datatracker.ietf.org
Sign in
Version 5.6.2.p2, 2014-07-24
Report a bug

Mapping Simple Network Management Protocol (SNMP) Notifications to SYSLOG Messages
RFC 5675

Network Working Group                                         V. Marinov
Request for Comments: 5675                              J. Schoenwaelder
Category: Standards Track                       Jacobs University Bremen
                                                            October 2009

           Mapping Simple Network Management Protocol (SNMP)
                    Notifications to SYSLOG Messages

Abstract

   This memo defines a mapping from Simple Network Management Protocol
   (SNMP) notifications to SYSLOG messages.

Status of This Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

Copyright Notice

   Copyright (c) 2009 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the BSD License.

Marinov & Schoenwaelder     Standards Track                     [Page 1]
RFC 5675          Mapping SNMP Notifications to SYSLOG      October 2009

Table of Contents

   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  2
     1.1.  Conventions  . . . . . . . . . . . . . . . . . . . . . . .  2
   2.  Background . . . . . . . . . . . . . . . . . . . . . . . . . .  3
     2.1.  SNMP Notifications . . . . . . . . . . . . . . . . . . . .  3
     2.2.  SYSLOG Notifications . . . . . . . . . . . . . . . . . . .  5
   3.  Mapping SNMP Notifications to SYSLOG Messages  . . . . . . . .  5
     3.1.  SYSLOG Header  . . . . . . . . . . . . . . . . . . . . . .  6
     3.2.  Structured Data  . . . . . . . . . . . . . . . . . . . . .  7
     3.3.  MSG Data . . . . . . . . . . . . . . . . . . . . . . . . .  9
   4.  Relationship to the SYSLOG-MSG-MIB . . . . . . . . . . . . . . 10
   5.  Usage Example  . . . . . . . . . . . . . . . . . . . . . . . . 10
   6.  IANA Considerations  . . . . . . . . . . . . . . . . . . . . . 12
   7.  Security Considerations  . . . . . . . . . . . . . . . . . . . 13
   8.  Acknowledgments  . . . . . . . . . . . . . . . . . . . . . . . 13
   9.  References . . . . . . . . . . . . . . . . . . . . . . . . . . 13
     9.1.  Normative References . . . . . . . . . . . . . . . . . . . 13
     9.2.  Informative References . . . . . . . . . . . . . . . . . . 14

1.  Introduction

   SNMP and SYSLOG are two widely used protocols to communicate event
   notifications.  Although co-existence of several management protocols
   in one operational environment is possible, certain environments
   require that all event notifications be collected by a single system
   daemon, such as a SYSLOG collector or an SNMP notification receiver,
   via a single management protocol.  In such environments, it is
   necessary to translate event notifications between management
   protocols.

   The latest version of SYSLOG, specified in [RFC5424], supports a
   structured data element format.  Structured data elements allow us to
   map between SNMP notifications and SYSLOG messages without losing
   information.  In this memo, we specify a concrete mapping from SNMP
   event notifications [RFC3416] into SYSLOG messages [RFC5424].  We
   specify how the SYSLOG message format should be utilized to carry the
   information contained in an SNMP notification message.  A new SYSLOG
   structured data element is defined, which carries the PDU portion of
   an SNMP notification message.

1.1.  Conventions

   A system that has the capability of receiving SNMP notification
   messages from an SNMP notification originator and sending the SNMP
   data contained inside in a SYSLOG message format to a SYSLOG
   collector is referred to in this memo as an "SNMP-to-SYSLOG
   translator".  By definition, such a system should have an SNMP

Marinov & Schoenwaelder     Standards Track                     [Page 2]
RFC 5675          Mapping SNMP Notifications to SYSLOG      October 2009

   notification receiver application and a SYSLOG originator running in
   order to be able to perform the functions of an "SNMP-to-SYSLOG

[include full document text]