logging in or signing up IETF56 SyslogMIB dinesh Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 35 Category: Entertainment License: All Rights Reserved Like it (1) Dislike it (0) Added: July 20, 2007 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript Slide1: Glenn Mansfield Keeni SysLog-MIB Syslog-WG, IETF-56 March, 2003 Purpose: Purpose Monitoring Syslog operation : Stats on messages, received, processed, relayed System wide Parameters, (Process-wise) Message selection and actions (Process-wise) run-time parameters Configuring/Control Syslog processes Syslog : Syslog man pages- syslogd, syslog.conf, syslog RFC3164 The MIB Design: The MIB Design syslog System Group syslog Process Group syslog Control Group System Group: System Group DefaultTransport DefaultService DefaultFacility DefaultSeverity MaxMessageSize Syslog Process Group: Syslog Process Group Process Table [syslogProcessIndex] Params Table [syslogProcessIndex] Allowed Hosts Table [syslogProcessIndex] Process Table [syslogProcessIndex]: Process Table [syslogProcessIndex] MsgsReceived MsgsRelayed MsgsDropped MsgsIllFormed MsgsIgnored MsgsRejected LastMsgRecdTime LastMsgDeliveredTime StartTime LastError LastErrorTime Params Table [syslogProcessIndex]: Params Table [syslogProcessIndex] ProcDescr BindAddrType BindAddr SendToAllAddresses Compression ConfFileName FacilityTranslation PIDFileName DNSLookUp SeverityCompOp SecuritySpecs ProcessStatus* ProcessStorageType RowStatus *Process Start/Stop Allowed Hosts Table [syslogProcessIndex]: Allowed Hosts Table [syslogProcessIndex] HostsAddrType HostsAddr HostsMaskLen HostsTransport HostsPort RowStatus syslog Control Group cf. syslog.conf: syslog Control Group cf. syslog.conf Selection Action Selection: list of facility:level Actions: log, display, relay, pipe Selection and Action: Selection and Action Selection Log Action User Action Relay Action Pipe Action Selection Table [syslogProcessIndex, ActionIndex, SelectionIndex]: Selection Table [syslogProcessIndex, ActionIndex, SelectionIndex] ActionIndex SelectionIndex Descr HostNameIncl HostName ProgNameIncl ProgName PriorityIncl Facility Severity SeverityCompOP RowStatus Action Tables: Action Tables UserActionTable [ProcessIndex,ActionIndex,UserActionIndex] FwdActionTable [ProcessIndex,ActionIndex,FwdActionIndex] PipeActionTable [ProcessIndex,ActionIndex] LogActionTable [ProcessIndex,ActionIndex] Slide14: Log Action Table [syslogProcessIndex, ActionIndex]: Log Action Table [syslogProcessIndex, ActionIndex] LogActionFileName RowStatus User Action Table [syslogProcessIndex, ActionIndex, UserActionIndex]: User Action Table [syslogProcessIndex, ActionIndex, UserActionIndex] UserActionIndex UserID RowStatus Fwd Action Table [syslogProcessIndex, ActionIndex, FwdActionIndex]: Fwd Action Table [syslogProcessIndex, ActionIndex, FwdActionIndex] FwdActionIndex ActionDescr SrcAddrType SrcAddr DstAddrType DstAddr Transport Port Facility Severity RowStatus Pipe Action Table [syslogProcessIndex, ActionIndex]: Pipe Action Table [syslogProcessIndex, ActionIndex] PipeActionCommand RowStatus Security Considerations(SET): Security Considerations(SET) ParamsTable : Configure, Start/Stop AllowedHostsTable: Loss/Flood of messages AllowedHostsTable: Loss/Flood of messages Selection Table: Loss of Messaages Log Action Table: Loss of messages UserActionTable: Spam a user’s console FwdActionTable: Attack a collector PipeActionTable: Invoke 'sh' commands Security Considerations (GET): Security Considerations (GET) ProcTable : Counters may reveal IDS info The draft: The draft draft-ietf-syslog-device-mib-03.txt To Be Done: To Be Done DESCRIPTION clauses Editorial nits REFERENCE clauses Implement SET requirements You do not have the permission to view this presentation. In order to view it, please contact the author of the presentation.
IETF56 SyslogMIB dinesh Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 35 Category: Entertainment License: All Rights Reserved Like it (1) Dislike it (0) Added: July 20, 2007 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript Slide1: Glenn Mansfield Keeni SysLog-MIB Syslog-WG, IETF-56 March, 2003 Purpose: Purpose Monitoring Syslog operation : Stats on messages, received, processed, relayed System wide Parameters, (Process-wise) Message selection and actions (Process-wise) run-time parameters Configuring/Control Syslog processes Syslog : Syslog man pages- syslogd, syslog.conf, syslog RFC3164 The MIB Design: The MIB Design syslog System Group syslog Process Group syslog Control Group System Group: System Group DefaultTransport DefaultService DefaultFacility DefaultSeverity MaxMessageSize Syslog Process Group: Syslog Process Group Process Table [syslogProcessIndex] Params Table [syslogProcessIndex] Allowed Hosts Table [syslogProcessIndex] Process Table [syslogProcessIndex]: Process Table [syslogProcessIndex] MsgsReceived MsgsRelayed MsgsDropped MsgsIllFormed MsgsIgnored MsgsRejected LastMsgRecdTime LastMsgDeliveredTime StartTime LastError LastErrorTime Params Table [syslogProcessIndex]: Params Table [syslogProcessIndex] ProcDescr BindAddrType BindAddr SendToAllAddresses Compression ConfFileName FacilityTranslation PIDFileName DNSLookUp SeverityCompOp SecuritySpecs ProcessStatus* ProcessStorageType RowStatus *Process Start/Stop Allowed Hosts Table [syslogProcessIndex]: Allowed Hosts Table [syslogProcessIndex] HostsAddrType HostsAddr HostsMaskLen HostsTransport HostsPort RowStatus syslog Control Group cf. syslog.conf: syslog Control Group cf. syslog.conf Selection Action Selection: list of facility:level Actions: log, display, relay, pipe Selection and Action: Selection and Action Selection Log Action User Action Relay Action Pipe Action Selection Table [syslogProcessIndex, ActionIndex, SelectionIndex]: Selection Table [syslogProcessIndex, ActionIndex, SelectionIndex] ActionIndex SelectionIndex Descr HostNameIncl HostName ProgNameIncl ProgName PriorityIncl Facility Severity SeverityCompOP RowStatus Action Tables: Action Tables UserActionTable [ProcessIndex,ActionIndex,UserActionIndex] FwdActionTable [ProcessIndex,ActionIndex,FwdActionIndex] PipeActionTable [ProcessIndex,ActionIndex] LogActionTable [ProcessIndex,ActionIndex] Slide14: Log Action Table [syslogProcessIndex, ActionIndex]: Log Action Table [syslogProcessIndex, ActionIndex] LogActionFileName RowStatus User Action Table [syslogProcessIndex, ActionIndex, UserActionIndex]: User Action Table [syslogProcessIndex, ActionIndex, UserActionIndex] UserActionIndex UserID RowStatus Fwd Action Table [syslogProcessIndex, ActionIndex, FwdActionIndex]: Fwd Action Table [syslogProcessIndex, ActionIndex, FwdActionIndex] FwdActionIndex ActionDescr SrcAddrType SrcAddr DstAddrType DstAddr Transport Port Facility Severity RowStatus Pipe Action Table [syslogProcessIndex, ActionIndex]: Pipe Action Table [syslogProcessIndex, ActionIndex] PipeActionCommand RowStatus Security Considerations(SET): Security Considerations(SET) ParamsTable : Configure, Start/Stop AllowedHostsTable: Loss/Flood of messages AllowedHostsTable: Loss/Flood of messages Selection Table: Loss of Messaages Log Action Table: Loss of messages UserActionTable: Spam a user’s console FwdActionTable: Attack a collector PipeActionTable: Invoke 'sh' commands Security Considerations (GET): Security Considerations (GET) ProcTable : Counters may reveal IDS info The draft: The draft draft-ietf-syslog-device-mib-03.txt To Be Done: To Be Done DESCRIPTION clauses Editorial nits REFERENCE clauses Implement SET requirements