Open-AudIT

Any chance of a Mac OS X Audit script? Is it similar enough to Linux that it could be converted?

I'm trying this too... some of the audit_linux.sh stuff is working, but lspci for example does not work.

It could be possible to use an AppleScript to gather the information and paste it into the browser... i spent two hours this evening with that

I'll post any progress that im making...
If you have any knowledge of the system info command in AppleScript, let me know

mfg
Dennis

[quote="erSitzt"]I'm trying this too... some of the audit_linux.sh stuff is working, but lspci for example does not work.

It could be possible to use an AppleScript to gather the information and paste it into the browser... i spent two hours this evening with that

I'll post any progress that im making...
If you have any knowledge of the system info command in AppleScript, let me know

mfg
Dennis

Nice ! I'll test it

mfg
Dennis

Seems to work
I'll finish a perl script to audit mac and post my results.

mfg
Dennis

Any update on this? We've just been assigned the task of integrating MacOS X info with open-audit at work, so I could really use this.

I messaged erSitzt and he said he wasn't working on it anymore so I decided to do it.

I hacked together an audit script using admin_pc_add_2.php from Open-AudIT and a Mac agent for OCS Inventory which can be found http://codejanitor.com/wp/2006/02/16/oc ... 0-released.

Before you run it, search the file for "CHANGEME" and replace all occurances with the suitable info for you.

I tried to put in comments where it seems necessary. But here's a warning that I'm not a PHP coder and I'm sure there's better ways to do it.

Mac Audit 0.0001: http://k-thx.com/~scott/mac_audit.zip

This zip contains the main audit.php script, the 2 scripts I used to make it, and the expect script (read below about it).

[code]
Usage:

php audit.php

or

php audit.php xmlprofile.spx
[/code]

For the first option you run it on the remote machine you want to audit. The second option can be run from any machine.

This script will get all the info from System Profiler and populate the Open-Audit database.

Currently, lots of hardware is left out. I have no need for all of it so it isn't included right now. Feel free to modify it and add in whatever you want. It isn't very hard once you understand how it works; it's just tedious.

The next problem is running this script on all your Macs without a lot of manual work. The solution I came up with is this:

1. Enable SSH on all Macs
2. Add an admin user with the same name/pass on all Macs
3. Host audit.php on a local webserver
4. Use expect (apt-get install expect on ubuntu/debian) to execute the script on all machines

Here are some resources on expect or another great tool called tentakel (need to use SSH keys):

http://blog.platinumsolutions.com/node/135
http://www.cyberciti.biz/tips/execute-c ... rt-ii.html

Here is the script I use:

[code]
#!/usr/bin/expect -f
proc doWork {host} {
spawn ssh user@$host "curl http://url/audit.txt > audit.php;php audit.php;rm audit.php"
expect -timeout 5 -nocase "password: "
send "password"
send "\n"
send "exit\n"
expect -re "Connection.*closed\."
wait
}
set fp [open macs.txt r]
while {[gets $fp line] > -1} {
set host [string trim $line]
if {![string match "#*" $host] &&
[string length $host]} {
doWork $host
}
}
close $fp
[/code]

macs.txt is just a list of IPs. Add audit.exp to a cronjob and you're good to go.

Someone may want to integrate this into open-audit somehow.

I'm probably forgetting some stuff so ask away.

I should say what is working right now:

Most basic system info
OS info
Software
Processor
Network Card
Memory

Thanks Scott,

I will definately be looking into this and seeing if I can get it to work, although I am no unix or mac scripting expert by any stretch.