@snue @jpa - Thanks JPA - that's what I would have said. You beat me!
| Open-AudIT https://www.open-audit.org/phpBB3/ |
|
| beta4 is out the door! https://www.open-audit.org/phpBB3/viewtopic.php?f=20&t=5781 |
Page 2 of 5 |
| Author: | jpa [ Fri Oct 21, 2011 3:21 am ] |
| Post subject: | Re: beta4 is out the door! |
You can tune the hide speed by editing www\theme-tango\tango-files\jquery\js\jquery.droppy.js. Find the following code and change the 500 to suite your desired hide speed in milliseconds. [code] function hide() { var subnav = getSubnav(this); if (!subnav) return; $.data(subnav, 'cancelHide', false); setTimeout(function() { if (!$.data(subnav, 'cancelHide')) { $(subnav).slideUp(options.speed); } }, 500); }[/code] |
|
| Author: | Mark [ Fri Oct 21, 2011 8:38 am ] |
| Post subject: | Re: beta4 is out the door! |
@snue @jpa - Thanks JPA - that's what I would have said. You beat me!
|
|
| Author: | Mark [ Fri Oct 21, 2011 8:40 am ] |
| Post subject: | Re: beta4 is out the door! |
@cencik - can you post line 2134 from your audit_windows.vbs please. Any chance you can translate the error message as well? |
|
| Author: | jpa [ Fri Oct 21, 2011 9:06 am ] |
| Post subject: | Re: beta4 is out the door! |
Educated guess on the line 2134 error: You're trying to split the event log info in mess2 on "Product:" which doesn't exist in his language version of Windows and thus mess3 is a single item array which you then try to index into the second position with mess3(1). [code] for each objItem in colItems if objItem.Message <> "" then mess1 = split(objItem.Message, "--") mess2 = split(mess1(0), " ", vbTextCompare) mess3 = split(mess2(0), "Product:") 2134 message_retrieved = trim(mess3(1))[/code] |
|
| Author: | Mark [ Fri Oct 21, 2011 11:38 am ] |
| Post subject: | Re: beta4 is out the door! |
@JPA - ahh yeah, sure. So anyone have any idea's on how to overcome this? I could incorporate the correct string to split on, but I'll need one per language... |
|
| Author: | jpa [ Fri Oct 21, 2011 2:41 pm ] |
| Post subject: | Re: beta4 is out the door! |
Well it looks like you're trying to grab the data between the colon and the double-dash. Big assumption that all languages have the colon and the double-dash but do that. [code]test = "Product: eReg -- Installation " colonPos = InStr(test,":") dashPos = InStr(test,"--") wscript.echo trim(Mid(test,colonPos+1,dashPos-colonPos-1))[/code] Obviously breaks if the product name has a double-dash in it. EDIT: Upon further reflection assume the first space is language neutral and start grabbing text from there rather than the colon. Still have to depend on the double-dash. EDIT2: Searching for the first space breaks if the translation of "Product" has a space in it. So maybe it's safer to search for the colon. |
|
| Author: | snue [ Fri Oct 21, 2011 4:15 pm ] |
| Post subject: | Re: beta4 is out the door! |
@jpa thank you, thats perfect!
|
|
| Author: | joofoo [ Fri Oct 21, 2011 7:44 pm ] |
| Post subject: | Re: beta4 is out the door! |
This is something that was reported in beta-2 (and supposedly fixed), but in my environment we are still having the issue of Win7 systems not displaying the correct "last-logged-on" user. The audit_windows.vbs that is included in beta-4 tries to fix this problem by checking for empty or non-existent key under HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\DefaultUserName. Unfortunately, Win7 does not leave that key empty, nor deletes the key when joining a domain. Therefore, Win7 audits submit the last user that logged in before joining the domain, instead of the true last-logged-on user. You only need to switch order in which you check those registry keys: 1. First check for the Win7 key (HKLM\Software\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\LastLoggedOnUser). 2. If value returned is NULL, check the WinXP key (HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\DefaultUserName) In a previous post, i have outlined a different approach in fixing this, which i have tested and works well: [url]http://www.open-audit.org/phpBB3/viewtopic.php?f=20&t=5753&start=15#p19797[/url] I am now going to change that on the new vbs as well, but i sure hope this small fix is included on the next release. (needless to say thank you mark and anyone contributing to this - once again: This piece of software rocks!) |
|
| Author: | joofoo [ Fri Oct 21, 2011 8:08 pm ] |
| Post subject: | Re: beta4 is out the door! |
[quote="Mark"]@JPA - ahh yeah, sure. So anyone have any idea's on how to overcome this? I could incorporate the correct string to split on, but I'll need one per language... Okay, i faced the same problem with the scipt complaining about line 2134... First i thought it would be useful to debug the problem, so i added a line to print the text under processing that caused the problem, on line 2132: [code]wscript.echo mess2(0)[/code] It turned out that it was only one entry that caused the problem. The software entry that caused the issue was formatted like this: [code]??: Blah-blah-software_name[/code] instead of [code]Product: Blah-blah-software_name[/code] So i gave it a very quick fix by removing my wscript.echo and then changing line 2133 from: [code]mess3 = split(mess2(0), "Product:")[/code] into: [code]mess3 = split(mess2(0), ": ")[/code] This is the best i could do quickly, provided that i am not considered a VB programmer, i am going to look for a way of getting everything in the string after the first semi-colon (that would be better). Adding a whitespace after the semicolon -as i did above- somewhat helps, but that should not be failsafe (in case some product included semi-colon in the software_name). |
|
| Author: | joofoo [ Sat Oct 22, 2011 9:55 pm ] |
| Post subject: | Re: beta4 is out the door! |
POC for permanently fixing the line 2134 error on audit_windows.vbs: [code]Option explicit Dim StrSource,StrProduct Dim offset StrSource = "??: Microsoft Office Language Pack" ' Len() returns 34. offset=InStr(1,StrSource,": ")+1 ' offset=5. StrProduct = Right(StrSource, Len(StrSource)-offset) WScript.Echo(StrProduct) ' outputs: Microsoft Office Language Pack.[/code] If needed i can post a diff on monday, as soon as i fix the audit_windows script at my workplace... |
|
| Author: | jpa [ Sun Oct 23, 2011 4:57 am ] |
| Post subject: | Re: beta4 is out the door! |
Uhhh, as I stated above don't use split AT ALL. Use InStr and Mid. Problem solved as long as the colon and double dash are there. For future reference I think [url=http://msdn.microsoft.com/en-us/library/wffts6k3%28v=vs.85%29.aspx]MID[/url] would be better than [url=http://msdn.microsoft.com/en-us/library/eh8fefz1%28VS.85%29.aspx]RIGHT[/url] in your example joofoo as it's not necessary to calculate the length of the string with MID. [code]StrProduct = Mid(StrSource,offset)[/code] |
|
| Author: | Shmee [ Tue Oct 25, 2011 8:29 am ] |
| Post subject: | Re: beta4 is out the door! |
@joofoo I made the change you suggested to my audit_windows.vbs, and it is picking up user names much better. Thank you. |
|
| Author: | Gloom [ Wed Oct 26, 2011 1:19 am ] |
| Post subject: | Re: beta4 is out the door! |
I've just upgraded to Beta 4 from Beta 1.1 however I can't work out how to upgrade the database. I was expecting it to tell me my database was out of date and offer to upgrade it but no such luck and I really don't want to dump the current database and start over unless I really have to. Anyone have any ideas? |
|
| Author: | jpa [ Wed Oct 26, 2011 2:14 am ] |
| Post subject: | Re: beta4 is out the door! |
Log in to OAv2. Select Help menu and then About. The page should tell you your database needs an upgrade and have a link to upgrade the db. |
|
| Author: | Gloom [ Wed Oct 26, 2011 4:25 am ] |
| Post subject: | Re: beta4 is out the door! |
Thanks that sorted it. |
|
| Page 2 of 5 | All times are UTC + 10 hours |
| Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |
|