Introduction
You can create a script with all the options for any of the existing audit scripts - not just Windows. AIX, ESX, Linux, OSX and Windows are all covered.
How Does it Work?
We initially setup the default list of scripts with the default options. The list of script is viewable at /scripts. These default scripts cannot be deleted. You can create additional scripts for use by you as required. Your script will be based on one of the existing scripts and have custom options applied. The scripts can then be downloaded from the list page at menu: Discover -> Audit Scripts -> List Audit Scripts.
Creating a Script
To make another script use the menu and go to menu: Discover -> Audit Scripts -> Create Audit Scripts. Provide a name and optionally a description. Choose a type of script to base your custom script upon. Once you do this, the Options section will populate with the available configurable options. At present Windows and Linux scripts will have the "files" details injected. See details about files here - Files.
NAME - You should name your script with the correct extension. This is the name that will be provided when you download the script. It is best to not have any spaces in the name (I use underscores). IE - For Windows a name such as my_audit.vbs would be be appropriate. For any others, something.sh (ending in .sh) is advisable.
URL - If you leave the URL option as set, Open-AudIT will inject the config value for default_network_address into the URL option. With the default scripts, if left as set, Open-AudIT will inject the default network address when the script is downloaded.
Viewing Script Details
Go to menu: Discover -> Audit Scripts -> List Audit Scripts.
Database Schema
The schema for the database is below. It can also be found in the application if the user has database::read permission by going to menu: Admin -> Database -> List Tables, then clicking on the "scripts" table.
CREATE TABLE `scripts` ( `id` int(10) unsigned NOT NULL AUTO_INCREMENT, `name` varchar(200) NOT NULL DEFAULT '', `org_id` int(10) unsigned NOT NULL DEFAULT '1', `options` text NOT NULL, `description` text NOT NULL, `based_on` varchar(200) NOT NULL DEFAULT '', `hash` varchar(250) NOT NULL DEFAULT '', `edited_by` varchar(200) NOT NULL DEFAULT '', `edited_date` datetime NOT NULL DEFAULT '2000-01-01 00:00:00', PRIMARY KEY (`id`) ) ENGINE=InnoDB AUTO_INCREMENT=8 DEFAULT CHARSET=utf8;
Example Database Entry
Scripts are stored in the database in the "scripts" table. A typical entry will look as below.
id: 1
name: audit_aix.sh
org_id: 1
options: {"submit_online":"y","create_file":"n","url":"http:\/\/localhost\/open-audit\/index.php\/input\/devices","debugging":1}
description: The default audit AIX config.
based_on: audit_aix.sh
hash:
edited_by: system
edited_date: 2000-01-01 00:00:00
API / Web Access?
You can access the /scripts collection using the normal Open-AudIT JSON based API. Just like any other collection. Please see the API documentation for further details.
API Routes
| Request Method | ID | Action | Resulting Function | URL Example | Notes | Example Response |
|---|---|---|---|---|---|---|
| GET | n | collection | /scripts | Returns a list of scripts. | script_collection.json | |
| GET | y | read | /scripts/{id} | Returns a scripts details. | script_read.json | |
| PATCH | y | update | /scripts/{id} | Update an attribute of a scripts entry. | script_patch.json | |
| POST | n | create | /scripts | Insert a new scripts entry. | scripts_create.json | |
| DELETE | y | delete | /scripts/{id} | Delete a script entry. | scripts_delete.json |
Web Application Routes
| Request Method | ID | Action | Resulting Function | URL Example | Notes |
|---|---|---|---|---|---|
| GET | n | create | create_form | /scripts/create | Displays a standard web form for submission to POST /scripts. |
| GET | y | update | update_form | /scripts/{id}/update | Show the script details with the option to update attributes using PATCH to /scripts/{id} |
| GET | y | download | download | /scripts/{id}/download | Download a complete audit script based on the script entry. |