| Table of Contents | ||||
|---|---|---|---|---|
|
Every environment is different and we understand that. We are often questioned if Open-AudIT is pcidss compliant, can audit in a DMZ (demilitarized zone) or an air gapped network. The answer to all of these questions is yes however, it is a matter of process. This How-To is designed to help you think through this process and assist in implementing Open-AudIT into a variety of complex network environments.
...
create_file - Defaults to "y". If set to "y", an XML file will be created and saved as per the audit_windows.vbs script. This file can be manually copied and submitted to the server at a later stage if desired.
Computer with no network connectivity to the Open-AudIT server.
Not every Windows computer will be a simple domain connected machine. Sometimes you may have a server in a DMZ with no network connectivity to the internal network, a machine not on a domain, a standalone machine not networked at all, etc. There are various options to overcome these.
...
An XML file named COMPUTERNAME_DATE.xml should be created. Close the terminal window. Remove the USB drive and go to a computer with Open-AudIT connectivity. Open the XML file and copy the XML and log in to the Open-AudIT web application and go to menu -> Manage -> Devices -> Create Devices. You will see options for manually copying and pasting the file contents or uploading the file directly.
Computer not on the domain.
If you can see the computer on the network and it has it's firewall opened to allow remote WMI/VBscript, you can run the audit script using the remote credentials.
...
Is this device connected to the internet? Yes - Normal, No - Script
Commands
cscript audit_windows.vbs . submit_online=n create_file=y - will run the audit on the local PC and output to a file (in the current directory). The "." can be used in place of the local machine name.
Other helpful resources
What Operating Systems will the audit scripts run on?
...