2 answers
- 10-1
Have found and fixed this for our next release - 1.12.6.
In audit_windows.vbs
finditem = item & " <value><![CDATA[" & escape_xml(objItem.VariableValue) & "]]></value>" & vbcrlf
replace
item = item & " <value>" & escape_xml(objItem.VariableValue) & "</value>" & vbcrlf
Add your comment... - 10-1
On the console (dos prompt or bash shell) of an affected machine, can you run the below and post the XML from the "user" section. There should be a file generated called TARGET-YYMMDDHHMMSS.xml.
Windows
cscript c:\windows\audit_windows.vbs submit_online=n create_file=y
Linux
/tmp/audit_linux.sh submit_online=n create_file=y
- Drossery Michopoulou
Hi Mark
Thanks for taking the time to look into this.
Please find here the created file :
- Mark Unwin
Hi, I cannot reproduce the error with the data supplied. I'm just guessing here... 1 - What OS is Open-AudIT running on? 2 - If it's linux, do you have the PHP extension phpmb installed? 3 - When you inspect the XML, do you see anyt " or other unusual characters? 4 - You could try using an XML validator to point you to the exact issue.
- Drossery Michopoulou
Hi Mark Thanks again for your suggestions. Indeed there was an error while validating the xml (I was able to upload the report after removing the specific line) Question is how to bypass this error without manual intervension (via normal scheduled job like the rest of the workstations) PS : The line with the error follows if it helps: "<value><![CDATA[<![CDATA[C:\ProgramData\Oracle\Java\javapath;%SYSTEMROOT%\SYSTEM32;%SYSTEMROOT%;%SYSTEMROOT%\SYSTEM32\WBEM;%SYSTEMROOT%\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Program Files\TortoiseGit\bin;C:\Users\xxxxxxxxxxxx\AppData\Local\Apps\cURL\bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files\nodejs\;C:\Program Files (x86)\MySQL\MySQL Fabric 1.5 & MySQL Utilities 1.5\;C:\Program Files (x86)\MySQL\MySQL Fabric 1.5 & MySQL Utilities 1.5\Doctrine extensions for PHP\]]>]]></value>
Add your comment...
Hi all
After upgrading to the latest version we receive the following error on some (few) systems "Apr 04 15:22:15 opmantek 44212 5 U:- C:system F:add_system I:xxx.xxx.xxx.xxx M:Invalid XML audit result for user".
Looks like the known bug (invalid XML error in open audit version 1.10 of Open-AudIT..) but this should have been fixed since version 1.10_2.
Many thanks!