vmware esxi audit openaudit cannot see the device

 
1
0
-1

Execute audit_esxi.sh normally
openaudit cannot see the device
vmware esxi 6.x has firewall turned on and related ports

openaudit 3.3.2

    CommentAdd your comment...

    3 answers

    1.  
      1
      0
      -1

      3.3.2 The execution of esxi.sh will still have errors

      System Info
      expr: non-numeric argument
      expr: syntax error

      I have just run the script as described on our ESXi machine, running 6.5.0 Update 1 (Build 5969303). It completed without issue.

      [root@toby:/tmp] ./audit_esxi.sh submit_online=y create_file=n debugging=2
----------------------------
Open-AudIT ESXi audit script
Version: 3.3.2
----------------------------
Audit Start Time    2020-07-01 02:38:01
Create File         n
Submit Online       y
Debugging Level     2
Discovery ID        
Org Id              
File                /tmp/toby-20200701023801.xml
----------------------------
System Info
BIOS Info
Processor Info
Disk Info
Memory Info
VM Guest Info
Motherboard Info
Video Cards Info
Network Cards Info
Software Info
Audit Generated in  51  seconds.
Submitting results to server with NetCat
URL: http://192.168.97.3/open-audit/index.php/input/devices
HTTP/1.1 200 OK
Date: Wed, 01 Jul 2020 02:38:52 GMT
Server: Apache/2.4.29 (Ubuntu)
Set-Cookie: PHPSESSID=ks44oambtpqptmuc5hrsk12345; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

Audit Completed in  53  seconds.
        CommentAdd your comment...
      1.  
        1
        0
        -1

        <h4>A PHP Error was encountered</h4>

        <p>Severity: Notice</p>
        <p>Message: Undefined index: HTTP_ACCEPT</p>
        <p>Filename: controllers/input.php</p>
        <p>Line Number: 120</p>

        </div>Audit Completed in 83 seconds.


        You can fix that error by replacing line 120 in /open-audit/code_igniter/application/controllers/input.php with the below. That error is not enough to stop the device being audited and you should have it in your inventory.

                if ( ! empty($_SERVER['HTTP_ACCEPT']) && strpos($_SERVER['HTTP_ACCEPT'], 'json') !== false) {
        1. tacop

          I still don’t see the device after modification
          Execute ./audit_esxi.sh submit_online=y create_file=n debugging=2 No error occurred
          The firewall is also off

        2. Mark Unwin

          Can you post the output (from the command line)?

        CommentAdd your comment...
      2.  
        1
        0
        -1

        Are you running the audit script on the ESXi machine itself, or the Open-AudIT server?

        1. tacop

          Copy the esxi.sh script to /volumes server and run it on the esxi server via ssh. /audit_esxi.sh


        2. tacop

          Tried to execute esxi scheduled execution also failed

        3. Mark Unwin

          Do you see an error? What is it?

          Does the audit complete but not send to the server? If so, have you set the correct URL in the script?

        4. tacop

          Confirmed settings

          Normal execution without errors
          I don’t know if vmware esxi needs to adjust security specifically

        5. tacop

          Submitting results to server
          Audit Completed in 78 seconds.

        6. tacop

          3.3.2 The execution of esxi.sh will still have errors

          System Info
          expr: non-numeric argument
          expr: syntax error

        7. Mark Unwin

          Can you run it as below and post the output.

          ./audit_esxi.sh submit_online=y create_file=n debugging=2
        8. tacop


          <h4>A PHP Error was encountered</h4>

          <p>Severity: Notice</p>
          <p>Message: Undefined index: HTTP_ACCEPT</p>
          <p>Filename: controllers/input.php</p>
          <p>Line Number: 120</p>

          </div>Audit Completed in 83 seconds.

        9. tacop

          sorry do you need to set openaudit config

        10. tacop

          Try to find the problem logs also no errors

          There are also many System Info expr: syntax error

          ----------------------------
          Open-AudIT ESXi audit script
          Version: 3.3.2
          ----------------------------
          Audit Start Time 2020-07-02 10:53:48
          Create File n
          Submit Online y
          Debugging Level 2
          Discovery ID
          Org Id
          File /vmfs/volumes/5ef04491-71937541-85df-000c29d74ce4/VMSrv33229-20200702105348.xml
          ----------------------------
          System Info
          expr: non-numeric argument
          expr: syntax error
          expr: syntax error
          expr: syntax error
          expr: syntax error
          expr: syntax error
          expr: syntax error
          expr: syntax error

          .         |

          expr: syntax error
          expr: syntax error
          expr: syntax error
          BIOS Info
          Processor Info
          Disk Info
          Memory Info
          VM Guest Info
          Motherboard Info
          Video Cards Info
          Network Cards Info
          Software Info
          Audit Generated in 86 seconds.
          Submitting results to server with NetCat
          URL: http://192.168.31.118/open-audit/index.php/input/devices
          HTTP/1.1 200 OK
          Date: Thu, 02 Jul 2020 02:55:24 GMT
          Server: Apache/2.4.6 (CentOS) PHP/5.4.16
          X-Powered-By: PHP/5.4.16
          Set-Cookie: PHPSESSID=lhi1n0lva9m3dtuqt11m2p9ku0; path=/
          Expires: Thu, 19 Nov 1981 08:52:00 GMT
          Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
          Pragma: no-cache
          Content-Length: 0
          Connection: close
          Content-Type: text/html; charset=UTF-8

          Audit Completed in 87 seconds.

        11. Mark Unwin

          Can you run the below commands and post the output.

          smbiosDump | sed -n '/^  Physical Memory Array:/,/^  [A-Za-z]/p' | grep '    Slots' | cut -d":" -f2
          smbiosdump | grep "^  Memory Device: #"
          smbiosDump | sed -n "/^$bank/,/^  [A-Za-z]/p" | grep '    Size:' | cut -d: -f2 | cut -d" " -f2


          Mark.


        12. tacop
          [root@VMSrv33229:/vmfs/volumes/5ef04491-71937541-85df-000c29d74ce4] smbiosDump | sed -n '/^ Physical Memory Array:/,/^ [A-Za-z]/p' | grep ' Slots' | cut -d":" -f2
64
          [root@VMSrv33229:/vmfs/volumes/5ef04491-71937541-85df-000c29d74ce4] smbiosdump | grep "^ Memory Device:#"
-sh: smbiosdump: not found
          [root@VMSrv33229:/vmfs/volumes/5ef04491-71937541-85df-000c29d74ce4] smbiosDump | sed -n "/^$bank/,/^ [A-Za-z]/p" | grep ' Size:' | cut -d: -f2 | cut -d" " -f2
0x00018
8
No
No
No
No
No
No
No
No
No
No
No
No
No
No
No
No
No
No
No
No
No
No
No
No
No
No
No
[root@VMSrv33229:/vmfs/volumes/5ef04491-71937541-85df-000c29d74ce4]
        13. Mark Unwin

          Thanks for that. The second command because of my copy/paste. It should always be smbiosDump (capital D).

          That's not the issue though, the issue is the third response.

          Could you email me (marku@opmantek.com) the output of just the smbiosDump command, by itself? That way I can work through it and ensure we're passing it correctly.

          smbiosDump > smbiosDump.txt

          Mark.

        14. tacop

          Thanks for help
          Can be imported normally

        15. tacop

          Ask again
          Modify the php error under Users

          A PHP Error was encountered

          Severity: Notice

          Message: Undefined property: CI_Loader::$orgs

          Filename: theme-bootstrap/v_users_read.php

          Line Number: 230

        16. Mark Unwin

          Change line 230 from

                   foreach ($this->orgs as $org) {

          to

                  foreach ($this->response->included as $org) {
        CommentAdd your comment...