Child pages
  • Release Notes for Open-AudIT v1.12.8
Skip to end of metadata
Go to start of metadata

IMPORTANT CHANGES - please read.

We have changed the structure of the 'system' table within Open-AudIT. THIS WILL AFFECT CUSTOM REPORTS AND GROUPS. I cannot stress this highly enough. If you have custom reports and/or groups you will need to export them from Open-AudIT (menu -> Admin -> Queries|Groups -> List, then click the Export button), then delete them (menu -> Admin -> Queries|Groups -> List, then click the Delete button) preferably BEFORE upgrading Open-AudIT. If you have extremely simple items, the upgrade may correctly update them for you - but I wouldn't count on it. Once you have completed the upgrade you can edit your custom reports and/or groups to reflect the updated system table and import them back into Open-AudIT.

New Features

Credential Sets

We have done away with the old configuration values for default_ssh_username, et al and replaced the entire process with credential sets. Any upgrades will have their existing default_* items moved into credential sets. You can view the credential sets via menu -> Admin -> Credentials and in Enterprise at menu -> Views -> Credentials. Because of this, there is no need to specify them on the Discovery page(s). We show a warning if no credential sets are present but the Discovery form is requested.

As per all new items, they are also viewable and usable via the JSON API at /credentials.

See our feature page on File Auditing for more information.

File Auditing

Caveat - to enable this feature under a windows Open-AudIT server you will need to make a change to the service user. Please see our File Auditing page for this.

You can now specify directory that will have all it's files listed and recorded. This is injected into the audit script for Linux and Windows when Discovery is run. Attributes recorded are:

Windows - name, size, directory, SHA1 hash, last changed, permissions, owner, version (file permitting).

Linux - name, size, directory, SHA1 hash, last changed, meta data last changed, permissions, owner, group, inode.

The web interface for creating, updating and deleting files s in Open-AudIT Enterprise and accessible at menu -> Views -> Files.

As per all new items, they are also viewable and usable via the JSON API at /files.

See our feature page on File Auditing for more information.

SNMP v3 Support

SNMPv3 finally comes to Open-AudIT! Make a credential set with the type equal to SNMPv3 and you will see the usual array of options for you to fill out. This will be checked and used just like any other credential.

SSH Key Support

This is a Linux only feature (for now). You can create a credential set with type equal to ssh key and provide a username and key. This will be checked and used just like any other credential.

Scripts

To go with the new File Auditing feature, you can now create audit scripts and store the configuration of them - downloading them when you need them. File Auditing information will be automatically injected into the script (if it's for Linux or Windows) when you download it. You can access them via menu -> Admin -> Scripts. This new feature replaces the old 'Create Audit Windows' feature. You can configure scripts for any of the existing audit scripts - aix, esxi, linux, osx, windows.

As per all new items, they are also viewable and usable via the JSON API at /scripts.

Nmap Open Ports and Programs

Are now stored when Discovery is run. They are stored and updated as per any other attribute within Open-AudIT. The database table is called nmap.

API Updates

Are detailed on the page here - The Open-AudIT API (1.12.8). We have moved much closer to http://jsonapi.org compliance. Of note is the format change to /devices/{id}.

Bootstrap Theme

We are steadily progressing towards retheming Open-AudIT to use Bootstrap. Going along with that is the ability to update and streamline both our view|template code and our libraries. For example the old Tango theme prevented us from updating to a newer version of jQuery (javascript framework). All Bootstrap pages are being validated as w3c compliant. Work is not complete so you will see some pages in Bootstrap and some in Tango. We're planning to replace all Tango pages eventually. Please bear with us in this time of transition.

Name, hostname, dns_hostname and sysName - oh my!

We now record the above values. Previously we only stored hostname and sysName. This can make for some confusing results. The definitions for each are below.

name - the name assigned to the device in Open-AudIT. Is initially populated from hostname, sysName or dns_hostname (in that order).

hostname - taken from the device itself when running an audit script or SSH / WMI query.

dns_hostname - taken from DNS (surprise!) by the Open-AudIT server.

sysName - taken from SNMP.

We have similar fields for domain and dns_domain.

We have also introduced a new config item called discovery_use_dns. If this is set to 'y' (the default) the Open-AudIT server will attempt to retrieve the dns_hostname and dns_domain of the device.

Removal of man_* Fields

We now have a routine in code that runs every time an attribute has data posted to it. It assigns a weight to the process that is attempting to update the data. The weights are below. In this way we only (now) need to store on item for (for example) manufacturer. No more man_manufacturer and manufacturer. This makes for much less confusion and more easily created queries and groups.

 

What are the changes to the system table?

Here are the old and new table definitions. Note the column order is different as shown here compared to the actual table. Here I have sorted by name so you can more directly compare them.

Major items of note.

  • There is no system_id column. It has been renamed id. You can imagine the work here. The entire application revolves around system_id. This is the largest single change. Every other table that referenced system.system_id now references system.id.
  • The man_* fields have been removed. We now have a routine that runs whenever an attribute has data posted to it. It "weighs" the importance of the thing performing the data push and if it's not less than what it already has, does not update the data. More details on the below.
  • Fields stick to a format of:
    • Anything ending in id, size or count (or being id, size or count) is an integer.
    • Enum fields are 'y' or 'n' only instead or string true or false or some other variation.
  • Access Details has been removed. We now have credential sets and store device specific credentials in the credential table (details as above).
  • Instead of only hostname and sysName columns, we now have name, hostname, dns_hostname and sysName (details as above). Name has been initially populated (for upgrades) by the existing value for hostname.
  • timestamp has been replaced by last_seen.
  • fiirst_timestamp has been replaced by first_seen.
  • man_ip_address has been replaced by ip.

 

1.12.61.12.8

 

 

 

Change Notes

Open-AudIT - Bugfix - Disk size calculation incorrect when processing SAN details.
Open-AudIT - Bugfix - Using # or $ in a password fails logon to OAC from OAE.
Open-AudIT - Bugfix - When creating a group and assigning a user, application breaks.
Open-AudIT - Improvement - Add a /30 blessed subnet when a user points discovery at a single device.
Open-AudIT - improvement - audit_windows.vbs Win32_Printer.CapabilityDescriptions on Windows 2003 now works.
Open-AudIT - Improvement - PHP7 now works. This means Ubuntu 16.04 should be functional with Open-AudIT.
Open-AudIT - New Feature - Config item created for discovery_use_dns (as above). 
Open-AudIT - New Feature - Store Nmap detected open ports.
Open-AudIT Enterprise - Bugfix - Specific Software installed on a specific date not working.
Open-AudIT Enterprise - New Feature - Export a Baseline Result ordered by Device or Policy.
Open-AudIT Enterprise - New Feature - Search All Attributes from Dashboard.

 

 

 

 

  • No labels