Open-AudIT
http://www.open-audit.org/phpBB3/

I can't audit linux
http://www.open-audit.org/phpBB3/viewtopic.php?f=5&t=3720
Page 1 of 1

Author:  shinoku [ Fri Jul 16, 2010 1:52 am ]
Post subject:  I can't audit linux

i have installed "open audit" on a machine with linux (ubuntu 9.04), for use i entered "http://xxx.xxx.xxx.xxx/oa", then walk into administration, I choose the option to audit my computer and download a script for windows, which works fine on Windows machines.
The problem is with Linux machines, i entered "http://xxx.xxx.xxx.xxx/oa/scripts" and download the file "audit_linux.sh" then I go to console, I give the necessary permits and issued the command
"sh audit_linux.sh"
and I get a manual of options I have to apply but i don't know how to use, and end of the manual I get:
audit_linux: 51: OA_Audit_Log: not found
audit_linux: 98: Syntax error: word unexpected (expecting "in")
i don't know if there are errors at some point in the script.
if someone could give me the code that should run for this script work like the windows would be very grateful

Author:  barry [ Fri Jul 16, 2010 6:27 am ]
Post subject:  Re: I can't audit linux

Just a guess here, that's a bash script.

Instead of: sh audit_linux.sh
try: bash audit_linux.sh

Author:  barry [ Fri Jul 16, 2010 8:32 am ]
Post subject:  Re: I can't audit linux

Just tried audit_linux.sh out of SVN:
http://open-audit.svn.sourceforge.net/v ... xt%2Fplain

on Ubuntu 10.04:
$ sudo bash audit_linux.sh -L -o off

dumps out a text file with a whole bunch of fun in it.

Author:  A_Hull [ Sun Jul 18, 2010 8:34 pm ]
Post subject:  Re: I can't audit linux

It is indeed a bash script, (The shebang at the start #!/bin/bash gives that away for those in the know). You sill also need lspci, installed on the box lshw is a good idea too, and from memory, any other missing needs are repoted by the script.

I have used the script, and despite the fact that it is a work in progress, the results are good.

One thing, the disk stats need a bit more work, as for me at least, they produce meaningless results. I haven't had time to sit down and fix this yet, but if you have the time, let me know what you discover and I will post any changes back to the SVN.

Author:  shinoku [ Tue Jul 20, 2010 5:51 am ]
Post subject:  Re: I can't audit linux

barry thank you very much with your code the scripts runs very good , but not if the script may automatically send data to the open audit database, when I add it from txt I have one problem, all data are not recorded, for example the number ip of the machine audited

Page 1 of 1 All times are UTC + 10 hours
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/