...
| Excerpt |
|---|
Released 2023- |
...
11-14 |
md5sum: 56ca4ea98cfb71d6df0b377ee18b06d5
sha256sum: d37c1e71fe5ba27691b363ff275c5203a1c1917cba6d05d926058f701fe809da
Linux only release (at this stage). UPDATE - Windows was released on 2023-11-20.
| Table of Contents |
|---|
Important Caveats
We now only support Redhat 8/9, Debian 11/12, and Ubuntu 20.04/22.04. Upgraders please read all the documentation below.
For version 5.0.0, we do not have Okta or Crowd authentication in place. These will be coming ASAP. NOTE - Even if you are using Okta or Crowd for authentication, you still have your users in Open-AudIT for authorisation. Just assign them a password in Open-AudIT and you can continue to use 5.0.0 until such time as Okta and/or Crowd are implemented.
SAN audit processing has not been implemented. This will be done ASAP.
One final note - If when you first log in the header states that it is Open-AudIT Community and you do have a license, DON'T PANIC. It just needs a new request to consult the license file and all will be well. Just upgrade the database and continue on. You should see the header change with the next request.
The New Stuff
Version 5 of Open-AudIT. Wow, what a ride. Underneath the skin, it is huge. We have upgraded the underlying framework and brought the code itself up to current best practices. As a result, we now install on current Redhat, Debian, and Ubuntu and we need a minimum of PHP 7.4. Hence, the following are the officially supported distributions: Redhat 8/9, Debian 11/12, and Ubuntu 20.04/22.04. We also deprecated the omkd daemon and associated Perl framework. So now there is a single interface and a single website. Obviously, this makes for less code. Which means fewer errors. And less work. All in all, I'm very happy with the result. 
But that's all underneath - you don't care about that! You just want the new features. Well, to be honest, there aren't a lot. We have upgraded the front end to use Bootstrap 5. Community users will notice that the most. We have also moved on from the Tango icons set. Now in use is the Newaita Reborn set. Tango has been awesome, but after almost 20 years, it's time for a change! 
If you download the package from FirstWave, you'll get the Enterprise functionality which includes the javascript library for charting. If you download, build, and install from Github you won't get the Enterprise functionality, nor the javascript charting library. Those pieces are not open source. Them's the breaks - a guy's gotta eat! 
OK, the nitty gritty. 
system Becomes devices
The largest change - the 'system' table that holds all your device data (IP, name, manufacturer, model, et al) is now called the 'devices' table. Much more intuitive and something I've been meaning to do for years. For those upgrading - your queries, summaries, and widgets (et al) will be upgraded as best we can. I would suggest checking any self-created items to ensure they work as intended. Also for upgraders, we have implemented a 'view' in the database named 'system' which should function as the system table did before and enable a (relatively) painless transition. That view will not exist for new installs. 
And related to that, all collections that have default items (think groups, queries, roles, et al) now have the ability to "Reset to Default". Using that function will remove any existing items in the collection and import the new items as per v5.0.0.
Changed Collections
The New Stuff
Version 5 of Open-AudIT. Wow, what a ride. Underneath the skin, it is huge. We have upgraded the underlying framework and brought the code itself up to current best practices. As a result, we now install on current Redhat, Debian, and Ubuntu and we need a minimum of PHP 7.4. Hence, the following are the officially supported distributions: Redhat 8/9, Debian 11/12, and Ubuntu 20.04/22.04. We also deprecated the omkd daemon and associated Perl framework (for Open-AudIT, not the other FirstWave applications). So now there is a single interface and a single website for Open-AudIT. Obviously, this makes for less code. Which means fewer errors. And less work. All in all, I'm very happy with the result.
But that's all underneath - you don't care about that! You just want the new features. Well, to be honest, there aren't a lot. We have upgraded the front end to use Bootstrap 5. Community users will notice that the most. We have also moved on from the Tango icons set. Now in use is the Newaita Reborn set. Tango has been awesome, but after almost 20 years, it's time for a change!
If you download the package from FirstWave, you'll get the Enterprise functionality which includes the javascript library for charting. If you download, build, and install from Github you won't get the Enterprise functionality, nor the javascript charting library. Those pieces are not open source. Them's the breaks - a guy's gotta eat!
OK, the nitty gritty.
Important Caveats
We now only support Redhat 8/9, Debian 11/12, and Ubuntu 20.04/22.04. Upgraders please read all the documentation below.
For version 5.0.0, we do not have Okta or Crowd authentication in place. Even if you are using Okta or Crowd for authentication, you still have your users in Open-AudIT for authorisation. Just assign them a password in Open-AudIT and you can continue to use 5.0.0 until such time as Okta and/or Crowd are implemented.
SAN audit processing has not been implemented yet.
Upgraders
Upgrading from as far back as 2.3.3 (the last version 2.x release) is supported. Please make sure you read all the Open-AudIT Release Notes including this one, before you begin.
If you are upgrading from a version before 3.3.1, you will have to recreate any baselines you have, as well as any roles. The simplest way to recreate the Roles is to go to menu → Manage → Roles → List Roles. Then click the Default Items button. Then click the Reset button.
If you are upgrading (IE, you're running Ubuntu 20.04) when you first log in the header states that it is Open-AudIT Community and you do have a license, DON'T PANIC. It just needs a new request to consult the license file and all will be well. Just upgrade the database and continue on. You should see the header change with the next request.
If you're moving from an old to a new server, see Migrating Licenses below.
We require a minimum of version 7.4 for PHP. This is fine for the supported distributions as listed above, however, if you have installed a custom PHP it's on you to upgrade it.
This is a large upgrade. New installs will "just work", but upgraders should take the time and install it into a testing environment before migrating production instances.
Changes
system Becomes devices
The largest change - the 'system' table that holds all your device data (IP, name, manufacturer, model, et al) is now called the 'devices' table. Much more intuitive and something I've been meaning to do for years. For those upgrading - your queries, summaries, and widgets (et al) will be upgraded as best we can. I would suggest checking any self-created items to ensure they work as intended. Also for upgraders, we have implemented a 'view' in the database named 'system' which should function as the system table did before and enable a (relatively) painless transition. That view will not exist for new installs.
And related to that, all collections that have default items (think groups, queries, roles, et al) now have the ability to "Reset to Default". Using that function will remove any existing items in the collection and import the new items as per v5.0.0.
Changed Collections
We have removed a few items that We have removed a few items that were surplus to needs and to be frank, creating unnecessary complexity. Buildings, Floors, Rooms, and Rows are all gone. Those attributes were used only by the Racks collection and the attributes are now stored directly in the Racks table. When you create a new rack you can select an existing building, floor, room, and row or create a new one. Your existing data will populate the racks table as you would expect. 
...
Session data is no longer stored in the database. You can find it on the filesystem at /open-audit/writeable/session/
We are incredibly proud of what we have achieved with this release, even if outwardly not a lot is visible. 
Going forward this will enable us to improve the code and add new features at a much faster pace - and we have some ideas for killer features. Stay tuned for those. 
Screenshots
Click to enlarge.
Rules now have a regex option to match attributes.
We're introducing a new Collector mode - Stand-Alone. When you turn a Server into a Collector, you can choose from either a regular Collector (as it has always been) or a Stand-Alone Collector. Stand-Alone Collectors are not managed by the Server. They are essentially another Server that is completely separate but sends all found devices to the nominated Server.
We are incredibly proud of what we have achieved with this release, even if outwardly not a lot is visible.
Going forward this will enable us to improve the code and add new features at a much faster pace - and we have some ideas for killer features. Stay tuned for those.
Screenshots
Click to enlarge.
Summaries Collection.
| Devices Collection.
| Networks Collection.
|
Discoveries Collection.
| Dashboard (for | |
Summaries Collection.
| Devices Collection.
| Networks Collection.
|
Discoveries Collection.
Dashboard (for Professional and Enterprise licenses).
| Device Details.
| |
Compact Display .with Icons only.
| ||
Upgrading From an Unsupported Distribution
...
On your new server, install Open-AudiT AudIT v5.0.0 as per a regular fresh install.
...
On your original Open-AudIT server, take a backup of the database. Note - you may need to substitute your MySQL root user password if it is not the default). Note #2- The log entries in the database will be deleted (but you still have them on your original Open-AudIT server, remove the DELETE LOGS command from below if you really need to keep them (most users shouldn't).
| Code Block |
|---|
mysql -u root -popenauditrootuserpassword openaudit -e "DELETE FROM oa_user_sessions; DELETE FROM logs;" mysqldump -u root -popenauditrootuserpassword --extended-insert=FALSE --routines openaudit > /tmp/openaudit.sql |
...
| Code Block |
|---|
scp YOUR_USERNAME@ORIGINAL_OPEN_AUDIT_SERVER:/tmp/openaudit.sql /usr/local/open-audit/ scp YOUR_USERNAME@ORIGINAL_OPEN_AUDIT_SERVER:/var/www/html/open-audit/custom_images/* /usr/local/open-audit/custom_images/*public/custom_images/ scp YOUR_USERNAME@ORIGINAL_OPEN_AUDIT_SERVER:/usr/local/open-audit/code_igniter/application/attachments/* /usr/local/open-audit/app/Attachments/ |
If you have Baselines you wish to keep, on your new server, copy them across.
Replace $WWWGRP with www-data for Debian and Ubuntu and apache for Redhat.
| Code Block |
|---|
sudo mkdir /usr/local/open-audit/temp_baselines_results
scp YOUR_USERNAME@ORIGINAL_OPEN_AUDIT_SERVER:/usr/local/omk/var/oae/baselines/results/*.json /usr/local/open-audit/temp_baselines_results/
chmod -R 777 /usr/local/open-audit/temp_baselines_results
chown -R $WWWGRP:$WWWGRP /usr/local/open-audit/temp_baselines_results |
On your new server, restore the database.
| Code Block |
|---|
cd /usr/local/open-audit
mysql -u root -popenauditrootuserpassword -e "DROP DATABASE openaudit; CREATE DATABASE openaudit;"
mysql -u root -popenauditrootuserpassword openaudit < openaudit.sql |
On your new server, log in. You should be asked to upgrade the database. Obviously, please do so.
On your new server, if you're happy, delete the database backup.
| Code Block |
|---|
rm /usr/local/open-audit/public/custom_images/ scp YOUR_USERNAME@ORIGINAL_OPEN_AUDIT_SERVER:/usr/local/open-audit/code_igniter/application/attachments/* /usr/local/open-audit/app/Attachments/ |
On your new server, restore the database.
...
openaudit.sql |
As a bonus, you now know how to backup and restore your Open-AudIT server going forward. Take a backup of the database and copy the mentioned directories somewhere safe. If the worst case happens, you can spin up a new server and restore the database and directories - easy
Migrating Licenses
On your original Open-AudIT server, open the file /usr/local/omk/conf/opLicense.json
Copy the contents of the key "Open-AudIT Enterprise" and/or "Open-AudIT Professional" (and Open-AudIT Collector if licensed).
On your new server, log in. You should be asked to upgrade the database. Obviously, please do so.
On your new server, if you're happy, delete the database backup.
| Code Block |
|---|
rm /usr/local/open-audit/openaudit.sql |
...
in the GUI go to menu → Licenses → Manage Licenses and paste the contents of the JSON key. NOTE - Only the contents.
IE - Your file will contain this. Only copy the red text, not including the " quotes.
"Open-AudIT Enterprise" : "53616c7465645f5f3a525d58db49b295042...a03cb758b228cd5511da3b9794cf914500c72c27a1",
So you would copy and paste this into the Open-AudIT GUI.
53616c7465645f5f3a525d58db49b295042...a03cb758b228cd5511da3b9794cf914500c72c27a1
Example included response
| Code Block |
|---|
"included":
{
"audit_log":
[
{
"debug": "",
"device_id": "332",
"devices.name": "heimdall",
"id": "185",
"ip": "127.000.000.001",
"timestamp": "2023-06-26 13:08:23",
"type": "audit",
"username": "",
"version": "4.4.2",
"wmi_fails": ""
},
{
"debug": "",
"device_id": "332",
"devices.name": "heimdall",
"id": "186",
"ip": "127.000.000.001",
"timestamp": "2023-06-26 14:58:38",
"type": "audit",
"username": "",
"version": "4.4.2",
"wmi_fails": ""
}
],
"bios":
[
{
"asset_tag": "",
"current": "y",
"date": "12/12/2018",
"device_id": "332",
"first_seen": "2023-06-26 13:08:23",
"id": "31",
"last_seen": "2023-10-02 20:07:51",
"manufacturer": "Phoenix Technologies LTD",
"model": "Phoenix BIOS - Firmware Rev. 6.00",
"name": "Phoenix BIOS - Firmware Rev. 6.00",
"revision": "4.6",
"serial": "VMware-56 4d bd 9b 23 af 49 f8-c7 b4 bc 06 39 fd 99 62",
"smversion": "2.7",
"version": "6.00"
}
]
} |
...