...
The user used to audit a Linux host should be root or have sudo access. Some distributions do not allow sudo over an SSH session without a terminal. On these distributions, root can be used.
Using a user account that has no sudo access (and is not root) will result in an audit without all possible attributes retrieved.
Sudo / Root is required for:
dmidecode
(system - uuid, serial, form_factor),
(bios - version, smversion, serial),
(processor - socket),
(memory - all)
netstat
(netstat - program name where not owned by user running script)
NOTE - Running as different users will generate a different list of environment variables.
ESX
On VMware ESX, Open-AudIT uses SSH as it's primary method of auditing. SNMP is also supported (and detailed below).
...