RFC 4765

The Intrusion Detection Message Exchange Format (IDMEF), March 2007

File formats:
icon for text file icon for PDF icon for HTML
Status:
EXPERIMENTAL
Authors:
H. Debar
D. Curry
B. Feinstein
Stream:
IETF
Source:
idwg (sec)

Cite this RFC: TXT  |  XML  |   BibTeX

DOI:  https://doi.org/10.17487/RFC4765

Discuss this RFC: Send questions or comments to the mailing list iesg@ietf.org

Other actions: Submit Errata  |  Find IPR Disclosures from the IETF  |  View History of RFC 4765


Abstract

The purpose of the Intrusion Detection Message Exchange Format (IDMEF) is to define data formats and exchange procedures for sharing information of interest to intrusion detection and response systems and to the management systems that may need to interact with them.

This document describes a data model to represent information exported by intrusion detection systems and explains the rationale for using this model. An implementation of the data model in the Extensible Markup Language (XML) is presented, an XML Document Type Definition is developed, and examples are provided. This memo defines an Experimental Protocol for the Internet community.


For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 8729.




Advanced Search