%% You should probably cite rfc4765 instead of this I-D.
@techreport{ietf-idwg-idmef-xml-16,
    number =    {draft-ietf-idwg-idmef-xml-16},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-ietf-idwg-idmef-xml/16/},
    author =    {Benjamin Feinstein and David Curry and Herve Debar},
    title =     {{The Intrusion Detection Message Exchange Format (IDMEF)}},
    pagetotal = 157,
    year =      2006,
    month =     mar,
    day =       22,
    abstract =  {The purpose of the Intrusion Detection Message Exchange Format (IDMEF) is to define data formats and exchange procedures for sharing information of interest to intrusion detection and response systems and to the management systems that may need to interact with them. This document describes a data model to represent information exported by intrusion detection systems and explains the rationale for using this model. An implementation of the data model in the Extensible Markup Language (XML) is presented, an XML Document Type Definition is developed, and examples are provided. This memo defines an Experimental Protocol for the Internet community.},
}