Re: [netmod] Alexey Melnikov's No Objection on draft-ietf-netmod-syslog-model-23: (with COMMENT)

"Clyde Wildes (cwildes)" <cwildes@cisco.com> Wed, 14 March 2018 21:04 UTC

Return-Path: <cwildes@cisco.com>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A70A1127337; Wed, 14 Mar 2018 14:04:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.531
X-Spam-Level:
X-Spam-Status: No, score=-14.531 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hDk8mv4YOWAL; Wed, 14 Mar 2018 14:04:30 -0700 (PDT)
Received: from alln-iport-3.cisco.com (alln-iport-3.cisco.com [173.37.142.90]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 16775126CC4; Wed, 14 Mar 2018 14:04:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=3330; q=dns/txt; s=iport; t=1521061470; x=1522271070; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=bn1+C6EQuKtqEdHMJIdCkm/c9OcvoAoDbdAI8UWTiwg=; b=kZ7Ti6GxBW58K5PWct9jDOSYngBK3RROoDx1RxqKhU6P4VeGNiQakOLE G8sbfel7BPkGhVbRGAlLc5nEuUE6IZ3a10eWqeN3xyq2zmyQxXg9Qp/zR H8IVzTNT+xGHfGL6O+xQj24BJkMS4gkEkXy2hTZJvGkZB7ETrww/IkAnb Y=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0APAQDijKla/4sNJK1eGQEBAQEBAQEBA?= =?us-ascii?q?QEBAQcBAQEBAYNQgVUoCoNGihqNdIIDgRaUNoITCoUQAhqDDCE0GAECAQEBAQE?= =?us-ascii?q?BAmsohSUBAQEBAgEjBA1FEAIBCA4KAgImAgICMBUQAgQBDQWFEAiuBoFsOohkg?= =?us-ascii?q?gyBDYQhghSBVIF8gniFBoMIMIIyBIgdhVSMYwkCkF6BY4x4h3aJLwIREwGBKwE?= =?us-ascii?q?eOIFScBVkAYIYgmWOCneOTYEYAQEB?=
X-IronPort-AV: E=Sophos;i="5.48,307,1517875200"; d="scan'208";a="84270956"
Received: from alln-core-6.cisco.com ([173.36.13.139]) by alln-iport-3.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 14 Mar 2018 21:04:29 +0000
Received: from XCH-RCD-012.cisco.com (xch-rcd-012.cisco.com [173.37.102.22]) by alln-core-6.cisco.com (8.14.5/8.14.5) with ESMTP id w2EL4Tpm026751 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Wed, 14 Mar 2018 21:04:29 GMT
Received: from xch-aln-015.cisco.com (173.36.7.25) by XCH-RCD-012.cisco.com (173.37.102.22) with Microsoft SMTP Server (TLS) id 15.0.1320.4; Wed, 14 Mar 2018 16:04:28 -0500
Received: from xch-aln-015.cisco.com ([173.36.7.25]) by XCH-ALN-015.cisco.com ([173.36.7.25]) with mapi id 15.00.1320.000; Wed, 14 Mar 2018 16:04:28 -0500
From: "Clyde Wildes (cwildes)" <cwildes@cisco.com>
To: Alexey Melnikov <aamelnikov@fastmail.fm>, The IESG <iesg@ietf.org>
CC: "draft-ietf-netmod-syslog-model@ietf.org" <draft-ietf-netmod-syslog-model@ietf.org>, Lou Berger <lberger@labn.net>, Kent Watsen <kwatsen@juniper.net>, "netmod-chairs@ietf.org" <netmod-chairs@ietf.org>, "netmod@ietf.org" <netmod@ietf.org>
Thread-Topic: Alexey Melnikov's No Objection on draft-ietf-netmod-syslog-model-23: (with COMMENT)
Thread-Index: AQHTtYacyLUWCgNeHUaIa29OTtsJ0KPHQm0AgAEhWACACDUTAA==
Date: Wed, 14 Mar 2018 21:04:28 +0000
Message-ID: <D5EEDB28-E5A1-40B6-B2A9-CDF282372FAD@cisco.com>
References: <152036678480.28267.2878978732820211120.idtracker@ietfa.amsl.com> <BF7BE65C-518F-4789-AE3B-9C7B3E5CE9BF@cisco.com> <1520606666.3093526.1297375920.65A6D407@webmail.messagingengine.com>
In-Reply-To: <1520606666.3093526.1297375920.65A6D407@webmail.messagingengine.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.20.145.4]
Content-Type: text/plain; charset="utf-8"
Content-ID: <FBD86C792791B445B031F80696E9704D@emea.cisco.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/YRjmsYK1dA10Wh1UXfST3_t3Ijg>
Subject: Re: [netmod] Alexey Melnikov's No Objection on draft-ietf-netmod-syslog-model-23: (with COMMENT)
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Mar 2018 21:04:32 -0000

Alexey,

I believe that I have addressed both of your concerns in the about to be published draft.

Thanks,

Clyde

On 3/9/18, 6:44 AM, "Alexey Melnikov" <aamelnikov@fastmail.fm> wrote:

    Hi Clyde,
    
    On Thu, Mar 8, 2018, at 9:28 PM, Clyde Wildes (cwildes) wrote:
    > Alexey,
    > 
    > Your minor comments are addressed below…
    > 
    > On 3/6/18, 12:06 PM, "Alexey Melnikov" <aamelnikov@fastmail.fm> wrote:
    > >     
    >     ----------------------------------------------------------------------
    >     COMMENT:
    >     ----------------------------------------------------------------------
    >     
    >     Thank you for this document.
    >     
    >     I also prefer for TCP to be documented, if used in real world.
    >     
    >     Some minor comments:
    
    
    >     2) On page 19:
    >     
    >     Example: compare->equals and action->no-match means
    >     messages that have a severity that is not equal to the
    >     specified severity will be logged.";
    >     
    >     Do you mean "action->block" instead of "action->no-match"?
    > 
    > [clw] An equals compare with action no-match means log the message, not 
    > block it.
    
    Your document only talks about "action->no-match" in one place in the example. Has terminology changes over years and you forgot to update the example?
    
    It is possible I am confused here.
    
    >     
    >     3) When logging to file: how is the file name constructed from the 
    > name file:
    >     URI if multiple files are preserved by the system? E.g. if the log 
    > file is
    >     rotated daily and 5 last files are preserved, how does each 
    > individual filename
    >     look? If I understood how this is used, this needs more 
    > clarification.
    > 
    > [clw] We decided to leave this for the implementer as file systems may 
    > be different for different implementations.
    
    I think you should clarify in the document what is the purpose of filename and say something about the above. I appreciate that this might not be needed for interoperability, but what you have in the document doesn't provide enough details to implement this aspect. Even saying that implementations can derive log specific filenames from the base one instead of saying nothing would be better.
    
    Thank you,
    Alexey