...
To change these using the GUI in Open-AudIT navigate to menu -> Admin -> Configuration -> All
| Code Block |
|---|
| access_token_count | 20 | number | Allow this many access tokens to be stored in the cookie. |
| Code Block |
+------------------------------------+-------------------------------------------+--------+--------------------------------------------------------------------------------------------------------------------------------------------+ | name | value | | access_token_enable | typey | description | bool | Should we enable access tokens for CSRF mitigation. | +------------------------------------+-------------------------------------------+--------+--------------------------------------------------------------------------------------------------------------------------------------------+ | access_token_count | | blessed_subnets_use | y | bool | Should we only accept data from the blessed subnets list. | 10 | number | | Allowcollector_check_minutes this many access tokens to be stored in the cookie. | 5 | number | The default check interval for collectors. | | access_token_enable | y | bool | Should we enable access tokens for CSRF mitigation. | | create_change_log | y | bool | Should Open-AudIT create an entry in the change log table if | | blessed_subnets_use a change is detected. | y | bool | Should we only accept data from the blessed subnets list.| | create_change_log_bios | y | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the bios table. | | collector_check_minutes | 15 | | create_change_log_disk | number | The default check interval for collectors. | y | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the disk table. | | database_show_row_limit | 1000 | | create_change_log_dns | y | number | The limit of rows to show, rather than download when exporting a database table. | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the dns table. | | default_network_address | | | create_change_log_file | y | text | The ip address or resolvable hostname used by external devices to talk to Open-AudIT. | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the file table. | | delete_noncurrent create_change_log_ip | ny | bool | Should weOpen-AudIT deletecreate anyan attributesentry thatin arethe notchange presentlog whentable weif audit a device.change is detected in the ip table. | | create_change_log_log | | delete_noncurrent_netstat | y | bool | Should weOpen-AudIT storecreate non-currentan netstatentry datain andthe generate change logs.log table if a change is detected in the log table. | | create_change_log_memory | | delete_noncurrent_variable | y | bool | Should we store non-current environment variable data and generateOpen-AudIT create an entry in the change logs.log table if a change is detected in the memory table. | | discoverycreate_change_createlog_alertsmodule | y | bool | Should Open-AudIT create an entry in the change alertlog table if a change is detected in the module table. | | create_change_log_monitor | | discovery_ip_exclude y | | bool | Should Open-AudIT create an entry in the change log table if a |change textis detected in |the Populatemonitor thistable. list with ip addresses to be excluded from discovery. IPs should be separated by a space. | | discoverycreate_linuxchange_scriptlog_directorymotherboad | /tmp/ | y | text | The directory the script is copied| intobool on the target| device.Should Open-AudIT create an entry in the change log table if a change is detected in the motherboard table. | | create_change_log_netstat | y | | discovery_linux_script_permissions | 700 | bool | textShould Open-AudIT create |an Theentry permissionsin setthe onchange the audit_linux.sh script when itlog table if a change is copieddetected toin the targetnetstat devicetable. | | discoverycreate_linuxchange_uselog_sudonetstat_dynamic | n | y | bool | Should Open-AudIT |create boolan entry in |the Whenchange runninglog discoverytable commandsif ona achange Linuxis target,detected shouldin wethe usenetstat sudo.table and the port is 49152 or greater. | | create_change_log_netstat_registered | n | bool | | discovery_use_dns | y Should Open-AudIT create an entry in the change log table if a change is detected in the netstat table and the port is in the range of 1024 to 49151. | | create_change_log_netstat_well_known | y | bool | Should we use DNS for looking up the hostname and| domain.bool | Should Open-AudIT create an entry in the change log table if a change is detected in the netstat table and the port is 1023 or lower. | | create_change_log_network | y | | discovery_use_ipmi | ybool | Should Open-AudIT create an entry in the change log table if a change is detected in the network table. | bool | Should we use ipmitool for discovering management ports if ipmitool is installed. | | create_change_log_nmap | y | | display_version | bool | Should Open-AudIT create an | 2.2.2 entry in the change log table if a change is detected in the nmap table. | text | The version shown on the web pages. | | create_change_log_optical | y | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the optical table. | | download_reports | download | | create_change_log_pagefile | y | text | Tells Open-AudIT to advise the browser to download as a file or display the csv, xml, json reports. Valid values are download and display. | | graph_days | bool | Should Open-AudIT create an entry in the change log table if a change is detected |in 30the pagefile table. | number | The number of days to report on for the Enterprise graphs.| | create_change_log_partition | y | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the partition table. | | gui_trim_characters | 25 | | create_change_log_policy | y | number | When showing a table of information in the web GUI, replace characters greater than this with "...". | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the policy table. | | homepage | groups | | create_change_log_print_queue | y | text | Any links to the default page should be directed to this endpoint. | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the print_queue table. | | internal_version | | create_change_log_processor | 20180620y | number | The internal numerical version. | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the processor table. | | create_change_log_route | y | | log_level | bool | Should Open-AudIT create an |entry 5in the change log table if a change is detected in the route table. | number | Tells Open-AudIT which severity of event (at least) should be logged. | | create_change_log_san | y | bool | | log_retain_level_0 | 180Should Open-AudIT create an entry in the change log table if a change is detected in the san table. | number | Tells Open-AudIT how many days to keep logs with severity 0.| | create_change_log_scsi | y | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the | | log_retain_level_1scsi table. | 180 | | create_change_log_server | number | Tells Open-AudIT how many days| toy keep logs with severity 1. | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the server table. | | log_retain_level_2 | 180 | | create_change_log_server_item | y | number | Tells Open-AudIT how many days to keep logs with severity 2. | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the server_item table. | | logcreate_retainchange_levellog_3service | y | 180 | bool | number | TellsShould Open-AudIT howcreate manyan daysentry toin keepthe logschange withlog severitytable 3.if a change is detected in the service table. | | logcreate_retainchange_levellog_4share | y | 180 | bool | number | TellsShould Open-AudIT howcreate manyan daysentry toin keepthe logschange withlog severitytable 4.if a change is detected in the share table. | | create_change_log_software | y | | log_retain_level_5 | 90 | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the software table. | number | Tells Open-AudIT how many days to keep logs with severity 5. | | create_change_log_software_key | y | bool | log_retain_level_6 | 30Should Open-AudIT create an entry in the change log table if a change is detected in the software_key table. | number | Tells Open-AudIT how many days to keep logs with severity 6. | create_change_log_sound | y | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the sound table. | | log_retain_level_7 | 7 | | create_change_log_task | y | number | Tells Open-AudIT how many days to keep logs with severity 7. | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the task table. | | maps_api_key | | create_change_log_user | AIzaSyAhAUqssRASeC0Pfyx1TW1DXRmboG5bdG0 | text | The API| keyy for Google Maps. | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the user table. | | maps_urlcreate_change_log_user_group | y | /omk/open-audit/map | bool | textShould Open-AudIT create an |entry Thein webthe serverchange addresslog oftable opMaps.if a change is detected in the user_group table. | | create_change_log_variable | n | | match_dbus bool | Should Open-AudIT create an entry in the change log table if a change is detected in the variable table. | n | bool | create_change_log_video | Should we match a device based on its dbus id. | y | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the video table. | | match_fqdn | | ycreate_change_log_vm | y | bool | Should we match a device based on its fqdn. | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the vm table. | | create_change_log_windows | y | | match_hostname | y | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the windows table. | bool | Should we match a device based only on its hostname. | | database_show_row_limit | 1000 | number | | match_hostname_dbusThe limit of rows to show, rather than download when exporting a database table. | y | bool | Should we match a device based on its hostname and dbus id. | | decrypt_credentials | y | bool | When we display or export | | match_hostname_serial credentials, should we decrypt them. | y | bool | Should we match a device based on its hostname and serial. | | default_network_address | http://127.0.0.1./open-audit/ | text | The URL used by external devices to talk to Open-AudIT. | | match_hostname_uuid | y | bool | Should we match a device based on its hostname and UUID. | | delete_noncurrent | n | bool | Should we delete all non-current data. | | match_ip | n | bool | Should we match a device based on its ip. | | delete_noncurrent_bios | n | bool | Should we delete non-current bios data. | | match_mac | n | bool | Should we match a device based on its mac address. | | delete_noncurrent_disk | n | bool | Should we delete non-current disk data. | | match_mac_vmware | n | bool | Should we match a device based mac address even if it's a known likely duplicate from VMware. | | delete_noncurrent_dns | | match_serialn | y | bool | Should we delete non-current dns data. | bool | Should we match a device based on its serial number. | | matchdelete_serialnoncurrent_type file | yn | bool | Should we match a device based on its serial and type. delete non-current file data. | | match_uuid | | delete_noncurrent_ip | yn | bool | Should we match a device based on its UUID. delete non-current ip data. | | modules | | delete_noncurrent_log | n | textbool | TheShould listwe ofdelete installednon-current Opmanteklog modulesdata. | | nmis | | delete_noncurrent_memory | n | bool | EnableShould importwe /delete exportnon-current tomemory NMIS functionsdata. | | nmis_url | | delete_noncurrent_module | n | textbool | TheShould webwe serverdelete addressnon-current ofmodule NMISdata. | | oaedelete_noncurrent_licensemonitor | n | | bool | Should we delete non-current monitor data. | text | License status of Open-AudIT Enterprise. | | oae_productdelete_noncurrent_motherboard | n | Open-AudIT Community | textbool | TheShould namewe ofdelete thenon-current installedmotherboard commercialdata. application. | | oae_prompt | | delete_noncurrent_netstat | 2015-06-01y | date | Prompt to activate a license| forbool Open-AudIT Enterprise. | Should we delete non-current netstat data. | | oae_url | /omk/open-audit | | delete_noncurrent_network | n | text | The web server address of Open-AudIT Enterprise. | bool | Should we delete non-current network data. | | output_escape_csv | y | | delete_noncurrent_nmap | booln | Escape CSV output so Excel will not attempt to run contents. | bool | Should we delete non-current nmap data. | | page_size | 1000 | number | The default limit of rows to retrieve. | delete_noncurrent_optical | n | bool | Should we delete non-current optical data. | | process_netstat_windows_dns | n | bool | Should we keep track of Windows netstat ports used by DNS above port 1000.| | delete_noncurrent_pagefile | n | bool | Should we delete non-current pagefile data. | | rss_enable | y | bool | Enable the RSS feed. | | delete_noncurrent_partition | n | bool | Should we delete non-current partition data. | | rss_url | https://community.opmantek.com/rss/OA.xml | text | The RSS feed URL. | | delete_noncurrent_policy | n | bool | Should we delete non-current policy data. | | servers | | text | The servers to report to when using Agent / Collector / Server. | | delete_noncurrent_print_queue | n | bool | Should we delete non-current print_queue data. | | server_ip | | text | The locally detected IP Addresses of this server. | | delete_noncurrent_processor | n | bool | Should we delete non-current processor data. | | uuid | | delete_noncurrent_route | n | text | bool The unique| identfierShould ofwe thisdelete Opennon-AudITcurrent route server.data. | +------------------------------------+-------------------------------------------+--------+--------------------------------------------------------------------------------------------------------------------------------------------+ | | delete_noncurrent_san | n | bool | Should we delete non-current san data. | | delete_noncurrent_scsi | n | bool | Should we delete non-current scsi data. | | delete_noncurrent_server | n | bool | Should we delete non-current server data. | | delete_noncurrent_server_item | n | bool | Should we delete non-current server_item data. | | delete_noncurrent_service | n | bool | Should we delete non-current service data. | | delete_noncurrent_share | n | bool | Should we delete non-current share data. | | delete_noncurrent_software | n | bool | Should we delete non-current software data. | | delete_noncurrent_software_key | n | bool | Should we delete non-current software_key data. | | delete_noncurrent_sound | n | bool | Should we delete non-current sound data. | | delete_noncurrent_task | n | bool | Should we delete non-current task data. | | delete_noncurrent_user | n | bool | Should we delete non-current user data. | | delete_noncurrent_user_group | n | bool | Should we delete non-current user_group data. | | delete_noncurrent_variable | y | bool | Should we delete non-current variable data. | | delete_noncurrent_video | n | bool | Should we delete non-current video data. | | delete_noncurrent_vm | n | bool | Should we delete non-current vm data. | | delete_noncurrent_windows | n | bool | Should we delete non-current windows data. | | device_auto_delete | n | bool | Should we delete the device data completely from the database when the device status is set to Deleted. | | discovery_default_scan_option | 1 | number | The default discovery options for Nmap. | | discovery_ip_exclude | | text | Populate this list with ip addresses to be excluded from discovery. IPs should be separated by a space. | | discovery_limit | 20 | number | The maximum number of concurrent discoveries we should run. | | discovery_linux_script_directory | /tmp/ | text | The directory the script is copied into on the target device. | | discovery_linux_script_permissions | 700 | text | The permissions set on the audit_linux.sh script when it is copied to the target device. | | discovery_linux_use_sudo | y | bool | When running discovery commands on a Linux target, should we use sudo. | | discovery_override_nmap | n | bool | Override the detction of Nmap to enable discoveries. | | discovery_pid | | number | The discovery queue process pid. | | discovery_route_retrieve_limit | 500 | number | When discovering a device using SNMP, do not retrieve the route table if it contains more than this number of entries. | | discovery_ssh_timeout | 300 | number | Timeout duration (in seconds) when discovering a device via SSH. | | discovery_sudo_path | | text | Optional hardcoded path to sudo executable. Comma seperated for multiple paths. | | discovery_sunos_use_sudo | y | bool | When running discovery commands on a SunOS target, should we use sudo. | | discovery_use_dns | y | bool | Should we use DNS for looking up the hostname and domain. | | discovery_use_ipmi | y | bool | Should we use ipmitool for discovering management ports if ipmitool is installed. | | discovery_use_vintage_service | n | bool | On Windows, use the old way of running discovery with the Apache service account. | | display_version | 3.3.0 | text | The version shown on the web pages. | | download_reports | y | bool | Tells Open-AudIT to advise the browser to download as a file or display the csv, xml, json reports. | | graph_days | 30 | number | The number of days to report on for the Enterprise graphs. | | gui_trim_characters | 25 | number | When showing a table of information in the web GUI, replace characters greater than this with "...". | | homepage | groups | text | Any links to the default page should be directed to this endpoint. | | internal_version | 20191010 | number | The internal numerical version. | | log_level | 5 | number | Tells Open-AudIT which severity of event (at least) should be logged. | | log_retain_level_0 | 180 | number | Tells Open-AudIT how many days to keep logs with severity 0. | | log_retain_level_1 | 180 | number | Tells Open-AudIT how many days to keep logs with severity 1. | | log_retain_level_2 | 180 | number | Tells Open-AudIT how many days to keep logs with severity 2. | | log_retain_level_3 | 180 | number | Tells Open-AudIT how many days to keep logs with severity 3. | | log_retain_level_4 | 180 | number | Tells Open-AudIT how many days to keep logs with severity 4. | | log_retain_level_5 | 90 | number | Tells Open-AudIT how many days to keep logs with severity 5. | | log_retain_level_6 | 30 | number | Tells Open-AudIT how many days to keep logs with severity 6. | | log_retain_level_7 | 7 | number | Tells Open-AudIT how many days to keep logs with severity 7. | | maps_api_key | | text | The API key for Google Maps. | | maps_url | /omk/open-audit/map | text | The web server address of opMaps. | | match_dbus | n | bool | Should we match a device based on its dbus id. | | match_dns_fqdn | n | bool | Should we match a device based on its DNS fqdn. | | match_dns_hostname | n | bool | Should we match a device based on its DNS hostname. | | match_fqdn | y | bool | Should we match a device based on its fqdn. | | match_hostname | y | bool | Should we match a device based only on its hostname. | | match_hostname_dbus | y | bool | Should we match a device based on its hostname and dbus id. | | match_hostname_serial | y | bool | Should we match a device based on its hostname and serial. | | match_hostname_uuid | y | bool | Should we match a device based on its hostname and UUID. | | match_ip | n | bool | Should we match a device based on its ip. | | match_ip_no_data | y | bool | Should we match a device based on its ip if we have an existing device with no data. | | match_mac | y | bool | Should we match a device based on its mac address. | | match_mac_vmware | n | bool | Should we match a device based mac address even if its a known likely duplicate from VMware. | | match_serial | y | bool | Should we match a device based on its serial number. | | match_serial_type | y | bool | Should we match a device based on its serial and type. | | match_sysname | y | bool | Should we match a device based only on its SNMP sysName. | | match_sysname_serial | y | bool | Should we match a device based only on its SNMP sysName and serial. | | match_uuid | y | bool | Should we match a device based on its UUID. | | nmis | n | bool | Enable import / export to NMIS functions. | | nmis_url | | text | The web server address of NMIS. | | oae_license | | text | License status of Open-AudIT Enterprise. | | oae_product | | text | The name of the installed commercial application. | | oae_prompt | 2001-01-01 | date | Prompt to activate a license for Open-AudIT Enterprise. | | oae_url | /omk/open-audit | text | The web server address of Open-AudIT Enterprise. | | output_escape_csv | y | bool | Escape CSV output so Excel will not attempt to run contents. | | page_size | 1000 | number | The default limit of rows to retrieve. | | process_netstat_windows_dns | n | bool | Should we keep track of Windows netstat ports used by DNS above port 1000. | | queue_count | 0 | number | The current number of concurrent device scans running. | | queue_limit | 20 | number | The maximum number of concurrent device scans we should run. | | rss_enable | y | bool | Enable the RSS feed. | | rss_url | https://community.opmantek.com/rss/OA.xml | text | The RSS feed URL. | | servers | | text | The servers to report to when using Agent / Collector / Server. | | server_ip | | text | The locally detected IP Addresses of this server. | | uuid | unique per installation | text | The unique identfier of this Open-AudIT server. |