We have changed the structure of the 'system' table within Open-AudIT. THIS WILL AFFECT CUSTOM REPORTS AND GROUPS. I cannot stress this highly enough. If you have custom reports and/or groups you will need to export them from Open-AudIT (menu -> Admin -> Queries|Groups -> List, then click the Export button), then delete them (menu -> Admin -> Queries|Groups -> List, then click the Delete button) preferably BEFORE upgrading Open-AudIT. If you have extremely simple items, the upgrade may correctly update them for you - but I wouldn't count on it. Once you have completed the upgrade you can edit your custom reports and/or groups to reflect the updated system table and import them back into Open-AudIT.
NOTE - If running on Windows 2012r2 there is an issue with scheduled tasks. This will be addressed in a future update.
We have done away with the old configuration values for default_ssh_username, et al and replaced the entire process with credential sets. Any upgrades will have their existing default_* items moved into credential sets. You can view the credential sets via menu -> Admin -> Credentials and in Enterprise at menu -> Views -> Credentials. Because of this, there is no need to specify them on the Discovery page(s). We show a warning if no credential sets are present but the Discovery form is requested.
As per all new items, they are also viewable and usable via the JSON API at /credentials.
See our feature page on File Auditing for more information.
Caveat - to enable this feature under a windows Open-AudIT server you will need to make a change to the service user. Please see our File Auditing page for this.
You can now specify directory that will have all it's files listed and recorded. This is injected into the audit script for Linux and Windows when Discovery is run. Attributes recorded are:
Windows - name, size, directory, SHA1 hash, last changed, permissions, owner, version (file permitting).
Linux - name, size, directory, SHA1 hash, last changed, meta data last changed, permissions, owner, group, inode.
The web interface for creating, updating and deleting files s in Open-AudIT Enterprise and accessible at menu -> Views -> Files.
As per all new items, they are also viewable and usable via the JSON API at /files.
See our feature page on File Auditing for more information.
SNMPv3 finally comes to Open-AudIT! Make a credential set with the type equal to SNMPv3 and you will see the usual array of options for you to fill out. This will be checked and used just like any other credential.
This is a Linux only feature (for now). You can create a credential set with type equal to ssh key and provide a username and key. This will be checked and used just like any other credential.
To go with the new File Auditing feature, you can now create audit scripts and store the configuration of them - downloading them when you need them. File Auditing information will be automatically injected into the script (if it's for Linux or Windows) when you download it. You can access them via menu -> Admin -> Scripts. This new feature replaces the old 'Create Audit Windows' feature. You can configure scripts for any of the existing audit scripts - aix, esxi, linux, osx, windows.
As per all new items, they are also viewable and usable via the JSON API at /scripts.
Are now stored when Discovery is run. They are stored and updated as per any other attribute within Open-AudIT. The database table is called nmap.
Are detailed on the page here - The Open-AudIT API (1.12.8). We have moved much closer to http://jsonapi.org compliance. Of note is the format change to /devices/{id}.
We are steadily progressing towards retheming Open-AudIT to use Bootstrap. Going along with that is the ability to update and streamline both our view|template code and our libraries. For example the old Tango theme prevented us from updating to a newer version of jQuery (javascript framework). All Bootstrap pages are being validated as w3c compliant. Work is not complete so you will see some pages in Bootstrap and some in Tango. We're planning to replace all Tango pages eventually. Please bear with us in this time of transition.
We now record the above values. Previously we only stored hostname and sysName. This can make for some confusing results. The definitions for each are below.
name - the name assigned to the device in Open-AudIT. Is initially populated from hostname, sysName or dns_hostname (in that order).
hostname - taken from the device itself when running an audit script or SSH / WMI query.
dns_hostname - taken from DNS (surprise!) by the Open-AudIT server.
sysName - taken from SNMP.
We have similar fields for domain and dns_domain.
We have also introduced a new config item called discovery_use_dns. If this is set to 'y' (the default) the Open-AudIT server will attempt to retrieve the dns_hostname and dns_domain of the device.
We now have a routine in code that runs every time an attribute has data posted to it. It assigns a weight to the process that is attempting to update the data. The weights are below. In this way we only (now) need to store on item for (for example) manufacturer. No more man_manufacturer and manufacturer. This makes for much less confusion and more easily created queries and groups.
case 'user': $weight = 1000; break; case 'audit': case 'ssh': case 'windows': case 'wmi': $weight = 2000; break; case 'snmp': $weight = 3000; break; case 'ipmi': $weight = 4000; break; case 'ad': $weight = 5000; break; case 'nmap': $weight = 6000; break; default: $weight = 10000; break; |
Here are the old and new table definitions. Note the column order is different as shown here compared to the actual table. Here I have sorted by name so you can more directly compare them.
Major items of note.
1.12.6 | 1.12.8 | ||
---|---|---|---|
|
|
Open-AudIT - Bugfix - Disk size calculation incorrect when processing SAN details.
Open-AudIT - Bugfix - Using # or $ in a password fails logon to OAC from OAE.
Open-AudIT - Bugfix - When creating a group and assigning a user, application breaks.
Open-AudIT - Improvement - Add a /30 blessed subnet when a user points discovery at a single device.
Open-AudIT - improvement - audit_windows.vbs Win32_Printer.CapabilityDescriptions on Windows 2003 now works.
Open-AudIT - Improvement - PHP7 now works. This means Ubuntu 16.04 should be functional with Open-AudIT.
Open-AudIT - New Feature - Config item created for discovery_use_dns (as above).
Open-AudIT - New Feature - Store Nmap detected open ports.
Open-AudIT Enterprise - Bugfix - Specific Software installed on a specific date not working.
Open-AudIT Enterprise - New Feature - Export a Baseline Result ordered by Device or Policy.
Open-AudIT Enterprise - New Feature - Search All Attributes from Dashboard.