| Open-AudIT https://www.open-audit.org/phpBB3/ |
|
| beta4 is out the door! https://www.open-audit.org/phpBB3/viewtopic.php?f=20&t=5781 |
Page 4 of 5 |
| Author: | snue [ Thu Nov 17, 2011 1:32 am ] |
| Post subject: | Re: beta4 is out the door! |
[quote="deepakdeshp"]So my understanding is :- all the basic functionality of OA v1 is in OA V2 with some additional features in OAV2 like groups. But the OAV1 is tested and hence more stable. OAv2 is missing a software register, linux auditing (correct me if im wrong) and nmap scanning (  ), which are available in v1. But everything else should be working fine (and better than in OAv1) + the improvements mark already stated.
|
|
| Author: | deepakdeshp [ Fri Nov 25, 2011 5:31 am ] |
| Post subject: | Re: beta4 is out the door! |
OAv2 is missing a software register, linux auditing (correct me if im wrong) and nmap scanning and these were available in OA. Are there any plans to include these features in OAV2? Thanks, Deepak |
|
| Author: | Mark [ Fri Nov 25, 2011 8:33 am ] |
| Post subject: | Re: beta4 is out the door! |
[quote]OAv2 is missing a software register, linux auditing (correct me if im wrong) and nmap scanning and these were available in OA. Are there any plans to include these features in OAV2? viewtopic.php?f=20&t=5796 |
|
| Author: | snue [ Fri Nov 25, 2011 5:50 pm ] |
| Post subject: | Re: beta4 is out the door! |
i started to get into oav2 more deeply yesterday and realised it doesnt audit win7 64bit machines for me (doesnt matter if via audit_domain or audit_windows) except my own computer from where im auditing right now. the audit stops at "Software for 64bit" with following error: Outlook Express info Software info Software for 64bit C:\oav2\audit_windows.vbs(2134, 5) Laufzeitfehler in Microsoft VBScript: Index a ußerhalb des gültigen Bereichs: '[number: 1]' which is something like "runtime error: index outside valid area" in english. whats interesting - 3 of the win2k8r2 64bit servers are audited, but nothing else. is there something i can try to find out whats wrong? oh and, maybe im just blind, but is there any way to see if a machine is 32 or 64bit in oav2? |
|
| Author: | Mark [ Fri Nov 25, 2011 9:50 pm ] |
| Post subject: | Re: beta4 is out the door! |
[quote]C:\oav2\audit_windows.vbs(2134, 5) Laufzeitfehler in Microsoft VBScript: Index a ußerhalb des gültigen Bereichs: '[number: 1]' which is something like "runtime error: index outside valid area" in english. whats interesting - 3 of the win2k8r2 64bit servers are audited, but nothing else. is there something i can try to find out whats wrong? Most likely because the search related to who installed the piece of software splits the returned string on "Product:" - ie, in English. Will need to code around this somehow (I think it's been discussed here already). Look for the fix in beta5. For the meantime, uncomment out lines 2128 "on error resume next" and 2148 "on error goto 0". These will enable the script to continue even if there is an error. [quote]oh and, maybe im just blind, but is there any way to see if a machine is 32 or 64bit in oav2? If you send the audit result to a file, in the SYS section you should see a line like <system_pc_os_bit>32</system_pc_os_bit> where 32 or 64 is displayed. Not sure if it's actually displayd in the interface. I'll ensure it is for beta5. |
|
| Author: | jpa [ Sat Nov 26, 2011 7:02 am ] |
| Post subject: | Re: beta4 is out the door! |
[quote="Mark"]Will need to code around this somehow[url=http://www.open-audit.org/phpBB3/viewtopic.php?f=20&t=5781&start=15#p19866]This was my take[/url] on the fix which didn't use arrays at all. |
|
| Author: | deepakdeshp [ Mon Nov 28, 2011 3:43 pm ] |
| Post subject: | Re: beta4 is out the door! |
With the changes listed to the code which are given in this thread, is it possible to audit 32 and 64 bit Windows desktop? Has anybody done it? |
|
| Author: | snue [ Mon Nov 28, 2011 6:47 pm ] |
| Post subject: | Re: beta4 is out the door! |
with uncommenting the lines mark mentioned its running fine. (without auditing 64bit software of course) another thing i just saw: i got a few software installations called: jg 䂸[g () é€cg () å›[g á–°[g () is this already known or am i the only one having this issue? //oh and.. are "mapped drives" missing too? |
|
| Author: | mindugo [ Wed Nov 30, 2011 6:46 pm ] |
| Post subject: | Re: beta4 is out the door! |
How is supposed to work network printer audit? I'm getting many duplicate system records with the same IP address. I guess the same printer is inserted as many times as many audited computers use it. |
|
| Author: | mindugo [ Mon Dec 05, 2011 10:15 pm ] |
| Post subject: | Re: beta4 is out the door! |
Mark, there are couple bugs regarding system links in models\m_printer.php [code]Line 88: if ($input->ip_address > "") { should be Line 88: if ($input->man_ip_address > "") {[/code] and [code]Line 121: "$details->system_id", should be Line 121: "$linked_sys",[/code] As mentioned in my previous post, I had problems with duplicate printers. So I modified printer processing like this: 1. system_key was changed from hostname+deviceid to hostname+model in audit script for non-network printers. I noticed that there were often 2 or more printers with the same model on one host because of different deviceid e.g. hp_LaserJet_1160 and hp_LaserJet_1160_(Copy_1). So I decided to use printer model instead of deviceid to get more accurate physical printer count. 2. Omit timestamps when checking if audited network printer (with IP address) already exists in DB. Network printers would always have different timestamps because they get timestamps from different audited systems. So if timestamps are used, you get the same printer inserted as many times as many audited computers use it. For checking if printer has been audited already I use only system_key (which is IP address for network printers) and printer model. Maybe somebody will find this useful 
|
|
| Author: | Mark [ Tue Dec 06, 2011 8:34 am ] |
| Post subject: | Re: beta4 is out the door! |
[quote]/oh and.. are "mapped drives" missing too? Not missing - they are not there on purpose. Mapped drives are a user setting, not a system setting. I don't capture user settings at all. |
|
| Author: | snue [ Tue Dec 06, 2011 5:39 pm ] |
| Post subject: | Re: beta4 is out the door! |
ah ok, so there wont be (compared to v1) shared folders;environment variables;wsus settings;antivirus infos;mapped drives and firewall settings right? well, i think i can live with that. are there problems with auditing user settings or do you think its just not worth the effort/ressources? |
|
| Author: | Mark [ Thu Dec 08, 2011 9:46 am ] |
| Post subject: | Re: beta4 is out the door! |
Shared Folders are in. Environment variables are in. WSUS / AntiVirus / Firewall not in (yet). Mapped drives out (as explained). |
|
| Author: | snue [ Tue Dec 13, 2011 6:25 pm ] |
| Post subject: | Re: beta4 is out the door! |
Is there a way to get groups based on "parent" organisations, if all systems are in organisations under them? //and can i display the actual organisation name and not the id in a column? |
|
| Author: | Mark [ Wed Dec 14, 2011 10:54 am ] |
| Post subject: | Re: beta4 is out the door! |
[quote]Is there a way to get groups based on "parent" organisations, if all systems are in organisations under them? Should be easy - it's all in the DB after all. Leave it with me - I have this setup (our Org's all have parents - two levels I think). I'll see if I can knock up a report and will post it here. Just so I am clear, you want a list of all PCs belonging to a single "parent" Org, yes? Or - you want a total count of PCs for each parent Org? [quote]//and can i display the actual organisation name and not the id in a column? Check out the attached report - this should do what you want. You just need to join the tables in the SQL. [attachment=0] 
WorkstationDetails2.xml [4.02 KiB]
Downloaded 517 times |
|
| Page 4 of 5 | All times are UTC + 10 hours |
| Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |
|