netconfcentral logo

ietf-i2nsf-nsf-monitoring-dm@2017-10-29



  module ietf-i2nsf-nsf-monitoring-dm {

    yang-version 1;

    namespace
      "urn:ietf:params:xml:ns:yang:ietf-i2nsf-nsf-monitoring-dm";

    prefix monitoring-information;

    import ietf-inet-types {
      prefix inet;
    }
    import ietf-yang-types {
      prefix yang;
    }

    organization
      "IETF I2NSF (Interface to Network Security Functions)
     Working Group";

    contact
      "WG Web: <http://tools.ietf.org/wg/i2nsf>
     WG List: <mailto:i2nsf@ietf.org>

     WG Chair: Linda Dunbar
     <mailto:Linda.duhbar@huawei.com>

     Editor: Dongjin Hong
     <mailto:dong.jin@skku.edu>

     Editor: Jaehoon Paul Jeong
     <mailto:pauljeong@skku.edu>";

    description
      "This module defines a YANG data module for monitoring NSFs.";

    revision "2017-10-29" {
      description "Initial revision";
      reference
        "draft-zhang-i2nsf-info-model-monitoring-04";

    }


    typedef severity {
      type enumeration {
        enum "high" {
          value 0;
          description "high-level";
        }
        enum "middle" {
          value 1;
          description "middle-level";
        }
        enum "low" {
          value 2;
          description "low-level";
        }
      }
      description
        "This is used for indicating the severity";
    }

    typedef all-action {
      type enumeration {
        enum "allow" {
          value 0;
          description "TBD";
        }
        enum "alert" {
          value 1;
          description "TBD";
        }
        enum "block" {
          value 2;
          description "TBD";
        }
        enum "discard" {
          value 3;
          description "TBD";
        }
        enum "declare" {
          value 4;
          description "TBD";
        }
        enum "block-ip" {
          value 5;
          description "TBD";
        }
        enum "block-service" {
          value 6;
          description "TBD";
        }
      }
      description
        "This is used for protocol";
    }

    typedef dpi-type {
      type enumeration {
        enum "file-blocking" {
          value 0;
          description "TBD";
        }
        enum "data-filtering" {
          value 1;
          description "TBD";
        }
        enum "application-behavior-control" {
          value 2;
          description "TBD";
        }
      }
      description
        "This is used for dpi type";
    }

    typedef operation-type {
      type enumeration {
        enum "login" {
          value 0;
          description "TBD";
        }
        enum "logout" {
          value 1;
          description "TBD";
        }
        enum "configuration" {
          value 2;
          description "TBD";
        }
      }
      description
        "This is used for operation type";
    }

    typedef login-mode {
      type enumeration {
        enum "root" {
          value 0;
          description "TBD";
        }
        enum "user" {
          value 1;
          description "TBD";
        }
        enum "guest" {
          value 2;
          description "TBD";
        }
      }
      description
        "This is used for login mode";
    }

    grouping protocol {
      description "A set of protocols";
      container protocol {
        description
          "Protocol types:
       TCP, UDP, ICMP, ICMPv6, IP, HTTP, FTP and etc.";
        leaf tcp {
          type boolean;
          description "TCP protocol type.";
        }

        leaf udp {
          type boolean;
          description "UDP protocol type.";
        }

        leaf icmp {
          type boolean;
          description "ICMP protocol type.";
        }

        leaf icmpv6 {
          type boolean;
          description
            "ICMPv6 protocol type.";
        }

        leaf ip {
          type boolean;
          description "IP protocol type.";
        }

        leaf http {
          type boolean;
          description "HTTP protocol type.";
        }

        leaf ftp {
          type boolean;
          description "ftp protocol type.";
        }
      }  // container protocol
    }  // grouping protocol

    grouping traffic-rates {
      description
        "A set of traffic rates
      for statistics data";
      leaf total-traffic {
        type uint32;
        description "Total traffic";
      }

      leaf in-traffic-ave-rate {
        type uint32;
        description
          "Inbound traffic average rate in pps";
      }

      leaf in-traffic-peak-rate {
        type uint32;
        description
          "Inbound traffic peak rate in pps";
      }

      leaf in-traffic-ave-speed {
        type uint32;
        description
          "Inbound traffic average speed in bps";
      }

      leaf in-traffic-peak-speed {
        type uint32;
        description
          "Inbound traffic peak speed in bps";
      }

      leaf out-traffic-ave-rate {
        type uint32;
        description
          "Outbound traffic average rate in pps";
      }

      leaf out-traffic-peak-rate {
        type uint32;
        description
          "Outbound traffic peak rate in pps";
      }

      leaf out-traffic-ave-speed {
        type uint32;
        description
          "Outbound traffic average speed in bps";
      }

      leaf out-traffic-peak-speed {
        type uint32;
        description
          "Outbound traffic peak speed in bps";
      }
    }  // grouping traffic-rates

    grouping i2nsf-system-event-type-content {
      description
        "A set of system event type contents";
      leaf group {
        type string;
        mandatory true;
        description
          "Group to which a user belongs.";
      }

      leaf login-ip {
        type inet:ipv4-address;
        mandatory true;
        description
          "Login IP address of a user.";
      }

      container authentication-mode {
        description
          "User authentication mode. e.g., Local Authentication,
        Third-Party Server Authentication,
        Authentication Exemption, SSO Authentication.";
        leaf local-authentication {
          type boolean;
          mandatory true;
          description
            "Authentication-mode : local authentication.";
        }

        leaf third-part-server-authentication {
          type boolean;
          mandatory true;
          description "TBD";
        }

        leaf exemption-authentication {
          type boolean;
          mandatory true;
          description "TBD";
        }

        leaf sso-authentication {
          type boolean;
          mandatory true;
          description "TBD";
        }
      }  // container authentication-mode
    }  // grouping i2nsf-system-event-type-content

    grouping i2nsf-nsf-event-type-content {
      description
        "A set of nsf event type contents";
      leaf message {
        type string;
        description
          "The message for nsf events";
      }

      leaf src-ip {
        type inet:ipv4-address;
        description
          "The source IP address of the packet";
      }

      leaf dst-ip {
        type inet:ipv4-address;
        description
          "The destination IP address of the packet";
      }

      leaf src-port {
        type inet:port-number;
        description
          "The source port of the packet";
      }

      leaf dst-port {
        type inet:port-number;
        description
          "The destination port of the packet";
      }

      leaf src-zone {
        type string;
        description
          "The source security zone of the packet";
      }

      leaf dst-zone {
        type string;
        description
          "The destination security zone of the packet";
      }

      leaf rule-id {
        type uint8;
        mandatory true;
        description
          "The ID of the rule being triggered";
      }

      leaf rule-name {
        type string;
        mandatory true;
        description
          "The name of the rule being triggered";
      }

      leaf profile {
        type string;
        description
          "Security profile that traffic matches.";
      }

      leaf raw-info {
        type string;
        description
          "The information describing the packet
        triggering the event.";
      }
    }  // grouping i2nsf-nsf-event-type-content

    grouping i2nsf-system-counter-type-content {
      description
        "A set of system counter type contents";
      leaf interface-name {
        type string;
        description
          "Network interface name configured in NSF";
      }

      leaf in-total-traffic-pkts {
        type uint32;
        description "Total inbound packets";
      }

      leaf out-total-traffic-pkts {
        type uint32;
        description "Total outbound packets";
      }

      leaf in-total-traffic-bytes {
        type uint32;
        description "Total inbound bytes";
      }

      leaf out-total-traffic-bytes {
        type uint32;
        description "Total outbound bytes";
      }

      leaf in-drop-traffic-pkts {
        type uint32;
        description
          "Total inbound drop packets";
      }

      leaf out-drop-traffic-pkts {
        type uint32;
        description
          "Total outbound drop packets";
      }

      leaf in-drop-traffic-bytes {
        type uint32;
        description
          "Total inbound drop bytes";
      }

      leaf out-drop-traffic-bytes {
        type uint32;
        description
          "Total outbound drop bytes";
      }

      uses traffic-rates;
    }  // grouping i2nsf-system-counter-type-content

    grouping i2nsf-nsf-counters-type-content {
      description
        "A set of nsf counters type contents";
      leaf src-ip {
        type inet:ipv4-address;
        description
          "The source IP address of the packet";
      }

      leaf dst-ip {
        type inet:ipv4-address;
        description
          "The destination IP address of the packet";
      }

      leaf src-port {
        type inet:port-number;
        description
          "The source port of the packet";
      }

      leaf dst-port {
        type inet:port-number;
        description
          "The destination port of the packet";
      }

      leaf src-zone {
        type string;
        description
          "The source security zone of the packet";
      }

      leaf dst-zone {
        type string;
        description
          "The destination security zone of the packet";
      }

      leaf src-region {
        type string;
        description
          "Source region of the traffic";
      }

      leaf dst-region {
        type string;
        description
          "Destination region of the traffic";
      }

      leaf policy-id {
        type uint8;
        mandatory true;
        description
          "The ID of the policy being triggered";
      }

      leaf policy-name {
        type string;
        mandatory true;
        description
          "The name of the policy being triggered";
      }

      leaf src-user {
        type string;
        description
          "User who generates traffic";
      }

      uses protocol;

      uses traffic-rates;
    }  // grouping i2nsf-nsf-counters-type-content

    container monitoring-message {
      description
        "The message for monitoring information";
      list monitoring-messages {
        key "message-id";
        description
          "The messages according to monitoring information";
        leaf message-id {
          type uint8;
          mandatory true;
          description
            "This is message ID
           This is key for monitoring messages";
        }

        leaf message-version {
          type uint8;
          mandatory true;
          description
            "The version of message";
        }

        choice message-type {
          description "The type of message";
          case event {
            description
              "If the message type is event";
            leaf event-name {
              type string;
              mandatory true;
              description
                "The name of the event";
            }

            choice event-type {
              description
                "This is event type such as system event
              and nsf event.";
              case system-event {
                description
                  "If the event type is system event";
                container access-violation {
                  description
                    "If the system event is
                  access violation";
                  uses i2nsf-system-event-type-content;
                }  // container access-violation

                container config-change {
                  description
                    "If the system event is
                  config change violation";
                  uses i2nsf-system-event-type-content;
                }  // container config-change
              }  // case system-event

              case nsf-event {
                description
                  "If the event type is nsf event";
                leaf user-name {
                  type string;
                  description
                    "This is user name for NSF event";
                }

                container ddos-event {
                  description
                    "If the event type is DDoS event";
                  uses i2nsf-nsf-event-type-content;

                  container ddos-attack-type {
                    description
                      "Type of DDoS attack";
                    leaf syn-flood {
                      type boolean;
                      description
                        "If the DDoS attack is
                      syn flood";
                    }

                    leaf ack-flood {
                      type boolean;
                      description
                        "If the DDoS attack is
                      ack flood";
                    }

                    leaf syn-ack-flood {
                      type boolean;
                      description
                        "If the DDoS attack is
                      syn ack flood";
                    }

                    leaf fin-rst-flood {
                      type boolean;
                      description
                        "If the DDoS attack is
                      fin rst flood";
                    }

                    leaf tcp-connection-flood {
                      type boolean;
                      description
                        "If the DDoS attack is
                      tcp connection flood";
                    }

                    leaf udp-flood {
                      type boolean;
                      description
                        "If the DDoS attack is
                      udp flood";
                    }

                    leaf icmp-flood {
                      type boolean;
                      description
                        "If the DDoS attack is
                      icmp flood";
                    }

                    leaf https-flood {
                      type boolean;
                      description
                        "If the DDoS attack is
                      https flood";
                    }

                    leaf http-flood {
                      type boolean;
                      description
                        "If the DDoS attack is
                      http flood";
                    }

                    leaf dns-reply-flood {
                      type boolean;
                      description
                        "If the DDoS attack is
                      dns reply flood";
                    }

                    leaf dns-query-flood {
                      type boolean;
                      description
                        "If the DDoS attack is
                      dns query flood";
                    }

                    leaf sip-flood {
                      type boolean;
                      description
                        "If the DDoS attack is
                      sip flood";
                    }
                  }  // container ddos-attack-type

                  leaf start-time {
                    type yang:date-and-time;
                    mandatory true;
                    description
                      "The time stamp indicating
                    when the attack started";
                  }

                  leaf end-time {
                    type yang:date-and-time;
                    mandatory true;
                    description
                      "The time stamp indicating
                    when the attack ended";
                  }

                  leaf attack-rate {
                    type uint32;
                    description
                      "The PPS of attack traffic";
                  }

                  leaf attack-speed {
                    type uint32;
                    description
                      "the bps of attack traffic";
                  }
                }  // container ddos-event

                container session-table-event {
                  description
                    "If the event type is session
                  table event";
                  leaf current-session {
                    type uint8;
                    description
                      "The number of concurrent
                     sessions";
                  }

                  leaf maximum-session {
                    type uint8;
                    description
                      "The maximum number of sessions
                     that the session table can
                     support";
                  }

                  leaf threshold {
                    type uint8;
                    description
                      "The threshold triggering
                     the event";
                  }

                  leaf message {
                    type string;
                    description
                      "The number of session table
                      exceeded the threshold";
                  }
                }  // container session-table-event

                container virus-event {
                  description
                    "If the event type is virus event";
                  uses i2nsf-nsf-event-type-content;

                  container virus-type {
                    description
                      "The type of virus";
                    leaf trajan {
                      type boolean;
                      description
                        "If the virus type is trajan";
                    }

                    leaf worm {
                      type boolean;
                      description
                        "If the virus type is worm";
                    }

                    leaf macro {
                      type boolean;
                      description
                        "If the virus type is macro";
                    }
                  }  // container virus-type

                  leaf virus-name {
                    type string;
                    description
                      "The name of virus";
                  }

                  leaf file-type {
                    type string;
                    description
                      "The type of file";
                  }

                  leaf file-name {
                    type string;
                    description
                      "The name of file";
                  }
                }  // container virus-event

                container intrusion-event {
                  description
                    "If the event type is intrusion event";
                  uses i2nsf-nsf-event-type-content;

                  uses protocol;

                  container intrusion-attack-type {
                    description
                      "The attack type of intrusion";
                    leaf brutal-force {
                      type boolean;
                      description
                        "The intrusion type is
                      brutal force";
                    }

                    leaf buffer-overflow {
                      type boolean;
                      description
                        "The intrusion type is
                      buffer overflow";
                    }
                  }  // container intrusion-attack-type
                }  // container intrusion-event

                container botnet-event {
                  description
                    "If the event type is botnet event";
                  uses i2nsf-nsf-event-type-content;

                  uses protocol;

                  leaf botnet-name {
                    type string;
                    description
                      "The name of the detected botnet";
                  }

                  leaf role {
                    type string;
                    description
                      "The role of the communicating
                    parties within the botnet";
                  }
                }  // container botnet-event

                container web-attack-event {
                  description
                    "If the event type is web
                  attack event";
                  uses i2nsf-nsf-event-type-content;

                  container web-attack-type {
                    description
                      "To determine the attack
                    type";
                    leaf sql-injection {
                      type boolean;
                      description
                        "If the web attack type is
                      sql injection";
                    }

                    leaf command-injection {
                      type boolean;
                      description
                        "If the web attack type is
                      command injection";
                    }

                    leaf xss {
                      type boolean;
                      description
                        "If the web attack type is
                      xss injection";
                    }

                    leaf csrf {
                      type boolean;
                      description
                        "If the web attack type is
                      csrf injection";
                    }
                  }  // container web-attack-type

                  container req-method {
                    description
                      "The method of requirement.
                    For instance, PUT or GET
                    in HTTP";
                    leaf put {
                      type boolean;
                      description
                        "If req method is PUT";
                    }

                    leaf get {
                      type boolean;
                      description
                        "If req method is GET";
                    }
                  }  // container req-method

                  leaf req-url {
                    type string;
                    description
                      "Requested URL";
                  }

                  leaf url-category {
                    type string;
                    description
                      "Matched URL category";
                  }

                  container filtering-type {
                    description
                      "URL filtering type,
                    e.g., Blacklist, Whitelist,
                    User-Defined, Predefined,
                    Malicious Category, Unknown";
                    leaf blacklist {
                      type boolean;
                      description
                        "The filtering type is
                      blacklist";
                    }

                    leaf whitelist {
                      type boolean;
                      description
                        "The filtering type is
                      whitelist";
                    }

                    leaf user-defined {
                      type boolean;
                      description
                        "The filtering type is
                      user defined";
                    }

                    leaf balicious-category {
                      type boolean;
                      description
                        "The filtering type is
                      balicious category";
                    }

                    leaf unknown {
                      type boolean;
                      description
                        "The filtering type is
                      unknown";
                    }
                  }  // container filtering-type
                }  // container web-attack-event
              }  // case nsf-event
            }  // choice event-type
          }  // case event

          case log {
            description
              "If the message type is log";
            choice log-type {
              description "The type of log";
              case system-log {
                description
                  "If the log type is system log";
                container access-logs {
                  description
                    "If the log is access logs
                  in system log";
                  leaf login-ip {
                    type inet:ipv4-address;
                    mandatory true;
                    description
                      "Login IP address of a user.";
                  }

                  leaf administartor {
                    type string;
                    description
                      "Administrator that
                    operates on the device";
                  }

                  leaf login-mode {
                    type login-mode;
                    description
                      "Specifies the
                    administrator logs in mode";
                  }

                  leaf operation-type {
                    type operation-type;
                    description
                      "The operation type that
                    the administrator execute";
                  }

                  leaf result {
                    type string;
                    description
                      "Command execution result";
                  }

                  leaf content {
                    type string;
                    description
                      "Operation performed by
                    an administrator after login.";
                  }
                }  // container access-logs

                container resource-utiliz-logs {
                  description
                    "If the log is resource utilize
                  logs in system log";
                  leaf system-status {
                    type string;
                    description "TBD";
                  }

                  leaf cpu-usage {
                    type uint8;
                    description
                      "specifies the amount of
                    cpu usage";
                  }

                  leaf memory-usage {
                    type uint8;
                    description
                      "specifies the amount of
                    memory usage";
                  }

                  leaf disk-usage {
                    type uint8;
                    description
                      "specifies the amount of
                    disk usage";
                  }

                  leaf disk-left {
                    type uint8;
                    description
                      "specifies the amount of
                    disk left";
                  }

                  leaf session-num {
                    type uint8;
                    description
                      "The total number of
                    sessions";
                  }

                  leaf process-num {
                    type uint8;
                    description
                      "The total number of
                    process";
                  }

                  leaf in-traffic-rate {
                    type uint32;
                    description
                      "The total inbound
                    traffic rate in pps";
                  }

                  leaf out-traffic-rate {
                    type uint32;
                    description
                      "The total outbound
                    traffic rate in pps";
                  }

                  leaf in-traffic-speed {
                    type uint32;
                    description
                      "The total inbound
                    traffic speed in bps";
                  }

                  leaf out-traffic-speed {
                    type uint32;
                    description
                      "The total outbound
                    traffic speed in bps";
                  }
                }  // container resource-utiliz-logs

                container user-activity-logs {
                  description
                    "If the log is user activity
                  logs in system log";
                  leaf user {
                    type string;
                    mandatory true;
                    description
                      "Name of a user";
                  }

                  leaf group {
                    type string;
                    mandatory true;
                    description
                      "Group to which a user belongs.";
                  }

                  leaf login-ip {
                    type inet:ipv4-address;
                    mandatory true;
                    description
                      "Login IP address of a user.";
                  }

                  container authentication-mode {
                    description
                      "User authentication mode. e.g.,
                    Local Authentication,
                    Third-Party Server Authentication,
                    Authentication Exemption, SSO Authentication.";
                    leaf local-authentication {
                      type boolean;
                      mandatory true;
                      description
                        "Authentication-mode : local authentication.";
                    }

                    leaf third-part-server-authentication {
                      type boolean;
                      mandatory true;
                      description "TBD";
                    }

                    leaf exemption-authentication {
                      type boolean;
                      mandatory true;
                      description "TBD";
                    }

                    leaf sso-authentication {
                      type boolean;
                      mandatory true;
                      description "TBD";
                    }
                  }  // container authentication-mode

                  container access-mode {
                    description "TBD";
                    leaf ppp {
                      type boolean;
                      description "TBD";
                    }

                    leaf svn {
                      type boolean;
                      description "TBD";
                    }

                    leaf local {
                      type boolean;
                      description "TBD";
                    }
                  }  // container access-mode

                  leaf online-duration {
                    type string;
                    description "TBD";
                  }

                  leaf logout-duration {
                    type string;
                    description "TBD";
                  }

                  leaf addtional-info {
                    type string;
                    description "TBD";
                  }
                }  // container user-activity-logs
              }  // case system-log

              case nsf-log {
                description
                  "If the log type is nsf log";
                container ddos-logs {
                  description
                    "If the log is DDoS logs
                  in nsf log";
                  leaf attack-type {
                    type string;
                    description "DDoS";
                  }

                  leaf attack-ave-rate {
                    type uint32;
                    description
                      "The ave PPS of
                    attack traffic";
                  }

                  leaf attack-ave-speed {
                    type uint32;
                    description
                      "the ave bps of
                    attack traffic";
                  }

                  leaf attack-pkt-num {
                    type uint32;
                    description
                      "the number of
                    attack packets";
                  }

                  leaf attack-src-ip {
                    type inet:ipv4-address;
                    description "TBD";
                  }

                  leaf action {
                    type all-action;
                    description "TBD";
                  }

                  leaf os {
                    type string;
                    description
                      "simple os information";
                  }
                }  // container ddos-logs

                container virus-logs {
                  description
                    "If the log is virus logs
                  in nsf log";
                  uses protocol;

                  leaf attack-type {
                    type string;
                    description "Virus";
                  }

                  leaf action {
                    type all-action;
                    description "TBD";
                  }

                  leaf os {
                    type string;
                    description
                      "simple os information";
                  }

                  leaf time {
                    type yang:date-and-time;
                    mandatory true;
                    description
                      "Indicate the time when the
                    message is generated";
                  }
                }  // container virus-logs

                container intrusion-logs {
                  description
                    "If the log is intrusion logs
                  in nsf log";
                  leaf attack-type {
                    type string;
                    description "Intrusion";
                  }

                  leaf action {
                    type all-action;
                    description "TBD";
                  }

                  leaf time {
                    type yang:date-and-time;
                    mandatory true;
                    description
                      "Indicate the time when the
                    message is generated";
                  }

                  leaf attack-rate {
                    type uint32;
                    description
                      "The PPS of attack traffic";
                  }

                  leaf attack-speed {
                    type uint32;
                    description
                      "the bps of attack traffic";
                  }
                }  // container intrusion-logs

                container botnet-logs {
                  description
                    "If the log is botnet logs
                  in nsf log";
                  leaf attack-type {
                    type string;
                    description "Botnet";
                  }

                  leaf botnet-pkt-num {
                    type uint8;
                    description
                      "The number of the packets
                    sent to or from the
                    detected botnet";
                  }

                  leaf action {
                    type all-action;
                    description "TBD";
                  }

                  leaf os {
                    type string;
                    description
                      "simple os information";
                  }
                }  // container botnet-logs

                container dpi-logs {
                  description
                    "If the log is dpi logs
                  in nsf log";
                  leaf dpi-type {
                    type dpi-type;
                    description
                      "The type of dpi";
                  }

                  leaf src-ip {
                    type inet:ipv4-address;
                    description
                      "The source IP address of the packet";
                  }

                  leaf dst-ip {
                    type inet:ipv4-address;
                    description
                      "The destination IP address of the packet";
                  }

                  leaf src-port {
                    type inet:port-number;
                    description
                      "The source port of the packet";
                  }

                  leaf dst-port {
                    type inet:port-number;
                    description
                      "The destination port of the packet";
                  }

                  leaf src-zone {
                    type string;
                    description
                      "The source security zone of the packet";
                  }

                  leaf dst-zone {
                    type string;
                    description
                      "The destination security zone of the packet";
                  }

                  leaf src-region {
                    type string;
                    description
                      "Source region of the traffic";
                  }

                  leaf dst-region {
                    type string;
                    description
                      "Destination region of the traffic";
                  }

                  leaf policy-id {
                    type uint8;
                    mandatory true;
                    description
                      "The ID of the policy being triggered";
                  }

                  leaf policy-name {
                    type string;
                    mandatory true;
                    description
                      "The name of the policy being triggered";
                  }

                  leaf src-user {
                    type string;
                    description
                      "User who generates traffic";
                  }

                  uses protocol;

                  leaf file-type {
                    type string;
                    description
                      "The type of file";
                  }

                  leaf file-name {
                    type string;
                    description
                      "The name of file";
                  }
                }  // container dpi-logs

                list vulnerability-scanning-logs {
                  key "vulnerability-id";
                  description
                    "If the log is vulnerability
                  scanning logs in nsf log";
                  leaf vulnerability-id {
                    type uint8;
                    description
                      "The vulnerability id";
                  }

                  leaf victim-ip {
                    type inet:ipv4-address;
                    description
                      "IP address of the victim
                    host which has vulnerabilities";
                  }

                  uses protocol;

                  leaf port-num {
                    type inet:port-number;
                    description
                      "The port number";
                  }

                  leaf level {
                    type severity;
                    description
                      "The vulnerability severity";
                  }

                  leaf os {
                    type string;
                    description
                      "simple os information";
                  }

                  leaf addtional-info {
                    type string;
                    description "TBD";
                  }
                }  // list vulnerability-scanning-logs

                container web-attack-logs {
                  description
                    "If the log is web attack
                  logs in nsf log";
                  leaf attack-type {
                    type string;
                    description "Web Attack";
                  }

                  leaf rsp-code {
                    type string;
                    description
                      "Response code";
                  }

                  leaf req-clientapp {
                    type string;
                    description
                      "The client application";
                  }

                  leaf req-cookies {
                    type string;
                    description "Cookies";
                  }

                  leaf req-host {
                    type string;
                    description
                      "The domain name of the
                    requested host";
                  }

                  leaf raw-info {
                    type string;
                    description
                      "The information describing
                    the packet triggering the
                    event.";
                  }
                }  // container web-attack-logs
              }  // case nsf-log
            }  // choice log-type
          }  // case log

          case counters {
            description
              "If the message type is counters";
            choice counter-type {
              description
                "The type of counter";
              container interface-counters {
                description
                  "The system counter type is
                  interface counter";
                uses i2nsf-system-counter-type-content;
              }  // container interface-counters
              container firewall-counters {
                description
                  "The nsf counter type is
                  firewall counter";
                uses i2nsf-nsf-counters-type-content;

                container bound {
                  description
                    "Inbound or Outbound";
                  leaf in-interface {
                    type boolean;
                    description
                      "If the bound is inbound";
                  }

                  leaf out-interface {
                    type boolean;
                    description
                      "If the bound is outbound";
                  }
                }  // container bound
              }  // container firewall-counters
              container policy-hit-counters {
                description
                  "The counters of policy hit";
                uses i2nsf-nsf-counters-type-content;

                leaf hit-times {
                  type uint32;
                  description
                    "The hit times for policy";
                }
              }  // container policy-hit-counters
            }  // choice counter-type
          }  // case counters
        }  // choice message-type

        leaf message {
          type string;
          mandatory true;
          description
            "This is a message for monitoring information";
        }

        leaf time-stamp {
          type yang:date-and-time;
          mandatory true;
          description
            "Indicate the time when the message is generated";
        }

        leaf severity {
          type severity;
          mandatory true;
          description
            "The severity of the alarm such as
          critical, high, middle, low.";
        }
      }  // list monitoring-messages
    }  // container monitoring-message
  }  // module ietf-i2nsf-nsf-monitoring-dm