Presentation is loading. Please wait.

Presentation is loading. Please wait.

Common Log Format (CLF) DISPATCH ad hoc – IETF 75 Spencer Dawkins Theo Zourzouvillys

Published byFrank Gibson Modified over 8 years ago

Similar presentations

Presentation on theme: "Common Log Format (CLF) DISPATCH ad hoc – IETF 75 Spencer Dawkins Theo Zourzouvillys"— Presentation transcript:

1 Common Log Format (CLF) DISPATCH ad hoc – IETF 75 Spencer Dawkins spencer@wonderhamster.org Theo Zourzouvillys theo@voip.co.uk

2 SIP-CLF DISPATCH ad hoc IETF 752 Remote Logistics Mailing List: –https://www.ietf.org/mailman/listinfo/sip-clfhttps://www.ietf.org/mailman/listinfo/sip-clf mp3 Feed: SPEAK INTO THE MICROPHONE!!! –http://feed.verilan.com/ietf/stream05.m3uhttp://feed.verilan.com/ietf/stream05.m3u –Jabber Server: jabber.ietf.org –Room: dispatch –xmpp:dispatch@jabber.ietf.org?join –Logs: http://www.ietf.org/meetings/ietf-logs/dispatch/http://www.ietf.org/meetings/ietf-logs/dispatch/ Meeting Materials (Presentations, Agenda, etc.) –https://datatracker.ietf.org/public/meeting_materials.c gi?meeting_num=75https://datatracker.ietf.org/public/meeting_materials.c gi?meeting_num=75

3 SIP-CLF DISPATCH ad hoc IETF 753 Scribes and Transcribes Note Takers Jabber Scribe

4 SIP-CLF DISPATCH ad hoc IETF 754 Note Well (1) Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet-Draft or RFC and any statement made within the context of an IETF activity is considered an "IETF Contribution". Such statements include oral statements in IETF sessions, as well as written and electronic communications made at any time or place, which are addressed to: –the IETF plenary session, –the IESG or any member thereof on behalf of the IESG, –any IETF mailing list, including the IETF list itself, any working group or design team list, or any other list functioning under IETF auspices, –any IETF working group or portion thereof, –the IAB or any member thereof on behalf of the IAB, or –the RFC Editor or the Internet-Drafts function

5 SIP-CLF DISPATCH ad hoc IETF 755 Note Well (2) All IETF Contributions are subject to the rules of RFC 5378 and RFC 3979 (updated by RFC 4879). Statements made outside of an IETF session, mailing list or other function, that are clearly not intended to be input to an IETF activity, group or function, are not IETF Contributions in the context of this notice. Please consult RFC 5378 and RFC 3979 for details. A participant in any IETF activity is deemed to accept all IETF rules of process, as documented in Best Current Practices RFCs and IESG Statements. A participant in any IETF activity acknowledges that written, audio and video records of meetings may be made and may be available to the public

6 SIP-CLF DISPATCH ad hoc IETF 756 Agenda Agenda Bash5 minutes Goals for this ad hoc5 minutes Where we are now15 minutes Charter Discussion20 minutes Ready for a WG?5 minutes

7 SIP-CLF DISPATCH ad hoc IETF 757 Goals for this ad hoc Report on where we are –Including feedback from OPSAREA Close on charter text Take sense of the room via hums

8 SIP-CLF DISPATCH ad hoc IETF 758 Just to focus … DateMilestone Oct 09 Problem statement, motivation, and use cases WGLC Nov 09 Problem statement, motivation, and use cases to IESG (Informational) Jan 10 SIP Common Log Format specification WGLC Feb 10 SIP Common Log Format specification to IESG (PS)

9 Where we are now Vijay Gurbani

10 Charter Discussion

11 SIP-CLF DISPATCH ad hoc IETF 7511 Current Charter Text (1) The SIP Common Log Format (CLF) working group is chartered to define a standard logging format for systems processing SIP messages. Well-known web servers such as Apache and web proxies like Squid support event logging using a common log format. The logs produced using these de-facto standard formats are invaluable to system administrators for trouble-shooting a server and tool writers to craft tools that mine the log files to produce reports and trends and to search for a certain message or messages, a transaction or a related set of transactions. Furthermore, these log records can also be used to train anomaly detection systems and feed events into a security event management system.

12 SIP-CLF DISPATCH ad hoc IETF 7512 Current Charter Text (2) The Session Initiation Protocol does not have a common log format. Diverse elements provide distinct log formats making it complex to produce tools to analyze them. The CLF working group will produce a format suitable for logging from any SIP element. The format will anticipate the need to search, merge, and summarize the log records from diverse elements. The format will anticipate the need to correlate messages from multiple elements related to a given request (that may fork) or a given dialog. The format will take SIP's extensibility into consideration, providing a way to represent SIP message components that are defined in the future. The format will anticipate being used both for off-line analysis and on-line real-time processing applications. The working group will consider the need for efficient creation of records and the need for efficient processing of the records.

13 SIP-CLF DISPATCH ad hoc IETF 7513 Current Charter Text (3) The working group will identify the fields to appear in a log record and provide one or more formats for encoding those fields. The working group is not pre-constrained to producing either a bit-field oriented or text-oriented format, and may choose to provide both. If the group chooses to specify both, it must be possible to mechanically translate between the formats without loss of information. Specifying the mechanics of exchanging, transporting, and storing SIP Common Log Format records is explicitly out of scope. Specifying a real-time transfer mechanism for heuristic analysis is explicitly out of scope.

14 SIP-CLF DISPATCH ad hoc IETF 7514 Current Charter Text (4) The group will generate: A problem statement enunciating the motivation, and use cases for a SIP Common Log Format. This analysis will identify the required minimal information that must appear in any record. A specification of the SIP Common Log Format record The group will consider providing one or more reference implementations for decoding a CLF record.

15 SIP-CLF DISPATCH ad hoc IETF 7515 Are these the right dates? DateMilestone Oct 09 Problem statement, motivation, and use cases WGLC Nov 09 Problem statement, motivation, and use cases to IESG (Informational) Jan 10 SIP Common Log Format specification WGLC Feb 10 SIP Common Log Format specification to IESG (PS)

16 SIP-CLF DISPATCH ad hoc IETF 7516 Thank You And see you in Hiroshima … with any luck, at the CLF working group meeting …

Download ppt "Common Log Format (CLF) DISPATCH ad hoc – IETF 75 Spencer Dawkins Theo Zourzouvillys"

Similar presentations

IETF Calsify.

IETF Calsify.
1 ISMS WG 79th IETF Beijing November 10, 2010 Goal:Creating a security model for SNMPv3 that will meet the security and operational needs of network administrators.

1 ISMS WG 79th IETF Beijing November 10, 2010 Goal:Creating a security model for SNMPv3 that will meet the security and operational needs of network administrators.
HIP WG Stockholm, Sweden THURSDAY, July 30, 2009, 1510-1610 Congresshall C.

HIP WG Stockholm, Sweden THURSDAY, July 30, 2009, Congresshall C.
Session Initiation Protocol (SIP) Common Log Format (CLF) Vijay K. Gurbani Bell Laboratories/Alcatel-Lucent 75 th IETF, Stockholm, Sweden July 26-31, 2009.

Session Initiation Protocol (SIP) Common Log Format (CLF) Vijay K. Gurbani Bell Laboratories/Alcatel-Lucent 75 th IETF, Stockholm, Sweden July 26-31, 2009.
L2VPN WG “NVO3” Meeting IETF 82 Taipei, Taiwan. Agenda Administrivia Framing Today’s Discussions (5 minutes) Cloud Networking: Framework and VPN Applicability.

L2VPN WG “NVO3” Meeting IETF 82 Taipei, Taiwan. Agenda Administrivia Framing Today’s Discussions (5 minutes) Cloud Networking: Framework and VPN Applicability.
Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet-Draft or RFC and any statement made.

Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet-Draft or RFC and any statement made.
PPSP Working Group IETF-89 London, UK 16:10-18:40, Tuesday, 2014-3-4 Webex:http://www.ietf.org/meeting/89/remote- participation.html.

PPSP Working Group IETF-89 London, UK 16:10-18:40, Tuesday, Webex: participation.html.
CCAMP Working Group Online Agenda and Slides at: Tools start page:

CCAMP Working Group Online Agenda and Slides at: Tools start page:
DRINKS Interim („77.5“) Reston, VA 05.05.2010. Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF.

DRINKS Interim („77.5“) Reston, VA Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF.
IETF 90: NetExt WG Meeting. Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet- Draft.

IETF 90: NetExt WG Meeting. Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet- Draft.
L3VPN WG IETF 78 09/11/2010 13:00-15:00 Chairs: Marshall Eubanks Danny McPherson Ben Niven-Jenkins.

L3VPN WG IETF 78 09/11/ :00-15:00 Chairs: Marshall Eubanks Danny McPherson Ben Niven-Jenkins.
DISPATCH WG: ad hoc meeting on DREGS IETF-76 Mary Barnes (Dispatch WG co-chair) Eric Burger (ad hoc chair) 12 November 20091 DREGS ad hoc (DISPATCH) IETF.

DISPATCH WG: ad hoc meeting on DREGS IETF-76 Mary Barnes (Dispatch WG co-chair) Eric Burger (ad hoc chair) 12 November DREGS ad hoc (DISPATCH) IETF.
BLISS – IETF 71 Jason Fischl Shida Schubert

BLISS – IETF 71 Jason Fischl Shida Schubert
SIPCLF Working Group Spencer Dawkins Theo Zourzouvillys IETF 76 – November 2009 Hiroshima, Japan.

SIPCLF Working Group Spencer Dawkins Theo Zourzouvillys IETF 76 – November 2009 Hiroshima, Japan.
IETF #82 DRINKS WG Meeting Taipei, Taiwan Fri, Nov 18 th 2011 0.

IETF #82 DRINKS WG Meeting Taipei, Taiwan Fri, Nov 18 th
EAP Method Update (EMU) IETF-79 Chairs Joe Salowey Alan DeKok.

EAP Method Update (EMU) IETF-79 Chairs Joe Salowey Alan DeKok.
TSVWG IETF-76 (Hiroshima) James Polk Gorry Fairhurst With an assist for this meeting from **Magnus Westerlund**

TSVWG IETF-76 (Hiroshima) James Polk Gorry Fairhurst With an assist for this meeting from **Magnus Westerlund**
1 NOTE WELL Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet-Draft or RFC and any statement made.

1 NOTE WELL Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet-Draft or RFC and any statement made.
IETF #81 DRINKS WG Meeting Québec City, QC, Canada Tue, July 26 th, 2011.

IETF #81 DRINKS WG Meeting Québec City, QC, Canada Tue, July 26 th, 2011.
GROW IETF 78 Maastricht, Netherlands. Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet-Draft.

GROW IETF 78 Maastricht, Netherlands. Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet-Draft.

Similar presentations

Ads by Google