Schema change for warranty made it into beta 4 but I don't see anything beyond that other than some test stuff.
Can't help with the auditing from a Linux box but I do know OAv2 doesn't have web based audit config like version 1 does.
I've yet to try the new local/remote domain audit stuff but while looking over the audit_domain script over I noticed CheckForHungWMI doesn't do anything and auditing doesn't work for us losers with spaces in our path names.
[code]--- D:/Download/Network Management/OpenAudit/OAV2/OAv2_beta_4/other/audit_domain.vbs Wed Oct 19 21:53:00 2011 +++ D:/Download/Network Management/OpenAudit/OAV2/OAv2_beta_4/other/audit_domain_dev.vbs Wed Oct 19 09:49:27 2011 @@ -22,6 +22,9 @@ ' the name and path of the audit script to use script_name = "c:\xampplite\OAv2\other\audit_windows.vbs" +' the name and path of the psexec executable +psexec = "c:\xampplite\OAv2\other\bin\psexec.exe" + ' set the below to your active directory domain local_domain = "LDAP://your.domain.org" @@ -156,7 +159,7 @@ wscript.echo("processes running: " & num_running) wscript.echo("next system: " & pc_array(i)) wscript.echo("--------------") - command1 = "cscript //nologo " & script_name & " " & pc_array(i) + command1 = "cscript //nologo """ & script_name & """ " & pc_array(i) set sh1=wscript.createobject("wscript.shell") sh1.run command1, 6, false set sh1 = nothing @@ -183,7 +186,7 @@ remote_location = "\\"& pc_array(i) & "\admin$\" wscript.echo "Copying to: " & remote_location on error resume next - objFSO.CopyFile "c:\xampplite\OAv2\other\audit_windows.vbs", remote_location, True + objFSO.CopyFile script_name, remote_location, True 'objFSO.CopyFile "c:\xampplite\OAv2\other\bin\RMTSHARE.EXE", remote_location, True error_returned = Err.Number error_description = Err.Description @@ -198,7 +201,7 @@ Set Command = WScript.CreateObject("WScript.Shell") ' note - specify -d on the command below to run in non-interactive mode (locally) ' if you specify -d you will see command windows of the remote processes - cmd = "c:\xampplite\OAv2\other\bin\psexec.exe \\" & pc_array(i) & " -u " & remote_user & " -p " & remote_password & " -d cscript.exe " & remote_location & "audit_windows.vbs self_delete=y " + cmd = psexec & " \\" & pc_array(i) & " -u " & remote_user & " -p " & remote_password & " -d cscript.exe " & remote_location & "audit_windows.vbs self_delete=y " 'wscript.echo "Running command: " & cmd on error resume next Command.Run (cmd) @@ -255,7 +258,7 @@ if objProcess.Name = "cscript.exe" then ' Look for audit.vbs processes with the //Nologo cmd line option. ' NOTE: The //Nologo cmd line option should NOT be used to start the initial audit, or it will kill itself off after script_timeout seconds - if InStr(objProcess.CommandLine, "//Nologo") and InStr(objProcess.CommandLine, "audit.vbs") then + if InStr(objProcess.CommandLine, "//Nologo") and InStr(objProcess.CommandLine, script_name) then ' The command line looks something like this: "C:\WINDOWS\system32\cscript.exe" //Nologo audit.vbs COMPUTERNAME ' Get the position of audit.vbs in the command line, and add 10 to get to the start of the workstation name position = InStr(objProcess.CommandLine, "audit.vbs") + 10 [/code]
|