RFC - 4765
The Intrusion Detection Message Exchange Format (IDMEF)
| Original: | ftp://ftp.isi.edu/in-notes/rfc4765.txt |
|---|---|
| Authors: | H. Debar [France Telecom], D. Curry [Guardian], B. Feinstein [SecureWorks, Inc.] |
| Date: | March 2007 |
| Category: | Experimental Standard |
| Referred by: | 3 RFC |
| Refers to: | 14 RFC |
Status
This memo defines an Experimental Protocol for the Internet community. It does not specify an Internet standard of any kind. Discussion and suggestions for improvement are requested. Distribution of this memo is unlimited.
Copyright Notice
Copyright (C) The IETF Trust (2007).
Abstract
The purpose of the Intrusion Detection Message Exchange Format (IDMEF) is to define data formats and exchange procedures for sharing information of interest to intrusion detection and response systems and to the management systems that may need to interact with them.
This document describes a data model to represent information exported by intrusion detection systems and explains the rationale for using this model. An implementation of the data model in the Extensible Markup Language (XML) is presented, an XML Document Type Definition is developed, and examples are provided.
-
prepared by Miloslav Nic
- the founder of Zvon.org and Law-Ref.org
- the head of B.Sc. program Informatics and chemistry [in Czech]
- the founder of Lidem.org - Volby 2006 - parliamentary elections in the Czech Republic [in Czech]
- the chief consultant of the publishing house ICT Press
- and Pavel Srb, a student of B.Sc. program Informatics and chemistry