Hi Folks,
For those of you who didn't make it, Minneapolis was a good time.
I was able to talk to Eric Allman for a while and he reviewed
syslog-syslog-06 and made some comments. I spent some time with
those and have produced syslog-syslog-07 combining the prior
edits along with some new ones. I've just submitted it to the
Draft Editors today. Since I did make those additional changes,
I feel it is right to put this up for a last round of reviews by
the working group. Let's go for one week from the time it is
announced to be in the ID repository as the changes are small.
I also got a chance to talk to Jeff Schiller about this. He is
ready to review it with the IESG but mentioned that they are
being picky about some things. One of the newly enforced items
is a required section on IANA considerations. ..so I added that
as well.
Changes between -06 and -07:
Section 3: I've added words to explicitly state that relays can
act as collectors when they receive a message but don't forward
it. They're still called relays in Diagram 1. Also, relays
can act as devices when they generate messages and send them to
a relay or collector. They are also still called relays in the
diagram.
Section 4: syslog messges on the wire are not required to have a
PRI part and I plainly stated that here and I've changed Example
2 to show that.
Section 4.1: I changed the Facility Codes to be sequenced numbers
(0,1,2,3, etc.) rather than the multiples of 8 (0,8,16,24, etc.).
I also noted that the way to calculate the Priority value is to
multiply the Facility code by 8 and then add the Severity value.
This looks more like the way it is coded in most systems that have
syslog, rather than what we see on the wire. (Eric didn't say
that I should change that, just rather that it looks a bit more
visually pleasing.)
Section 4.2: Edited for clarity and removed some extraneous
sentences.
Section 4.2.3: I explicitly named the dotted decimal format that
must be used if the IP address is used in the HOSTNAME field.
Since I was on a roll, I mentioned that any valid format from
RFC-2373 may be used to denote IPv6 addresses in that field.
Section 5.1: Eric suggested placing a note in there about methods
to add a year field to stored timestamps in the records.
Section 5.4: I changed example 2 as noted above with further
explanation.
Section 6: I condensed this and removed references to specific
problems from this "intro" part. I then expanded Section 6.2
to include 2 subsections on "Authentication Problems" and
"Message Forgery".
Section 7 (new): IANA Considerations. Instructions to IANA are:
- 514/udp is reserved for syslog
- anyone can use the "name space" described for the Facility and
Severity values; it will not be controlled. (See RFC-2434 for
details.)
Please look over syslog-syslog-07 when it is posted and send in
any comments to the list.
Thanks,
Chris
[Replying to this will go to the WG list.]
[Please send to [EMAIL PROTECTED] if you]
[wish to reply directly to me. ]
