Registrations to Open-AudIT forums are now closed. To ask any new questions please visit Opmantek Community Questions.

Open-AudIT

What's on your network?
It is currently Sat Mar 30, 2024 12:48 am

All times are UTC + 10 hours




Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 4 posts ] 
Author Message
 Post subject: Current OSX audit script
PostPosted: Fri Aug 30, 2013 8:54 am 
Offline
Site Admin
User avatar

Joined: Mon Jun 07, 2004 11:48 am
Posts: 1964
Location: Brisbane, Australia
I have, in my spare time, begun work on a bash script to audit OSX.
A couple of caveats.
    This is extremely new. Only a day or so old. The code reflects this - it's a quick and dirty hack (but it should work).
    There is NO error checking.
    It only returns the system, cpu and memory sections.
    It works on my MacBook Pro Retina (late 2012) 10.8.4 ( Mountain Lion) - I have no idea if it will work on other Macs/OSX versions.
    You have to run it as root. If you don't run it as root it will ask you for a password anyway - one of the function calls obviously requires root. I've not chased it down yet. Just run it as root or with sudo.


Just set the usual variables at the top of the script.
An additional option is "terminal_print" - set it to "y" and it will dump the result to the console (handy for debugging).


Attachments:
File comment: Rename to audit_osx.sh
audit_osx.txt [5.97 KiB]
Downloaded 619 times

_________________
Support and Development hours available from [url=https://opmantek.com]Opmantek[/url].
Please consider a purchase to help make Open-AudIT better for everyone.
Top
 Profile  
Reply with quote  
PostPosted: Tue Jan 07, 2014 6:06 pm 
Offline
Newbie

Joined: Mon Jan 06, 2014 9:30 pm
Posts: 5
Location: Germany / Berlin
I have some improvements for the actuell audit script comming from open-audit 1.1.
Here some details:
+ added domain detection
+ added man_type and man_owner to the xml file for manuell editing
+ added org_id in the xml file
+ added ip address detection
- fixed system memory size
- fixed the error with the processor speed


Attachments:
audit_osx.txt [11.67 KiB]
Downloaded 512 times
Top
 Profile  
Reply with quote  
PostPosted: Fri Apr 25, 2014 9:38 pm 
Offline
Newbie
User avatar

Joined: Mon Mar 31, 2014 10:37 pm
Posts: 11
Location: Munich - Germany
Here is the code for Adobe Software Inventory on MacOS and I hope someone can add this code to the script.
The result will be a list of Product, Suite and Serial Number:

[code]
#!/bin/sh
# List any CS5 or higher products.

if [ -d /Library/Application\ Support/regid.1986-12.com.adobe/ ] ; then
# Read each each found file and add its product to a list
for AFILE in /Library/Application\ Support/regid.1986-12.com.adobe/*
do
PRODUCT=$( sed -n -e 's/.*<swid:product_title>\(.*\)<\/swid:product_title>.*/\1/p' "$AFILE" )
LICENSE=$( sed -n -e 's/.*<swid:activation_status>\(.*\)<\/swid:activation_status>.*/\1/p' "$AFILE" )
SERIAL=$( sed -n -e 's/.*<swid:serial_number>\(.*\)<\/swid:serial_number>.*/\1/p' "$AFILE" )
PRODUCTLIST="$PRODUCTLIST$PRODUCT $LICENSE $SERIAL"$'\n'
done

fi

# List any CS4 products.

if [ -d /Users/Shared/Adobe/ISO-19770/ ] ; then
# Read each found file add its product to the list
for AFILE in /Users/Shared/Adobe/ISO-19770/*

do
PRODUCT=$( sed -n -e 's/.*<sat:product_title>\(.*\)<\/sat:product_title>.*/\1/p' "$AFILE" )
# Some products use a different version of SWID Tag where "sat:product_title" isn't valid.
# If "sat:product_title" isn't found in the tag then assume "product".

if [ "$PRODUCT" = "" ] ; then
PRODUCT=$( sed -n -e 's/.*<product>\(.*\)<\/product>.*/\1/p' "$AFILE" )
SUITE=$( sed -n -e 's/.*<part_of_suite>\(.*\)<\/part_of_suite>.*/\1/p' "$AFILE" )

# Some products such as Acrobat Pro may exist but this older version
# of SWID Tag will only indicate that it was part of a suite or standalone.
# Report if the product is part of a suite.

if [ "$SUITE" = "true" ] ; then
PRODUCT="$PRODUCT is part of an unknown CS4 suite"
fi
fi

LICENSE=$( sed -n -e 's/.*<sat:activation_status>\(.*\)<\/sat:activation_status>.*/\1/p' "$AFILE" )
PRODUCTLIST="$PRODUCTLIST$PRODUCT $LICENSE"$'\n'
done
fi

echo -n "<result>$PRODUCTLIST</result>"
[/code]

_________________
Senior IT & SAM Conultant - Asset Consult GmbH - Germany
Microsoft SAM Gold Partner - since 2009
--------------------------------------------------------------------------
MCT, MCSE, MCITP, CCNA, Surveyor for digital Forensic & Datacentre Security


Top
 Profile  
Reply with quote  
PostPosted: Mon Apr 28, 2014 4:09 pm 
Offline
Site Admin
User avatar

Joined: Mon Jun 07, 2004 11:48 am
Posts: 1964
Location: Brisbane, Australia
Thanks - I have integrated it with the OSX script. For now (at least) it inserts the data into the CD Keys table. This matched the closest with the retrieved fields...

The new (untested as I don't have any Adobe products) version is attached.

PS - Processor details have also been updated - physical, cores, logical now work (at least for me).


Attachments:
File comment: Rename to audit_osx.sh
audit_osx.txt [16.64 KiB]
Downloaded 500 times

_________________
Support and Development hours available from [url=https://opmantek.com]Opmantek[/url].
Please consider a purchase to help make Open-AudIT better for everyone.
Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 4 posts ] 

All times are UTC + 10 hours


Who is online

Users browsing this forum: No registered users and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB® Forum Software © phpBB Group