...

Queries in Open-AudIT are created in

...

XML format

...

. Examples can be found under the code_igniter/application/controllers/reports directory. These are the

...

Queries that appear when the menu item Admin ->

...

Queries -> Activate

...

Query is chosen.

The XML report definition file can be placed in the above directory and activated or copied and pasted into the text box at Admin -> Reports Queries -> Import ReportQuery.

When a Report Query is activated or imported, it's definition is stored in the database. An imported Report Query is not stored on the filesystem as per the default reportsqueries.

Reports Queries can be exported to XML or deleted from the database at Admin -> Reports Queries -> List ReportsQueries.

Reports are Queries are traditionally run against an individual Group. This way users can run any activated Report against the Groups they have access to.

A report query can be run and displayed on the web page or exported to Excel, CSV, XML, JSON or RSS formats. Only Reports with Queries with a timestamp column are available as RSS format.

After reading the below, the best way to create your own report is query is to copy one of the existing definition files (at the above location), edit it and importing it. Try and run it against a Group. If you don't get the result you want, you can delete the Report as Query as above, edit the XML and re-import it.

A Report definition Queries definition consists of two major sections - the details and column sections. Details is primarily concerned with retrieveing the data from the database where as the columns section concentrates on the format of the gathered data to be displayed.

...

report_name - Quite self explanatory. This should be unique as if two reports queries with the same name are activated, the program will work but they will be indistinguishable in the application menu.

report_display_in_menu - Most reports queries will want this set to "y". A few reports queries are designed to be called from other reportsqueries, not directly. Examples of these reports queries are the Specific Software, Specific Key, Specific Server, etc reports.

report_sql - This is the SQL statement that is used to query the database. The attribute @group should be used so the Report Query is run against the particular Group in question as opposed to every item in the database (negating the User / Group / Permission security model). There is scope within the application to pass two additional parameters. These should be inserted into the SQL as a ?. The application will automatically escape the string and pass it to the query when the Report Query is run.

report_display_sql - This is not used for ReportsQueries. It is used for Groups. The Report Query and Group definitions use compatible XML files so this is simply to ensure the same attributes are present in both.

report_view_file - Some Reports Queries may have a format that doesn't fit with the standard column data view. If you need something specific you can create your own "view" file in code_igniter/application/views/theme-tango/ and this file will be called with the data.

...

The columns section contains an entry for each column to be displayed in the reportquery. The attributes are:

column_order - On the web page from left to right, which position to display this column in. I generally stick to keeping the XML columns in the XML file in the same order as I wish to see them displayed.

...

• link - a link to a web page within the application is created using the value in the column_link attribute. The value in the column_secondary attribute is appended to the previous value. This is how we display a link to a System Details page (for example).
• image - The value of the column_variable attribute is used to populate the image source. It will be formatted thus - /theme-<theme>/<theme>-images/16_<column_variable>.png where <theme> is the user theme (this is "tango" by default).
• ip_address - IP Addresses are stored with padded 0's in the database to facilitate sorting. When presented in a reportQuery, a hidden SPAN is created that contains the padded ip address, then the unpadded ip address is displayed. The javascript table sorter will then sort in correct order.
• timestamp - a date formatted field.
• url - A link to an external web page. The href attribute of the URL will contain the software_url variable and (if populated) the value of the attribute specified in the column_secondary attribute. If populated, the text of column_ternary attribute will be used to create an image as per the above column_image type.
• column_link - Used when column_type = link or url. When link, the path that is added to the base url of the application. When url, the text is used as the actual URL.

...

The columns for the "Installed Software" report query are below: