Prerequisites
The individual performing this installation has some Linux experience.
Root level server access.
An existing (working) Open-AudIT installation.
NOTE - This guide is for upgrading an existing Linux installation to Open-AudIT 1.0.4. If you wish to install onto a clean server, use the pre-requisites and installation guides.
Backup Your Existing Install
Backup your database. Substitute your actual username for USER (likely openaudituser), password for PASSWORD (likely openaudituserpassword), your database name (likely openaudit) for DATABASE_NAME and a suitable path and filename for BACKUP_FILE_NAME in the command below.
Code Block | ||
---|---|---|
| ||
mysqldump -u USER -pPASSWORD DATABASE_NAME > BACKUP_FILE_NAME.sql |
Backup your files by copying your existing files to a backup directory.
Code Block | ||
---|---|---|
| ||
cp -R /usr/local/open-audit /usr/local/open-audit_backup |
If the omkd daemon is installed, stop the daemon and backup the /usr/local/omk directory.
Code Block | ||
---|---|---|
| ||
service stop omkd cp -R /usr/local/omk /usr/local/omk_backup |
Copy the Open-AudIT tarball to the server (OAE-Linux-x86_64-1.0.4.tar.gz).
You may need to use SCP or FTP to get the file onto the server.
The file will now likely be in the users home directory.
Change into the /usr/local directory.
Code Block | ||
---|---|---|
| ||
cd /usr/local |
Untar the file.
Code Block | ||
---|---|---|
| ||
tar xvf ~/OAE-Linux-x86_64-1.0.4.tar.gz |
Fix the file ownership and permissions.
Code Block | ||
---|---|---|
| ||
chown -R root:root omk chmod -R 775 omk chmod -R 770 /usr/local/open-audit chmod -R 777 /usr/local/open-audit/code_igniter/application/views/lang/ chmod 770 /usr/local/open-audit/other/audit_linux.sh chmod 770 /usr/local/open-audit/other/audit_subnet.sh chmod 660 /usr/local/open-audit/other/open-audit.log |
Change permissions for Debian / Ubuntu
Code Block | ||
---|---|---|
| ||
chown -R root:www-data /usr/local/open-audit |
Change permissions for RedHat / CentOS
Code Block | ||
---|---|---|
| ||
chown -R root:apache /usr/local/open-audit |
Change into the omk directory
Code Block | ||
---|---|---|
| ||
cd omk |
Install the Daemon (if not installed)
Copy the daemon startup script.
Code Block | ||
---|---|---|
| ||
cp /usr/local/omk/install/omkd.init.d /etc/init.d/omkd |
Edit the start up script
Section | ||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Add the daemon
Section | ||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Copy the config files.
Code Block | ||
---|---|---|
| ||
cp install/users.dat conf/ cp install/oae_reports.json conf/ cp install/opCommon.nmis conf/ |
Edit the config files.
Code Block | ||
---|---|---|
| ||
nano conf/opCommon.nmis |
Edit the "openauditenterprise" section and insert the actual ip address of the server (not 127.0.0.1 or localhost) in to the oae_server variable (along with http:// and don't forget the trailing /). If you have Open-AudIT installed into a subdirectory in your web root, be sure to add that to the end of the oae_server variable above. On the Opmantek virtual appliance (for example) it would be http://<SERVER_IP>/open-audit/
If you have other Opmantek software installed (NMIS, opMaps, etc) you can also edit the module_configs -> module_host variable in opCommon.nmis. Replace http://localhost with the address of the server.
The email section is described in the Open-AudIT Enterprise - Configuration Guide document.
If the omkd daemon is installed, merge the config files with those from your backed up directory. This should be done manually as new configuration items may have been added to the new file. If any items are not as per the defaults in the backed up file, copy them across.
If the omkd daemon is not installed, create the nmis user.
Code Block | ||
---|---|---|
| ||
useradd nmis |
If the omkd daemon is not installed, configure and copy the apache proxy file.
Edit the file /usr/local/omk/install/04omk-proxy.conf and insert the ip address of the server into the relevant "location" sections (replacing <SERVER>). Make sure you don't use 127.0.0.1.
Code Block | ||
---|---|---|
| ||
nano /usr/local/omk/install/04omk-proxy.conf |
Copy the apache proxy file to the correct location and restart apache.
For Debian / Ubuntu:
Code Block | ||
---|---|---|
| ||
cp /usr/local/omk/install/04omk-proxy.conf /etc/apache2/conf.d/ |
service apache2 restart
For RedHat / CentOS:
Code Block | ||
---|---|---|
| ||
cp /usr/local/omk/install/04omk-proxy.conf /etc/httpd/conf.d/ |
service httpd restart
Start the daemon.
Code Block | ||
---|---|---|
| ||
service omkd start |
Test the Daemon
You should now be able to point a web browser at http://SERVER:8042/omk/oae and at http://SERVER/omk/oae
The default credentials for the Dashboard are user: nmis, password: nm1888.
Edit the Open-AudIT scripts (if using a web root subdirectory)
If you have your web root in a subdirectory (as per the Opmantek virtual appliance), you will need to edit the "url" variable in the various script files. These files can be found in /usr/local/open-audit/other/ The files you will need to edit all begin with audit_ They include audit_linux.sh, audit_subnet.sh, audit_windows.vbs, etc, etc. The URL variable can usually be found at the top of the file.
Copy new web files
If your Open-AudIT install is into a subdirectory of your webroot, be sure to add that to the end of the destination of the cp command below.
For Debian / Ubuntu
Code Block | ||
---|---|---|
| ||
\cp -Rf /usr/local/open-audit/www/* /var/www/ |
For RedHat / CentOS
Code Block | ||
---|---|---|
| ||
\cp -Rf /usr/local/open-audit/www/* /var/www/html/ |
Note - if you are upgrading the Opmantek virtual appliance, you will need to copy the files into a subdirectory.
Code Block | ||
---|---|---|
| ||
\cp -Rf /usr/local/open-audit/www/* /var/www/html/open-audit/ |
Fix the file permissions
For Debian / Ubuntu
Code Block | ||
---|---|---|
| ||
chmod -R 775 /var/www/ |
For RedHat / CentOS
Code Block | ||
---|---|---|
| ||
chmod -R 775 /var/www/html |
For the Opmantek virtual appliance
Code Block | ||
---|---|---|
| ||
chmod -R 775 /var/www/html/open-audit |
Restore old files (if required)
Copy any attachment files from your old to the new install.
Code Block | ||
---|---|---|
| ||
cp /usr/local/open-audit_backup/code_igniter/application/attachments/* /usr/local/open-audit/code_igniter/application/attachments/ |
If you have any Groups or Report files saved in /usr/local/open-audit_backup/code_igniter/application/controllers/(groups or reports)/ that have been custom written, you may wish to copy them to the new install. If they are already activated in the database, there should be no need.
Log in to Open-AudIT at http://SERVER/index.php/main/list_groups and go to Help -> About and perform the database upgrade.
If you do not see the Open-AudIT logon page in your browser, you may need to reload the Apache config.
For Debian / Ubuntu
Code Block | ||
---|---|---|
| ||
service apache reload |
for RedHat / CentOS
Code Block | ||
---|---|---|
| ||
service httpd reload |
In the Open-AudIT web interface, go to Menu -> Admin -> Config and set the URLs for opMaps, Dashboard and NMIS. These will likely be:
For opMaps - http://IPADDRESS/omk/oae/map
For Dashboard - http://IPADDRESS/omk/oae
For NMIS - http://IPADDRESS/cgi-nmis8/nmiscgi.pl
Check your Groups and Reports are functional. If you have some standard Groups and Reports activated, you may wish to deactivate them (Menu -> Admin -> Groups -> List Groups -> delete icon) and activate new ones (Menu -> Admin -> Groups -> Activate Group). Most Group and Report definitions have been updated. Do not deactivate Network Groups. These are created dynamically and if you deactivate them, you will either have to wait until a new computer is audited on the subnet in question (and hence the Group is recreated) or manually input a Group definition.
Ensure you copy the new audit scripts to any hosts that use them - these are usually updated.
Enjoy Open-AudIT v1.0.4