What does it do?
Open-AudIT is an application to tell you exactly what is on your network, how it is configured and when it changes.
Open-AudIT is designed to be run on a server (Windows or Linux) and to scan your networks for devices. Once a device is found, Open-AudIT runs a series of commands upon it and stores the resulting data in a database. This data is then available for various reporting purposes. Open-AudIT comes with a list of over 50 reports with any number of additional reports able to be created by the user.
Why would you want to go to the trouble (“trouble”, hah, see the blog post about downloading, installing and discovering in under 10 minutes here) of keeping track of every device and it’s configuration? Well, here are some contrived examples…
Anfd then there’s software licensing – that’s a given. Naturally Open-AudIT can report on exactly what software packages are installed. It’s simple and easy to see if you have bought the required number of licenses.
As a result of Open-AudIT storing the data about a device, it also recognizes and stores and changes affected upon a device. If software was added or removed (for example) Open-AudIT stores this and can report upon it. This is taken even further by the concept of a Baseline, which exists in Open-AudIT Enterprise. Baselines enable you to compare one device against another and report the differences.
The feature list is extensive and enables tracking of all IT assets, whether they be on your network or not. Need to record the details of a phone given to a user – not an issue. Open-AudIT can do that. What about the PC that’s not physically connected to the network – Open-AudIT still has the ability to audit the machine and store the details. From their location, to how they’re configured, to who is is in the Administrators group, to when a piece of software was installed, to ensuring file changes (/etc/htpasswd ?) are recorded. Open-AudIT can tell you exactly WHAT is on your network, HOW it is configured and WHEN it changes. Easily. Automatically. Simple.
How does it work?
Open-AudIT works best when you supply a list of credentials that it then uses to query devices. Open-AudIT makes use of Nmap to scan a network and report any responding devices. These devices are then queried to determine their attributes. Even if you don’t have the credentials for a device on your network, Open-AudIT will still have a record of it thanks to Nmap. If a device is found, working credentials determined and it is a ‘computer’, an “audit script” is copied to the device and run. The script gathers extensive information and sends it back to the Open-AudIT server. If the device is a switch, router, printer, etc and it has SNMP enabled and Open-AudIT has working credentials, it’s attributes will be queried using SNMP and no audit scripts will be used.
Once the data is in Open-AudIT, it is yours to query at will. The database structure is open and documented with examples to get you started (if one of the built-in 50 reports don’t do just what you need).
How is it built?
Open-Audit Community is built using free and cross-platform tools such as PHP, MySQL, and Apache. In addition, Open-AudIT uses VBscript and Bash for its audit scripts. Both Professional and Enterprise use the same codebase with available features enabled by the license. Both Professional and Enterprise are compiled binary code with support offered to users by Opmantek.
Open-AudIT started as a free software project. To this day it remains so. In recent years Opmantek Software has become the owners of the codebase and monetize this by creating add-ons in the form of Open-AudIT Professional and Open-AudIT Enterprise.