What will the audit scripts audit?

The audit scripts provided are the following:

  • audit_aix.sh
  • audit_esx.sh
  • audit_linux.sh
  • audit_osx.sh
  • audit_windows.sh

The various versions of the operating systems that the audit scripts work with are below.

We also use SNMP when we can (during discovery) to retrieve details from other network equipment.

AIX

AIX version 5 and above should work. This is a difficult script to continually test as we do not have an AIX machine to develop against. Having said that, it should work as intended. Attributes retrieved should include:

  • System details (model, manufacturer, serial, etc)
  • IP Addresses
  • Hard Disks
  • Memory
  • Netstat
  • Network Cards
  • Partitions
  • Processor
  • Software
  • Users

 

ESX

ESX version 4 and above should work with the audit script. The script is developed against an ESX 5.5 machine so version 4 may present bugs from time to time. NOTE - We retrieve some information using SNMP when we can (not as much as the audit script). Attributes retrieved should include:

  • System details (model, manufacturer, serial, etc)
  • Bios
  • IP Addresses
  • Memory
  • Motherboard
  • Network Cards
  • Processor
  • Software
  • Video
  • VM Guests

 

Linux

The audit script is regularly tested against the following distributions:

  • RHEL 6 / 7
  • Centos 6 / 7
  • Debian 7 / 8
  • Ubuntu 14.04 / 16.04

The audit script should also run against the following (although retrieved information may vary).

  • Alpine Linux (docker)
  • Arch
  • DD-WRT
  • RHEL 4
  • Ubuntu 14.10 / 15.04 / 15.10

Attributes retrieved should include:

  • System details (model, manufacturer, serial, etc)

  • Bios

  • Groups

  • Hard Disks

  • IP Addresses

  • Logs

  • Memory

  • Motherboard

  • Netstat

  • Network Cards

  • Network Shares (Samba)

  • NFS Mounts

  • Optical Disks

  • Partitions

  • Processor

  • Routes

  • Servers (Apache sites)

  • Services

  • Software

  • Sound

  • Swap

  • Users

  • Variables (environment and facter/puppet)

  • Video

OSX

 Attributes retrieved should include:

  • System details (model, manufacturer, serial, etc)
  • Hard Disks
  • Ip Addresses
  • Memory
  • Network Cards
  • Processor
  • Software

Windows

Versions of Windows above Windows 7 are regularly developed against. With the right packages installed, Windows versions as far back as Windows NT 4.0 can be audited. Attributes retrieved should include:

  • System details (model, manufacturer, serial, etc)

  • Bios

  • Groups

  • Hard Disks

  • IP Addresses

  • Logs

  • Mapped Drives

  • Memory

  • Motherboard

  • Mount Points

  • Netstat

  • Network Cards

  • Network Shares

  • Optical Disks

  • Partitions

  • Print Queues

  • Processor

  • Routes

  • Scheduled Tasks

  • SCSI cards

  • Services

  • Shares

  • Software

  • Software Keys

  • Sound

  • Users

  • Variables (environment)

  • Video

  • Windows details (registered organisation, etc)