Introduction
As at 1.12.8 we have removed the old functionality of "Create a Windows Audit Script" and replaced it with the Scripts endpoint. You can now create a script with all the options for any of the existing audit scripts - not just Windows. AIX, ESX, Linux, OSX and Windows are all covered.
How Does it Work?
We initially setup the default list of scripts with the default options. The list of script is viewable at /scripts. These default scripts cannot be deleted. You can create additional scripts for use by you as required. Your script will be based on one of the existing scripts and have custom options applied. The scripts can then be downloaded from the list page at menu -> Admin -> Scripts -> List Scripts.
Creating a Script
To make another script use the menu and go to menu -> Admin -> Scripts -> Create Script. Provide a name and optionally a description. Choose a type of script to base your custom script upon. Once you do this, the Options section will populate with the available configurable options. At present Windows and Linux scripts will have the "files" details injected. See details about files here - Files.
NAME - You should name your script with the correct extension. This is the name that will be provided when you download the script. It is best to not have any spaces in the name (I use underscores). IE - For Windows a name such as my_audit.vbs would be be appropriate. For any others, something.sh (ending in .sh) is advisable.
URL - If you leave the URL option as set, Open-AudIT will inject the config value for default_network_address into the URL option. With the default scripts, if left as set, Open-AudIT will inject the default network address when the script is downloaded.
Viewing Script Details
Go to menu -> Admin -> Scripts -> List Scripts.
You will see a list of available scripts. You can view a script by clicking on the it's ID (in green). You can also download, edit or delete the script (if delete is permitted).
Scripts are stored in the database in the "scripts" table. A typical entry will look as below. The "hash" column is not used at present.
id: 12
name: my_audit_aix.sh
options: {"create_file":"n","debugging":"1","org_id":"","submit_online":"y","system_id":"","url":"http:\/\/192.168.88.240\/open-audit\/index.php\/system\/add_system"}description:
based_on: audit_aix.sh
hash:
edited_by: Administrator
edited_date: 2016-08-04 10:40:36
API / Web Access?
You can access the /scripts collection using the normal Open-AudIT JSON based API. Just like any other collection. Please see the API documentation for further details.
API Routes
| Request Method | ID | Action | Resulting Function | URL Example | Notes | Example Response |
|---|---|---|---|---|---|---|
| GET | n | collection | /scripts | Returns a list of scripts. | script_collection.json | |
| GET | y | read | /scripts/{id} | Returns a scripts details. | script_read.json | |
| PATCH | y | update | /scripts/{id} | Update an attribute of a scripts entry. | script_patch.json | |
| POST | n | create | /scripts | Insert a new scripts entry. | scripts_create.json | |
| DELETE | y | delete | /scripts/{id} | Delete a script entry. | scripts_delete.json |
Web Application Routes
| Request Method | ID | Action | Resulting Function | URL Example | Notes |
|---|---|---|---|---|---|
| GET | n | create | create_form | /scripts/create | Displays a standard web form for submission to POST /scripts. |
| GET | y | update | update_form | /scripts/{id}/update | Show the script details with the option to update attributes using PATCH to /scripts/{id} |
| GET | y | download | download | /scripts/{id}/download | Download a complete audit script based on the script entry. |