From syslog-bounces@ietf.org Tue Apr 1 03:22:47 2008 Return-Path: X-Original-To: syslog-archive@megatron.ietf.org Delivered-To: ietfarch-syslog-archive@core3.amsl.com Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1F8D028C1A5; Tue, 1 Apr 2008 03:22:47 -0700 (PDT) X-Original-To: syslog@core3.amsl.com Delivered-To: syslog@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id AD8393A6C14 for ; Tue, 1 Apr 2008 03:22:45 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.599 X-Spam-Level: X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LZlm+FM2F4xk for ; Tue, 1 Apr 2008 03:22:44 -0700 (PDT) Received: from ind-iport-1.cisco.com (ind-iport-1.cisco.com [64.104.129.195]) by core3.amsl.com (Postfix) with ESMTP id 5D5E33A684E for ; Tue, 1 Apr 2008 03:22:44 -0700 (PDT) Received: from ind-dkim-1.cisco.com ([64.104.140.57]) by ind-iport-1.cisco.com with ESMTP; 01 Apr 2008 15:52:41 +0530 Received: from india-core-1.cisco.com (india-core-1.cisco.com [64.104.129.221]) by ind-dkim-1.cisco.com (8.12.11/8.12.11) with ESMTP id m31AMeKe029891; Tue, 1 Apr 2008 15:52:40 +0530 Received: from xbh-blr-411.apac.cisco.com (xbh-blr-411.cisco.com [64.104.140.150]) by india-core-1.cisco.com (8.13.8/8.13.8) with ESMTP id m31AMZNw019388; Tue, 1 Apr 2008 10:22:39 GMT Received: from xmb-blr-413.apac.cisco.com ([64.104.140.142]) by xbh-blr-411.apac.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Tue, 1 Apr 2008 15:52:36 +0530 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Date: Tue, 1 Apr 2008 15:52:30 +0530 Message-ID: <17C5EB39EAA5E841B06DD76914A3CCF504DB4675@xmb-blr-413.apac.cisco.com> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Syslog Msg to SNMP Notification Conversion Thread-Index: AciT4kq7WPLgHVdYRDCwEcoEP5VcIA== From: "Rohit M (rrohit)" To: , "Chris Lonvick (clonvick)" , , , "Sudhir Vitta (svitta)" , "Anirban Karmakar (akarmaka)" X-OriginalArrivalTime: 01 Apr 2008 10:22:36.0444 (UTC) FILETIME=[4E3AFDC0:01C893E2] DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; l=375; t=1207045360; x=1207909360; c=relaxed/simple; s=inddkim1002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=rrohit@cisco.com; z=From:=20=22Rohit=20M=20(rrohit)=22=20 |Subject:=20Syslog=20Msg=20to=20SNMP=20Notification=20Conve rsion |Sender:=20; bh=6esF4WrS9wfz7evsKsUQxIRJRDuRTsTA/T696CpuS00=; b=HzAUmH00lgA/4fm1bmSSWSSEc2Cb7P7jevTOS/E3vo23lUcXhta9xP7J5W 5OHgilr8h6LURZMnCJyO7uZnmGKEihPJEPNtpRbtGi1x1gjDrPWte/FNr10D zbIXs9nko9; Authentication-Results: ind-dkim-1; header.From=rrohit@cisco.com; dkim=pass ( sig from cisco.com/inddkim1002 verified; ); Subject: [Syslog] Syslog Msg to SNMP Notification Conversion X-BeenThere: syslog@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Security Issues in Network Event Logging List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: syslog-bounces@ietf.org Errors-To: syslog-bounces@ietf.org Hi, SYSLOG MIB doesn't define a Notification which can send syslog message as SNMP Notification. I tend to think we do need to define a SNMP Notification to represent syslog messages and its various fields. Please let me know your opinion about the same or if the syslog group has already discussed this in the past. Thanks Rohit _______________________________________________ Syslog mailing list Syslog@ietf.org https://www.ietf.org/mailman/listinfo/syslog From syslog-bounces@ietf.org Tue Apr 1 03:42:54 2008 Return-Path: X-Original-To: syslog-archive@megatron.ietf.org Delivered-To: ietfarch-syslog-archive@core3.amsl.com Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id EE67328C26E; Tue, 1 Apr 2008 03:42:53 -0700 (PDT) X-Original-To: syslog@core3.amsl.com Delivered-To: syslog@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 77C2B3A6C75 for ; Tue, 1 Apr 2008 03:42:53 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.743 X-Spam-Level: X-Spam-Status: No, score=-1.743 tagged_above=-999 required=5 tests=[AWL=0.506, BAYES_00=-2.599, HELO_EQ_DE=0.35] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id v2jX3bDaZ-yf for ; Tue, 1 Apr 2008 03:42:52 -0700 (PDT) Received: from hermes.jacobs-university.de (hermes.jacobs-university.de [212.201.44.23]) by core3.amsl.com (Postfix) with ESMTP id 73E3F3A6ADF for ; Tue, 1 Apr 2008 03:42:52 -0700 (PDT) Received: from localhost (demetrius.jacobs-university.de [212.201.44.32]) by hermes.jacobs-university.de (Postfix) with ESMTP id DBF708C146; Tue, 1 Apr 2008 12:42:49 +0200 (CEST) Received: from hermes.jacobs-university.de ([212.201.44.23]) by localhost (demetrius.jacobs-university.de [212.201.44.32]) (amavisd-new, port 10024) with ESMTP id 12042-09-2; Tue, 1 Apr 2008 12:42:48 +0200 (CEST) Received: from elstar.local (elstar.iuhb02.iu-bremen.de [10.50.231.133]) by hermes.jacobs-university.de (Postfix) with ESMTP id BD3498A3F7; Tue, 1 Apr 2008 12:42:47 +0200 (CEST) Received: by elstar.local (Postfix, from userid 501) id B4EFF5259E0; Tue, 1 Apr 2008 12:42:46 +0200 (CEST) Date: Tue, 1 Apr 2008 12:42:46 +0200 From: Juergen Schoenwaelder To: "Rohit M (rrohit)" Message-ID: <20080401104246.GA3282@elstar.local> Mail-Followup-To: "Rohit M (rrohit)" , syslog@ietf.org, "Chris Lonvick (clonvick)" , ietfdbh@comcast.net, glenn@cysols.com, "Sudhir Vitta (svitta)" , "Anirban Karmakar (akarmaka)" References: <17C5EB39EAA5E841B06DD76914A3CCF504DB4675@xmb-blr-413.apac.cisco.com> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <17C5EB39EAA5E841B06DD76914A3CCF504DB4675@xmb-blr-413.apac.cisco.com> User-Agent: Mutt/1.5.17 (2007-11-01) X-Virus-Scanned: amavisd-new 2.3.3 (20050822) at jacobs-university.de Cc: "Sudhir Vitta \(svitta\)" , syslog@ietf.org, "Anirban Karmakar \(akarmaka\)" Subject: Re: [Syslog] Syslog Msg to SNMP Notification Conversion X-BeenThere: syslog@ietf.org X-Mailman-Version: 2.1.9 Precedence: list Reply-To: j.schoenwaelder@jacobs-university.de List-Id: Security Issues in Network Event Logging List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: syslog-bounces@ietf.org Errors-To: syslog-bounces@ietf.org On Tue, Apr 01, 2008 at 03:52:30PM +0530, Rohit M (rrohit) wrote: > SYSLOG MIB doesn't define a Notification which can send syslog message > as SNMP Notification. I tend to think we do need to define a SNMP > Notification to represent syslog messages and its various fields. > > Please let me know your opinion about the same or if the > syslog group has already discussed this in the past. This was discussed in the last ops-area meeting. My suggestion is to do this work as an extension of the SYSLOG MIB so that we can move forward in scoped pieces. I can see that implementations might support only the existing SYSLOG MIB or only SYSLOG to SNMP mappings or both or none. So having some modularity might be a good thing. /js -- Juergen Schoenwaelder Jacobs University Bremen gGmbH Phone: +49 421 200 3587 Campus Ring 1, 28759 Bremen, Germany Fax: +49 421 200 3103 _______________________________________________ Syslog mailing list Syslog@ietf.org https://www.ietf.org/mailman/listinfo/syslog From syslog-bounces@ietf.org Tue Apr 1 03:50:22 2008 Return-Path: X-Original-To: syslog-archive@megatron.ietf.org Delivered-To: ietfarch-syslog-archive@core3.amsl.com Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7E4F428C46A; Tue, 1 Apr 2008 03:50:22 -0700 (PDT) X-Original-To: syslog@core3.amsl.com Delivered-To: syslog@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 652CD28C3FA for ; Tue, 1 Apr 2008 03:50:21 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.599 X-Spam-Level: X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 30MJhqTvC-B2 for ; Tue, 1 Apr 2008 03:50:20 -0700 (PDT) Received: from ind-iport-1.cisco.com (ind-iport-1.cisco.com [64.104.129.195]) by core3.amsl.com (Postfix) with ESMTP id 9154F28C48A for ; Tue, 1 Apr 2008 03:50:10 -0700 (PDT) Received: from ind-dkim-1.cisco.com ([64.104.140.57]) by ind-iport-1.cisco.com with ESMTP; 01 Apr 2008 16:20:08 +0530 Received: from india-core-1.cisco.com (india-core-1.cisco.com [64.104.129.221]) by ind-dkim-1.cisco.com (8.12.11/8.12.11) with ESMTP id m31Ao7Aq002383; Tue, 1 Apr 2008 16:20:07 +0530 Received: from xbh-blr-412.apac.cisco.com (xbh-blr-412.cisco.com [64.104.140.149]) by india-core-1.cisco.com (8.13.8/8.13.8) with ESMTP id m31Ao6iJ024973; Tue, 1 Apr 2008 10:50:06 GMT Received: from xmb-blr-413.apac.cisco.com ([64.104.140.142]) by xbh-blr-412.apac.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Tue, 1 Apr 2008 16:20:07 +0530 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Date: Tue, 1 Apr 2008 16:19:57 +0530 Message-ID: <17C5EB39EAA5E841B06DD76914A3CCF504DB4696@xmb-blr-413.apac.cisco.com> In-Reply-To: <20080401104246.GA3282@elstar.local> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: [Syslog] Syslog Msg to SNMP Notification Conversion Thread-Index: AciT5TGpgJwhUimXQJarf88lEqm49QAAIWQA References: <17C5EB39EAA5E841B06DD76914A3CCF504DB4675@xmb-blr-413.apac.cisco.com> <20080401104246.GA3282@elstar.local> From: "Rohit M (rrohit)" To: X-OriginalArrivalTime: 01 Apr 2008 10:50:07.0078 (UTC) FILETIME=[2615C060:01C893E6] DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; l=1730; t=1207047007; x=1207911007; c=relaxed/simple; s=inddkim1002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=rrohit@cisco.com; z=From:=20=22Rohit=20M=20(rrohit)=22=20 |Subject:=20RE=3A=20[Syslog]=20Syslog=20Msg=20to=20SNMP=20N otification=20Conversion |Sender:=20; bh=S8HnVauL84zlqBn6HIOVsufFfHraox/mlgIaGSe6rTs=; b=TfR7YOSYmCRsd1etS7YLuU3y1sz2dqpi42OCdK6eq3icNMzHnV5fDl5kj5 9Bxn3MR1ZJQLqjnIFGHRllYM5LaJsrztO1yNUiVANdMu5b3763xrsg4CCCFP 9+b1tVyhf/; Authentication-Results: ind-dkim-1; header.From=rrohit@cisco.com; dkim=pass ( sig from cisco.com/inddkim1002 verified; ); Cc: "Sudhir Vitta \(svitta\)" , syslog@ietf.org, "Anirban Karmakar \(akarmaka\)" Subject: Re: [Syslog] Syslog Msg to SNMP Notification Conversion X-BeenThere: syslog@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Security Issues in Network Event Logging List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: syslog-bounces@ietf.org Errors-To: syslog-bounces@ietf.org Hi Jeurgen, Thanks for your response. I am thinking in terms of defining a SYSLOG-NOTIF-MIB which will define Syslog Notification (which will represent a syslog message) and also other details about the varbinds for the same. Just wanted to check with the group before we really start working on this. Thanks Rohit -----Original Message----- From: Juergen Schoenwaelder [mailto:j.schoenwaelder@jacobs-university.de] Sent: Tuesday, April 01, 2008 4:13 PM To: Rohit M (rrohit) Cc: syslog@ietf.org; Chris Lonvick (clonvick); ietfdbh@comcast.net; glenn@cysols.com; Sudhir Vitta (svitta); Anirban Karmakar (akarmaka) Subject: Re: [Syslog] Syslog Msg to SNMP Notification Conversion On Tue, Apr 01, 2008 at 03:52:30PM +0530, Rohit M (rrohit) wrote: > SYSLOG MIB doesn't define a Notification which can send syslog message > as SNMP Notification. I tend to think we do need to define a SNMP > Notification to represent syslog messages and its various fields. > > Please let me know your opinion about the same or if the > syslog group has already discussed this in the past. This was discussed in the last ops-area meeting. My suggestion is to do this work as an extension of the SYSLOG MIB so that we can move forward in scoped pieces. I can see that implementations might support only the existing SYSLOG MIB or only SYSLOG to SNMP mappings or both or none. So having some modularity might be a good thing. /js -- Juergen Schoenwaelder Jacobs University Bremen gGmbH Phone: +49 421 200 3587 Campus Ring 1, 28759 Bremen, Germany Fax: +49 421 200 3103 _______________________________________________ Syslog mailing list Syslog@ietf.org https://www.ietf.org/mailman/listinfo/syslog From syslog-bounces@ietf.org Tue Apr 1 03:57:55 2008 Return-Path: X-Original-To: syslog-archive@megatron.ietf.org Delivered-To: ietfarch-syslog-archive@core3.amsl.com Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A472D28C1E7; Tue, 1 Apr 2008 03:57:55 -0700 (PDT) X-Original-To: syslog@core3.amsl.com Delivered-To: syslog@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3DA4E28C12B for ; Tue, 1 Apr 2008 03:57:55 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id caLzy86MdV+w for ; Tue, 1 Apr 2008 03:57:54 -0700 (PDT) Received: from mailin.adiscon.com (hetzner.adiscon.com [85.10.198.18]) by core3.amsl.com (Postfix) with ESMTP id B826828C3BF for ; Tue, 1 Apr 2008 03:57:53 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by mailin.adiscon.com (Postfix) with ESMTP id F27677AD3EF; Tue, 1 Apr 2008 12:57:49 +0200 (CEST) Received: from mailin.adiscon.com ([127.0.0.1]) by localhost (localhost [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pQZI5I6a54Eq; Tue, 1 Apr 2008 12:57:49 +0200 (CEST) Received: from grfint2.intern.adiscon.com (p50989a7c.dip0.t-ipconnect.de [80.152.154.124]) by mailin.adiscon.com (Postfix) with ESMTP id B24167AD3DA; Tue, 1 Apr 2008 12:57:49 +0200 (CEST) Content-class: urn:content-classes:message MIME-Version: 1.0 X-MimeOLE: Produced By Microsoft Exchange V6.5 Date: Tue, 1 Apr 2008 12:57:48 +0200 Message-ID: <577465F99B41C842AAFBE9ED71E70ABA308CD0@grfint2.intern.adiscon.com> In-Reply-To: <17C5EB39EAA5E841B06DD76914A3CCF504DB4696@xmb-blr-413.apac.cisco.com> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: [Syslog] Syslog Msg to SNMP Notification Conversion Thread-Index: AciT5TGpgJwhUimXQJarf88lEqm49QAAIWQAAABHc/A= References: <17C5EB39EAA5E841B06DD76914A3CCF504DB4675@xmb-blr-413.apac.cisco.com><20080401104246.GA3282@elstar.local> <17C5EB39EAA5E841B06DD76914A3CCF504DB4696@xmb-blr-413.apac.cisco.com> From: "Rainer Gerhards" To: "Rohit M (rrohit)" , Cc: "Sudhir Vitta \(svitta\)" , syslog@ietf.org, "Anirban Karmakar \(akarmaka\)" Subject: Re: [Syslog] Syslog Msg to SNMP Notification Conversion X-BeenThere: syslog@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Security Issues in Network Event Logging List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: syslog-bounces@ietf.org Errors-To: syslog-bounces@ietf.org Hi Rohit, this was discussed, but (as usual in the syslog-wg) got bogged down. Having such a mib would definitely useful, much more than the counters. We've resorted to defining our own [1]. Previously, I think, we used Cisco's so it looks like you are going to try get it some more up to the standards? Rainer [1] rsyslog (and other rsyslog products) emit snmp traps based on syslog messages. You can find it down in the description of the trap sender: http://www.rsyslog.com/doc-omsnmp.html > -----Original Message----- > From: syslog-bounces@ietf.org [mailto:syslog-bounces@ietf.org] On > Behalf Of Rohit M (rrohit) > Sent: Tuesday, April 01, 2008 12:50 PM > To: j.schoenwaelder@jacobs-university.de > Cc: Sudhir Vitta (svitta); syslog@ietf.org; Anirban Karmakar (akarmaka) > Subject: Re: [Syslog] Syslog Msg to SNMP Notification Conversion > > Hi Jeurgen, > > Thanks for your response. > > I am thinking in terms of defining a SYSLOG-NOTIF-MIB which > will define Syslog Notification (which will represent a > syslog message) and also other details about the varbinds > for the same. Just wanted to check with the group before > we really start working on this. > > Thanks > Rohit > > > > > > -----Original Message----- > From: Juergen Schoenwaelder > [mailto:j.schoenwaelder@jacobs-university.de] > Sent: Tuesday, April 01, 2008 4:13 PM > To: Rohit M (rrohit) > Cc: syslog@ietf.org; Chris Lonvick (clonvick); ietfdbh@comcast.net; > glenn@cysols.com; Sudhir Vitta (svitta); Anirban Karmakar (akarmaka) > Subject: Re: [Syslog] Syslog Msg to SNMP Notification Conversion > > On Tue, Apr 01, 2008 at 03:52:30PM +0530, Rohit M (rrohit) wrote: > > > SYSLOG MIB doesn't define a Notification which can send syslog > message > > as SNMP Notification. I tend to think we do need to define a SNMP > > Notification to represent syslog messages and its various fields. > > > > Please let me know your opinion about the same or if the > > syslog group has already discussed this in the past. > > This was discussed in the last ops-area meeting. My suggestion is to do > this work as an extension of the SYSLOG MIB so that we can move forward > in scoped pieces. I can see that implementations might support only the > existing SYSLOG MIB or only SYSLOG to SNMP mappings or both or none. So > having some modularity might be a good thing. > > /js > > -- > Juergen Schoenwaelder Jacobs University Bremen gGmbH > Phone: +49 421 200 3587 Campus Ring 1, 28759 Bremen, Germany > Fax: +49 421 200 3103 > _______________________________________________ > Syslog mailing list > Syslog@ietf.org > https://www.ietf.org/mailman/listinfo/syslog _______________________________________________ Syslog mailing list Syslog@ietf.org https://www.ietf.org/mailman/listinfo/syslog From syslog-bounces@ietf.org Tue Apr 1 07:45:43 2008 Return-Path: X-Original-To: syslog-archive@megatron.ietf.org Delivered-To: ietfarch-syslog-archive@core3.amsl.com Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0D5E53A6B7E; Tue, 1 Apr 2008 07:45:43 -0700 (PDT) X-Original-To: syslog@core3.amsl.com Delivered-To: syslog@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id ABF2C28C4A2 for ; Tue, 1 Apr 2008 07:45:41 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.09 X-Spam-Level: X-Spam-Status: No, score=-0.09 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_JP=1.244, HOST_EQ_JP=1.265] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1Tf5Q0dlwA7i for ; Tue, 1 Apr 2008 07:45:36 -0700 (PDT) Received: from aso.priv.cysol.co.jp (niseko.cysol.co.jp [210.233.3.236]) by core3.amsl.com (Postfix) with ESMTP id 90C963A6B51 for ; Tue, 1 Apr 2008 07:45:30 -0700 (PDT) Received: from [127.0.0.1] (cysvpn11.priv.cysol.co.jp [192.168.0.98]) by aso.priv.cysol.co.jp (8.14.2/8.13.8) with ESMTP id m31EiO15074939; Tue, 1 Apr 2008 23:44:26 +0900 (JST) (envelope-from glenn@cysols.com) Message-ID: <47F24A47.2000701@cysols.com> Date: Tue, 01 Apr 2008 23:44:23 +0900 From: "Glenn M. Keeni" User-Agent: Thunderbird 2.0.0.12 (Windows/20080213) MIME-Version: 1.0 To: "Rohit M (rrohit)" References: <17C5EB39EAA5E841B06DD76914A3CCF504DB4675@xmb-blr-413.apac.cisco.com> In-Reply-To: <17C5EB39EAA5E841B06DD76914A3CCF504DB4675@xmb-blr-413.apac.cisco.com> Cc: "Sudhir Vitta \(svitta\)" , syslog@ietf.org, "Anirban Karmakar \(akarmaka\)" Subject: Re: [Syslog] Syslog Msg to SNMP Notification Conversion X-BeenThere: syslog@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Security Issues in Network Event Logging List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: syslog-bounces@ietf.org Errors-To: syslog-bounces@ietf.org Rohit, That is right. The SyslogMIB is intended for monitoring Syslog devices/processes. The Notifications in this MIB are for notifying changes in the status of syslog device/process. These are not Syslog messages. An SNMP notification for Syslog will be interesting. Glenn Rohit M (rrohit) wrote: > Hi, > > SYSLOG MIB doesn't define a Notification which can send syslog message > as SNMP Notification. I tend to think we do need to define a SNMP > Notification to represent syslog messages and its various fields. > > Please let me know your opinion about the same or if the > syslog group has already discussed this in the past. > > Thanks > Rohit _______________________________________________ Syslog mailing list Syslog@ietf.org https://www.ietf.org/mailman/listinfo/syslog