I have a fresh install of openaudit 3.2.2-01 running on RedHat 7.7. I am trying to simply get a couple of devices discovered and submit the audit results online. I create the discover, and viewing the command line in the GUI shows this, which is what I expect:
nohup /usr/local/open-audit/other/discover_subnet.sh subnet_range=xxxxx-x url=http://xxxxxxxxxx/open-audit/index.php/input/discoveries submit_online=y echo_output=n create_file=n debugging=0 discovery_id=2 ping=y service_version=n filtered=n timing=4 tcp_ports=22,135,62078 udp_ports=161 ssh_ports=22 > /dev/null 2>&1 &
However, when I review my scanned host, that is not what is being executed....
COMMAND=/tmp/audit_linux.sh submit_online=n create_file=y debugging=1 system_id=1 display=n last_seen_by=audit_ssh discovery_id=1
The audit report never gets sent to the server. The scripts are copied over okay and it creates the XML file okay, just no online submittal unless I run the script manually with the correct flags. Can anyone point me in the right direction as to where I should be looking?
I know where it's failing, I'm trying to understand why. Somewhere in between when I execute the discovery and it gets executed on the server, it sets submit_online to n. All the defaults in the GUI, config, script file, etc are set to Y, but the command being sent to the server clearly has it set to NO - COMMAND=/tmp/audit_linux.sh submit_online=n create_file=y debugging=1 system_id=1 display=n last_seen_by=audit_ssh discovery_id=1 - I'm trying to figure out what would change this.
Discovery does indeed NOT use submit_online (nor URL).
Discovery should copy the script file, run it remotely, parse the output for the generated file path, copy that result file back to itself and process it.
Check the discovery log for hints about where it's failing.
Powered by a free Atlassian Confluence Open Source Project License granted to Opmantek. Evaluate Confluence today.