Child pages
  • 5 - What is Open-AudIT Cloud?
Skip to end of metadata
Go to start of metadata



Introduction

Open-AudIT Cloud is Open-AudIT without you having to worry about provisioning an internal server. Opmantek host and provides updates to your Open-AudIT instance for you. 

Open-AudIT Cloud is always updated, without you doing a thing!


Cloud Collector Beta Caveats

Both Windows and Linux

After the first logon to Open-AudIT Cloud Collector, the collector should be setup as requested, however the user will be redirected back to the logon screen. Logon again to see the Collector details. This will be fixed for the production release.

Windows

IMPORTANT - Make sure you install Nmap. https://nmap.org

Linux

When installing the Cloud Collector on Linux, the file below (it is a text file) must be modified and relevant attributes set, then the omkd daemon restarted - BEFORE logging in to Open-AudIT Cloud Collector. This will be fixed for the production release.

/usr/local/omk/conf/opCommon.nmis


'auth_login_motd' => 'Logon using your cloud.open-audit.com credentials.',
'auth_method_1' => 'openaudit',
'auth_method_2' => '',
'auth_method_3' => '',

'omkd_require_nmis' => 'false',
'load_applications' => ['Open-AudIT'],

'oae_type' => 'cloud_collector',


Cloud Collector Troubleshooting

If your Cloud Collector does not register, edit the below file (it is a text file).

Linux - /usr/local/omk/conf/opCommon.nmis

Windows - c:\omk\conf\opCommon.nmis

Change the below attributes -

'omk_log_level' => 'debug',
'oae_debug_level' => 2,

Restart the service "omkd".

Attempt to logon again (bearing in mind the above caveat that you wil be redirected to the logon screen and have to relogin). Now check the log files at:

Linux - /usr/local/omk/log/open-audit.log and /usr/local/omk/auth.log

Windows - c:\omk\log\open-audit.log and c:\omk\log\auth.log

NOTE - The support team will most likely ask for a copy of all *.log files in that directory when troubleshooting.



Using Open-AudIT Cloud


To make use of Open-AudIT Cloud, depending of whether you want to audit your local network(s) of your cloud(s) will dictate what needs to be done.

Cloud Auditing

Auditng your clouds is relatively straight forward. Makr a clouds entry, supply your cloud credentials and device credentials and execute the cloud. Done. Everything should "just work".

Local Network Auditing

Discovering your local network will require a bit more work. Obviously the cloud server cannot reach into your network directly. This is where the Cloud Collector comes into play. You will need to download and install the Cloud Collector. Once installed, sign into the Cloud Collector using your Cloud credentials. The Collector will reach out to the Cloud Server and register itself. As far as the Cloud COllector is now concerned, you shouldn't need to access it again.

Once the Cloud Collector has registered itself, you should log back in to the Cloud Server. You will be able to see the registered Cloud Collector under menu → Admin → Collectors → List Collectors. To discover the devices on your local network, you will need to create any required credentials in menu → Discover → Credentials → Create. Once you have created those, go to menu → Discover → Discoveries → Create and create a new discovery. You should supply the network to be discovered, and that is all.

To actually execute (or run) the discovery will require you to "schedule" it to be run. Go to menu → Admin → Tasks → Create. Set the type as Discovery and select the discovery required.  The Collector should be automatically populated for you - if not, select it as well. The Cloud Server runs in the UTC timezone, so bear this in mind when you select when you would like the discovery to run. You can see the current time on the Cloud Server in the "Current Timestamp" attribute. Your Cloud Collector will check-in with the Cloud Server every 15 minutes by default. So you should schedule your discovery to run on a 15 minute mark, IE: 0, 15, 30, 45 minute. The scheduling times work on standard Unix cron settings. See Wikipedia for more information. If a task is scheduled but has not run, the next time a Cloud Collector checks-in, it will NOT run this missed task.

Once you have downloaded, installed and registered your Cloud Collector, created credentials, a discovery and task entry, sit back and wait. Once the schedule triggers, your Cloud Collector will start scanning, discovering and auditing the devices on your network and sending the results back to the Cloud Server.


All of the above relates to the BETA of Open-AudIT Cloud only. Going forward we have designs to make all of this much, much easier for the customer.


Please report any issues you come across of difficulties you run into to support@opmantek.com - any feedback, any at all, is much appreciated.


Open-AudIT Cloud will only get easier and better as we move forward.

Onwards and Upwards.

Mark Unwin.