Open-AudIT • View topic - 'add a pc' shows me some query code, then ...nothing

View unanswered posts | View active topics

Board index » Support

All times are UTC + 10 hours

'add a pc' shows me some query code, then ...nothing

Page 1 of 1

[ 12 posts ]

Print view

Previous topic | Next topic

Author

Message

qc_metal

Post subject: 'add a pc' shows me some query code, then ...nothing

Posted: Sat Sep 16, 2006 6:33 am

Helper

Joined: Sat Sep 17, 2005 7:15 am
Posts: 71

I tried to add a pc and I get the following message:

[code]Verbose:
User:
Verbose: y
System:
UUID:
Timestamp:
Software Audit:

SELECT MAX(system_audits_timestamp) AS timestamp FROM system_audits WHERE system_audits_uuid = ''
INSERT INTO system_audits (system_audits_uuid, system_audits_timestamp, system_audits_username) VALUES ('','','')
INSERT INTO system (system_uuid, system_first_timestamp) VALUES ('','')
UPDATE system SET system_timestamp = '' WHERE system_uuid = ''
Close

Page was generated in 0.07 seconds ![/code]

Is there some simple step that I might have missed somewhere? Everything else seems to work when I run audit.vbs on a standalone system.

_________________
Server Info:
OS : Windows Server 2003
Auditing: ~300 machines
LDAP: Windows Server 2003 Active Directory

Top

mikeyrb

Post subject:

Posted: Sat Sep 16, 2006 7:30 am

Are you pasting the details from audit.vbs into that form? The idea of add pc is to take care of offline audits. If you are on the same network, just let audit.vbs handle adding the computers.

Top

qc_metal

Post subject:

Posted: Sat Sep 16, 2006 8:14 am

Helper

Joined: Sat Sep 17, 2005 7:15 am
Posts: 71

I guess I should re-phrase that...

Running audit.vbs on a system sends data OK to the server, but this query code that I posted comes up after I click the menu option in Open-AudIT to add a PC via the webpage.

No results are ever posted to the server db after clicking 'submit' at the admin_pc_add_2.php page.

Hope that clears my post up a little!

_________________
Server Info:
OS : Windows Server 2003
Auditing: ~300 machines
LDAP: Windows Server 2003 Active Directory

Top

qc_metal

Post subject:

Posted: Sat Sep 16, 2006 8:17 am

Helper

Joined: Sat Sep 17, 2005 7:15 am
Posts: 71

Whoops, didn't mean to double-post ...

_________________
Server Info:
OS : Windows Server 2003
Auditing: ~300 machines
LDAP: Windows Server 2003 Active Directory

Last edited by qc_metal on Sat Sep 16, 2006 8:19 am, edited 1 time in total.

Top

mikeyrb

Post subject:

Posted: Sat Sep 16, 2006 8:19 am

So you paste the results of a scan into the add pc form?

Top

qc_metal

Post subject:

Posted: Sat Sep 16, 2006 8:21 am

Helper

Joined: Sat Sep 17, 2005 7:15 am
Posts: 71

[quote="mikeyrb"]So you paste the results of a scan into the add pc form?

Nope - this is what I see when I type a computer name into the 'add a system' field...

Wait...I'm just realizing something here - is this the field where I must post the results of a computer query if it isn't configured to post automatically? If so...whoops - my thinking was that I could type in a computername here and it would go out and query it remotely.

I suppose that I'm wrong on that point, eh?

Rob

_________________
Server Info:
OS : Windows Server 2003
Auditing: ~300 machines
LDAP: Windows Server 2003 Active Directory

Top

mikeyrb

Post subject:

Posted: Sat Sep 16, 2006 8:24 am

Correct. We don't have a way to have the server do the auditing. This form is for adding pc's that aren't on the same network as the server (generally offline computers).

Top

qc_metal

Post subject:

Posted: Sat Sep 16, 2006 8:29 am

Helper

Joined: Sat Sep 17, 2005 7:15 am
Posts: 71

Ah - OK then! Thanks for that clarification.

What was the reason for not being able to perform an audit remotely from the server? The only reason I ask is that I had been running an ASP page that could pull WMI statistics from a remote PC through a web browser, so I know that it can be done...just curious what was the limitation there?

I think I'll need to pick up PHP and start playing...

Rob

_________________
Server Info:
OS : Windows Server 2003
Auditing: ~300 machines
LDAP: Windows Server 2003 Active Directory

Top

mikeyrb

Post subject:

Posted: Sat Sep 16, 2006 8:35 am

The limitation is that the current version can be run on either windows or linux. Linux of course cannot pull wmi data easily, so there you go. It's something to look at for the future, but for now, it's not a priority.

Top

mikeyrb

Post subject:

Posted: Sat Sep 16, 2006 8:37 am

That being said, I wouldn't be against someone creating a web page audit (I suppose running on IIS, but apache would be nice if posible).

Top

qc_metal

Post subject:

Posted: Sat Sep 16, 2006 2:36 pm

Helper

Joined: Sat Sep 17, 2005 7:15 am
Posts: 71

[quote="mikeyrb"]That being said, I wouldn't be against someone creating a web page audit (I suppose running on IIS, but apache would be nice if posible).

_________________
Server Info:
OS : Windows Server 2003
Auditing: ~300 machines
LDAP: Windows Server 2003 Active Directory

Top

A_Hull

Post subject:

Posted: Sat Sep 16, 2006 5:40 pm

Moderator

Joined: Tue Jan 25, 2005 3:09 am
Posts: 2140
Location: Scotland

[quote="qc_metal"][quote="mikeyrb"]That being said, I wouldn't be against someone creating a web page audit (I suppose running on IIS, but apache would be nice if posible).

I might have to think abou that! I guess you could come at it from two directions:
Startup a remote process to run the audit.vbs on the station from the webserver (less cpu overhead on the server), or have the server run the query itself (which would require more coding on the backend to support both linux and windows serverbase) -

Thanks for the quick info -

best regards,
Rob

In fact to audit from the web server running on windows you would only need to be able run audit.vbs from that server at the click of a web page button. This would be fairly easy. However I dont do it this way, I run he audit.vbs every couple of hours during the working day using a scheduled task.

This means that for example the disk statistics have a meaningfull baseline, I can see roughly when somone ate up a huge chunk of server disk space, or inadvertantly deleted a large folder on one of my servers.

I have had a few ideas about this in the past, and suggest we could "semaphore" audits.

In other words we could either have login scripts post a flag saying "PC {MYPCNAME} is on line" to the server to trigger an audit. The "audit my pc" link in OA Admin would then simply need to do the same thing. i.e. post a flag in the semaphoe directory saying "PC {MYPCNAME} is on line". This method however needs an "OA Service" of some type to do the scanning. It still keeps the fundamental ethos of not needing any extra software to be installed or run on the box being audited however.

Another approch would be tor have the server regularly scan the active directory to see which machine accounts have recently connected, and use this to trigger an audit.

One of the main problems with anything to do with logon scripts is that if a user is not configured with the correct information in their login script, they will never be audited.

Top

Page 1 of 1

[ 12 posts ]

Board index » Support

All times are UTC + 10 hours

Who is online

Users browsing this forum: No registered users and 2 guests

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum