Open-AudIT

Can anyone suggest how to retrieve device details via SNMP? We run discover_subnet.sh which adds the device to OA successfully, but the SNMP routine doesn't seem to pull in anything to OA (eg hardware details, software, etc).

The OA log shows:

[code]Apr 25 11:30:48 nms 12021 C:discovery F:process_subnet Deleting credential set for x.x.x.x submitted on .
Apr 25 11:30:45 nms 12020 C:discovery F:process_subnet Completed processing x.x.x.x.
Apr 25 11:30:45 nms 12020 C:discovery F:process_subnet No credentials supplied for SSH audit for x.x.x.x (System ID 2).
Apr 25 11:30:45 nms 12020 C:discovery F:process_subnet SNMP credential update for x.x.x.x (System ID 2).
Apr 25 11:30:44 nms 12020 C:discovery F:process_subnet SNMP insert for x.x.x.x.
Apr 25 11:30:44 nms 12020 H:snmp_helper F:get_snmp x.x.x.x SNMP v2c scanned.
Apr 25 11:30:44 nms 12020 C:discovery F:process_subnet Attempting SNMP discovery on x.x.x.x.
Apr 25 11:30:44 nms 12020 C:discovery F:process_subnet SSH Status: true x.x.x.x.
Apr 25 11:30:44 nms 12020 C:discovery F:process_subnet SNMP Status: true x.x.x.x.
Apr 25 11:30:44 nms 12020 C:discovery F:process_subnet WMI Status: false x.x.x.x.
Apr 25 11:30:43 nms 12020 C:discovery F:process_subnet Start processing x.x.x.x.[/code]

When running snmpwalk directly on the OA host it retrieves tons of information, so there isn't a lack of information available via SNMP - it just seems OA isn't getting it.

We have the default_snmp_community variable set correctly in Config.

Any ideas?

Cheers,
Chris

So reading that log:

SSH and SNMP are open on the target.
SSH has no credentials so is not attempted.
SNMP is used to query the target and details inserted into Open-AudIT.

What details are you missing? What are you expecting? Feel free to email me more detailed information if you don't want to post it here

_________________
Support and Development hours available from [url=https://opmantek.com]Opmantek[/url].
Please consider a purchase to help make Open-AudIT better for everyone.

Many thanks for your reply Mark.

The only section that is populated with details is the System Details section - everything else is blank and the Hardware and Software sections are missing. This suggests to me that either no or very limited information from SNMP was gathered. Yet, when I run snmpwalk on the console of the OA server, it retrieves loads of information including all the hardware details.

Any suggestions for getting this to work properly? Ideally we'd prefer to use SNMP instead of the Linux audit script as it's agentless/zero-config.

Thanks again.

Cheers,
Chris

From what you describe, it is working as intended.
We retrieve a limited set of information via SNMP - usually (as you have found) the Details and now the Network Interface sections.

The linux audit is indeed agentless.
If you provide credentials to the Discovery form, it will copy the script to the Linux machine, execute it and finish.
No agent running on the target machine. Nothing installed other than an audit script copied to the /tmp directory. We have a feature on the list to have the script have an option to auto-delete itself (as per the Windows audit script). This would leave nothing at all on the target machine. At the moment, the audit script is left in /tmp.

You must provide an SNMP community string, so providing SSH credentials is about the same amount of work, is still agentless and retrieves much more than SNMP can.

If you still prefer to have a complete linux audit completed via SNMP, I'm happy to work with you via [url=https://opmantek.com/contact-us/]Opmantek[/url] to implement this feature.

_________________
Support and Development hours available from [url=https://opmantek.com]Opmantek[/url].
Please consider a purchase to help make Open-AudIT better for everyone.