdminString MAX-ACCESS read-create STATUS current DESCRIPTION "The fullpath name of the file in which the message will be logged. This file should be existing before the syslog process attempts to append messages to it. " ::= { syslogCtlLogActionEntry 1 } syslogCtlLogActionStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-create STATUS current DESCRIPTION "This object defines the type of storage in which the parameters defined in this conceptual row stored. Note that the values in this conceptual row MUST be stored in non-volatile storage. Thus, the possible values are nonVolatile(3), permanent(4) and readOnly(5). Conceptual rows having the value 'permanent' need not allow write-access to any columnar objects in the row. " ::= { syslogCtlLogActionEntry 2 } syslogCtlLogActionRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "This object is used to create and delete rows in the syslogCtlLogTable. All the columns in this conceptual row MUST have valid values before this column can be assigned the value ''active''. " ::= { syslogCtlLogActionEntry 3 } -- ------------------------------------------------------------- -- syslogUserActionTable -- ------------------------------------------------------------- -- This table defines the user notification action for a selection -- from syslogCtlSelectionTable (group of rows having the same -- syslogCtlActionIndex). syslogCtlUserActionTable OBJECT-TYPE SYNTAX SEQUENCE OF SyslogCtlUserActionEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table containing list of users to whom a notification will be sent (by displaying the message on the users' console, if the user is logged in. Entries within this table with an access level of read- create MUST be considered non-volatile and MUST be maintained across entity resets. " ::= { syslogControl 3 } syslogCtlUserActionEntry OBJECT-TYPE SYNTAX SyslogCtlUserActionEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry corresponding to the user(s) to whom the message should be notified. " INDEX { syslogProcIndex, syslogCtlActionIndex, syslogCtlUserActionIndex} ::= { syslogCtlUserActionTable 1 } SyslogCtlUserActionEntry ::= SEQUENCE { syslogCtlUserActionIndex Unsigned32, syslogCtlUserActionUserID SnmpAdminString, syslogCtlUserActionStorageType StorageType, syslogCtlUserActionRowStatus RowStatus } syslogCtlUserActionIndex OBJECT-TYPE SYNTAX Unsigned32(1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "An index to uniquely identify the userID among the group of userIDs. " ::= { syslogCtlUserActionEntry 1 } syslogCtlUserActionUserID OBJECT-TYPE SYNTAX SnmpAdminString MAX-ACCESS read-create STATUS current DESCRIPTION "The userid of the user to whom the message will be displayed on the console if, the user is logged in. Note: the userid ''*'' denotes all users. " ::= { syslogCtlUserActionEntry 2 } syslogCtlUserActionStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-create STATUS current DESCRIPTION "This object defines the type of storage in which the parameters defined in this conceptual row stored. Note that the values in this conceptual row MUST be stored in non-volatile storage. Thus, the possible values are nonVolatile(3), permanent(4) and readOnly(5). Conceptual rows having the value 'permanent' need not allow write-access to any columnar objects in the row. " ::= { syslogCtlUserActionEntry 3 } syslogCtlUserActionRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "This object is used to create and delete rows in the syslogCtlUserActionTable. All the columns in this conceptual row MUST have valid values before this column can be assigned the value ''active''. " ::= { syslogCtlUserActionEntry 4 } -- ------------------------------------------------------------- -- syslogCtlFwdAction Table -- ------------------------------------------------------------- -- Each row in this table defines a destination to which the -- message will be forwarded syslogCtlFwdActionTable OBJECT-TYPE SYNTAX SEQUENCE OF SyslogCtlFwdActionEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table containing Syslog collector information. Entries within this table with an access level of read- create MUST be considered non-volatile and MUST be maintained across entity resets. " ::= { syslogControl 4 } syslogCtlFwdActionEntry OBJECT-TYPE SYNTAX SyslogCtlFwdActionEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines the information pertaining to a syslog collector to which a syslog messages will be relayed. " INDEX { syslogProcIndex, syslogCtlActionIndex, syslogCtlFwdActionIndex } ::= { syslogCtlFwdActionTable 1 } SyslogCtlFwdActionEntry ::= SEQUENCE { syslogCtlFwdActionIndex Unsigned32, syslogCtlFwdActionDescr SnmpAdminString, syslogCtlFwdActionSrcAddrType InetAddressType, syslogCtlFwdActionSrcAddr InetAddress, syslogCtlFwdActionDstAddrType InetAddressType, syslogCtlFwdActionDstAddr InetAddress, syslogCtlFwdActionTransport SyslogTransport, syslogCtlFwdActionPort SyslogService, syslogCtlFwdActionFacility SyslogFacility, syslogCtlFwdActionSeverity SyslogSeverity, syslogCtlFwdActionStorageType StorageType, syslogCtlFwdActionRowStatus RowStatus } syslogCtlFwdActionIndex OBJECT-TYPE SYNTAX Unsigned32(1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "A unique identifier for this syslogForwardAction entry." ::= { syslogCtlFwdActionEntry 1 } syslogCtlFwdActionDescr OBJECT-TYPE SYNTAX SnmpAdminString (SIZE(1..64)) MAX-ACCESS read-create STATUS current DESCRIPTION "Administratively assigned textual description of this syslogForwardAction." ::= { syslogCtlFwdActionEntry 2 } syslogCtlFwdActionSrcAddrType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-create STATUS current DESCRIPTION "The type of Internet address which follows in syslogCtlFwdActionSrcAddr. " ::= { syslogCtlFwdActionEntry 3 } syslogCtlFwdActionSrcAddr OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The Internet address that will be used as the source address in the message to the collector. The type of the address is specified in the preceeding syslogCtlFwdActionSrcAddrType object. The use of DNS domain names is discouraged, and agent support for them is optional. Deciding when, and how often, to resolve them is an issue. Not resolving them often enough could lead to loss synchronization with the associated entry in the DNS server, and resolving them too often might lead to significant overhead during critical network events. " ::= { syslogCtlFwdActionEntry 4 } syslogCtlFwdActionDstAddrType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-create STATUS current DESCRIPTION "The type of Internet address which follows in syslogCtlFwdActionDstAddr. " ::= { syslogCtlFwdActionEntry 5 } syslogCtlFwdActionDstAddr OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The Internet address for the Syslog message collector. The type of the address is specified in the preceeding syslogCtlFwdActionAddrDstType object. The use of DNS domain names is discouraged, and agent support for them is optional. Deciding when, and how often, to resolve them is an issue. Not resolving them often enough could lead to loss synchronization with the associated entry in the DNS server, and resolving them too often might lead to significant overhead during critical network events. " ::= { syslogCtlFwdActionEntry 6 } syslogCtlFwdActionTransport OBJECT-TYPE SYNTAX SyslogTransport MAX-ACCESS read-create STATUS current DESCRIPTION "The Transport that will be used to forward the message. " DEFVAL { udp } ::= { syslogCtlFwdActionEntry 7 } syslogCtlFwdActionPort OBJECT-TYPE SYNTAX SyslogService MAX-ACCESS read-create STATUS current DESCRIPTION "The port number on the destination to which the syslog message will be forwarded over the transport specified by syslogCtlFwdActionTransport. " DEFVAL { "514" } ::= { syslogCtlFwdActionEntry 8 } syslogCtlFwdActionFacility OBJECT-TYPE SYNTAX SyslogFacility MAX-ACCESS read-create STATUS current DESCRIPTION "The syslog facility code that will be added to messages forwarded to this collector, if, a priority level is not defined in the received message. " ::= { syslogCtlFwdActionEntry 9 } syslogCtlFwdActionSeverity OBJECT-TYPE SYNTAX SyslogSeverity MAX-ACCESS read-create STATUS current DESCRIPTION "The syslog severity code that will added to messages forwarded to this collector, if, a priority level is not defined in the received message. " ::= { syslogCtlFwdActionEntry 10 } syslogCtlFwdActionStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-create STATUS current DESCRIPTION "This object defines the type of storage in which the parameters defined in this conceptual row stored. Note that the values in this conceptual row MUST be stored in non-volatile storage. Thus, the possible values are nonVolatile(3), permanent(4) and readOnly(5). Conceptual rows having the value 'permanent' need not allow write-access to any columnar objects in the row. " ::= { syslogCtlFwdActionEntry 11 } syslogCtlFwdActionRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "This object is used to create and delete rows in the syslogCtlFwdActionTable. All the columns in this conceptual row MUST have valid values before this column can be assigned the value ''active''. " ::= { syslogCtlFwdActionEntry 12 } -- ------------------------------------------------------------- -- syslogPipeActionTable -- ------------------------------------------------------------- -- This table defines the 'pipe' action for a selection -- from syslogCtlSelectionTable (group of rows having the same -- syslogCtlActionIndex). -- The selected message is piped to the command given in -- the corresponding syslogCtlPipeActionCmd syslogCtlPipeActionTable OBJECT-TYPE SYNTAX SEQUENCE OF SyslogCtlPipeActionEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table containing commands to which selected messages will be piped. " ::= { syslogControl 5 } syslogCtlPipeActionEntry OBJECT-TYPE SYNTAX SyslogCtlPipeActionEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A user to whom the message should be notified. " INDEX { syslogProcIndex, syslogCtlActionIndex} ::= { syslogCtlPipeActionTable 1 } SyslogCtlPipeActionEntry ::= SEQUENCE { syslogCtlPipeActionCmd SnmpAdminString, syslogCtlPipeActionStorageType StorageType, syslogCtlPipeActionRowStatus RowStatus } syslogCtlPipeActionCmd OBJECT-TYPE SYNTAX SnmpAdminString MAX-ACCESS read-create STATUS current DESCRIPTION "The command to which the selected message will be piped. " ::= { syslogCtlPipeActionEntry 1 } syslogCtlPipeActionStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-create STATUS current DESCRIPTION "This object defines the type of storage in which the parameters defined in this conceptual row stored. Note that the values in this conceptual row MUST be stored in non-volatile storage. Thus, the possible values are nonVolatile(3), permanent(4) and readOnly(5). Conceptual rows having the value 'permanent' need not allow write-access to any columnar objects in the row. " ::= { syslogCtlPipeActionEntry 2 } syslogCtlPipeActionRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "This object is used to create and delete rows in the syslogCtlPipeActionTable. All the columns in this conceptual row MUST have valid values before this column can be assigned the value ''active''. " ::= { syslogCtlPipeActionEntry 3 } -- ------------------------------------------------------------- -- Conformance Information -- ------------------------------------------------------------- syslogConformance OBJECT IDENTIFIER ::= { syslogMIB 4 } syslogGroups OBJECT IDENTIFIER ::= { syslogConformance 1 } syslogCompliances OBJECT IDENTIFIER ::= { syslogConformance 2 } -- ------------------------------------------------------------- -- units of conformance -- ------------------------------------------------------------- syslogSystemGroup OBJECT-GROUP OBJECTS { syslogDefaultTransport, syslogDefaultService, syslogDefaultFacility, syslogDefaultSeverity, syslogMaxMessageSize } STATUS current DESCRIPTION "A collection of objects providing system-wide parameters for syslog processes. " ::= { syslogGroups 1} syslogStatsGroup OBJECT-GROUP OBJECTS { -- syslogProcIndex, syslogProcMsgsReceived, syslogProcMsgsRelayed, syslogProcMsgsDropped, syslogProcMsgsIllFormed, syslogProcMsgsIgnored, syslogProcMsgsRejected, syslogProcLastMsgRecdTime, syslogProcLastMsgDeliveredTime, syslogProcStartTime, syslogProcLastError, syslogProcLastErrorTime } STATUS current DESCRIPTION "A collection of objects providing message related statistics." ::= { syslogGroups 2} syslogParamsGroup OBJECT-GROUP OBJECTS { syslogParamsProcDescr, syslogParamsBindAddrType, syslogParamsBindAddr, syslogParamsSendToAllAddresses, syslogParamsCompression, syslogParamsConfFileName, syslogParamsFacilityTranslation, syslogParamsPIDFileName, syslogParamsDNSLookup, syslogParamsSeverityCompOP, syslogParamsSecuritySpecs, syslogParamsProcessStatus, syslogParamsStorageType, syslogParamsRowStatus, syslogAllowedHostsAddressType, syslogAllowedHostsAddress, syslogAllowedHostsMaskLen, syslogAllowedHostsTransport, syslogAllowedHostsPort, syslogAllowedHostsStorageType, syslogAllowedHostsRowStatus } STATUS current DESCRIPTION "A collection of objects representing the run time parameters for the syslog processes. " ::= { syslogGroups 3} syslogControlGroup OBJECT-GROUP OBJECTS { syslogCtlSelectionDescr, syslogCtlSelectionHostNameIncl, syslogCtlSelectionHostName, syslogCtlSelectionProgNameIncl, syslogCtlSelectionProgName, syslogCtlSelectionPriorityIncl, syslogCtlSelectionFacility, syslogCtlSelectionSeverity, syslogCtlSelectionSeverityCompOP, syslogCtlSelectionStorageType, syslogCtlSelectionRowStatus, syslogCtlLogActionFileName, syslogCtlLogActionStorageType, syslogCtlLogActionRowStatus, syslogCtlUserActionUserID, syslogCtlUserActionStorageType, syslogCtlUserActionRowStatus, syslogCtlFwdActionDescr, syslogCtlFwdActionSrcAddrType, syslogCtlFwdActionSrcAddr, syslogCtlFwdActionDstAddrType, syslogCtlFwdActionDstAddr, syslogCtlFwdActionTransport, syslogCtlFwdActionPort, syslogCtlFwdActionFacility, syslogCtlFwdActionSeverity, syslogCtlFwdActionStorageType, syslogCtlFwdActionRowStatus, syslogCtlPipeActionCmd, syslogCtlPipeActionStorageType, syslogCtlPipeActionRowStatus } STATUS current DESCRIPTION "A collection of objects that represent the rules that describe how a message will be selected, and the action(s) that will be carried out on the selected message. " ::= { syslogGroups 4} -- ------------------------------------------------------------- -- compliance statements -- ------------------------------------------------------------- syslogCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for an agent implememting the syslog MIB. " MODULE -- this module MANDATORY-GROUPS { syslogStatsGroup } GROUP syslogSystemGroup DESCRIPTION "The syslogSystemGroup group is mandatory only for agents which support monitoring and control of the syslog system wide parameters. If only monitoring is supported then the corresponding objects must have access read-only. " GROUP syslogParamsGroup DESCRIPTION "The syslogParamsGroup group is mandatory only for agents which support monitoring and/or control of syslog processes. If only monitoring is supported then the corresponding objects must have access read-only. " GROUP syslogControlGroup DESCRIPTION "The syslogControlGroup group is mandatory only for agents which support monitoring and/or control of the rules that describe how a message will be selected and, the action(s) that will be carried out on the selected message. If only monitoring is supported then the corresponding objects must have access read-only. " ::= { syslogCompliances 1 } END -- -- Copyright (C) The Internet Society (2003). All Rights Reserved. -- -- This document and translations of it may be copied and furnished to -- others, and derivative works that comment on or otherwise explain it -- or assist in its implementation may be prepared, copied, published -- and distributed, in whole or in part, without restriction of any -- kind, provided that the above copyright notice and this paragraph are -- included on all such copies and derivative works. However, this -- document itself may not be modified in any way, such as by removing -- the copyright notice or references to the Internet Society or other -- Internet organizations, except as needed for the purpose of -- developing Internet standards in which case the procedures for -- copyrights defined in the Internet Standards process must be -- followed, or as required to translate it into languages other than -- English. -- -- The limited permissions granted above are perpetual and will not be -- revoked by the Internet Society or its successors or assigns. -- -- This document and the information contained herein is provided on an -- "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING -- TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING -- BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION -- HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF -- MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.