Open-AudIT

Does anyone have time to port it from Winventory or create a new one?

This would really hit the spot

Cheers,
Snoop

_________________
Server Info:
OS : Windows 2003 SP2
Auditing: 1700 Machines
LDAP: Active Directory

[quote="A_Hull"]Good ideas, all of them. BTW Winventory used to do machine groups, so you might like to take a look at that for a few ideas, (think it was pretty simple, and needed quite a lot of user input).

_________________
Cheers, Nick.

[size=85]OA Server: Windows Server 2003 / Apache 2
Auditing: 1600 Workstations, 200 Servers
OS's: Windows XP / Windows 2000 / Windows 2003 Server / Windows Vista
LDAP: Active Directory[/size]

any devs on this topic?

Rgds,
Adrian

_________________
Server Info:
OS : Windows 2003 SP2
Auditing: 1700 Machines
LDAP: Active Directory

*BUMP*

Really strange nobody is further looking into this, because Software Governance seems to be something big these days.

I would suggest something like creating a separate table in the db with a "whitelist" and a query page that croschecks and displays what is not in that table

Regards,
Adrian

_________________
Server Info:
OS : Windows 2003 SP2
Auditing: 1700 Machines
LDAP: Active Directory

I am looking....
I'll see what I can do for OAv2.
I will post with some questions (I can think of at least one right now) when I've had a chance to mull this over a bit.

Initial one is - How do we account for patches ?
I would assume anything classed as a patch would need to be "auto approved", yes ?

How do you want this displayed ?
A list page with IPAddress, PC Name, Unapproved Software Name, Date detected.

More thoughts to come.

_________________
Support and Development hours available from [url=https://opmantek.com]Opmantek[/url].
Please consider a purchase to help make Open-AudIT better for everyone.

Hi,

I would go with PC Name, IP Address, User, Unapproved, Software Name, Date Detected

Also, if it could keep a history/log that would be nice something like how many times was this user found with a blacklisted software ina 1 month query where you get

Username, Software, Times

_________________
Server Info:
OS : Windows 2003 SP2
Auditing: 1700 Machines
LDAP: Active Directory

1 - Software is usually installed machine wide (not per user).
2 - Software does not always input into the registry which user installed it.

So, "unapproved software by machine" would be OK but "unapproved software on machine by user" would not.

_________________
Support and Development hours available from [url=https://opmantek.com]Opmantek[/url].
Please consider a purchase to help make Open-AudIT better for everyone.

That is correct, however you could get the data for blacklisted software by user, using the last logged on username...

In many organizations there is one machine for each user, worst case scenario the machine is shared by 2-3 people, still it would give you an accurate idea of who that machine belongs to directly in the report, without going back and looking for each user, am I right?


Thanks & Regards
Adrian

_________________
Server Info:
OS : Windows 2003 SP2
Auditing: 1700 Machines
LDAP: Active Directory

In my case my company is interested in such Approved/Unapproved Software functionality as well. For us I think that an "Unapproved Software per Machine" report or listing would probably be fine as most of our machines only have one primary user. I put each person's name into the Computer Description field as a way of tracking who is the primary user for each machine but showing the last logged in username would work too.

One idea may be to tie the list of approved software in with the existing Software Register feature. That might make it easier to implement.

Currently the way I do this is to leave Firefoxes RSS ticker running on my machine, and that of one of my collegues, showing the Software detected in the last 'N' Days feed (typically the last 5 days).

This lets me see quickly when something new arrives, and when I hover over the items, it shows Machine name, IP and User. Our Quality policy dictates that users are not allowed to install anything without approval, and I have just issued a number of Non Conformance Reports for this today.

This is not an ideal solution, as it doesn't show historical stuff, but it catches a surprising number of offenders, and makes the majority of people stick to the rules. However any hookey software installed a while ago will go unnoticed till we manually run through the All software list which is done periodically (about once a month).

I suspect that any changes we make will need to do something similar, perhaps even change the RSS feed to allow optionally showing only unapproved software items.

Having an approved software list may not be quite as easy as it appears, since "Outlook", "Outlook 2002", "Outlook 2003", "Outlook 2008" etc might be approved, but "Outlook Hookey Toolbar" is not, and often things I think might be iffy turn out to be componets of existing software. HP scanners for example install a surprising amount of bloat, but I cant NCR someone if they requested that they be allowed to install their shiny new scanner, just because it installed ZinPing Image software, not on the approved software list.

Automating the approval of software is not as simple as it sounds either, for example some users at a remote site, might be permitted Office Pro, and others only Office Standard, due to licensing restrictions.

If they sneak in to the software cupboard and install Pro without asking that is an NCR, but since the software is on the approved list, we might not spot it. Likewise some users are allowed to install Google Earth (if they seek approval) in order to plan site visits or whatever, other most certainly are not, since they probably only be using it to look for evidence of UFOs .

We dont want to make things too complicated, but...

_________________
Andrew

[size=85]OA Server: Windows XP/ XAMPP, Mandriva/Apache, Ubuntu
Auditing: 300+ Wstns, 20+ Srvrs, Thin clients, Linux boxes, Routers, etc
OS's: Windows XP , W2K Srvr, W2K3 Srvr, W2K8, Vista, Windows 7, Linuxes (and a Mac at home)
LDAP: Active Directory[/size]

My OAv2 test installation which runs on a small subset of our machines does have an (ever-longer) home page that lists, amongst other things, software additions - and deletions. This makes day-to-day tracking *much* easier even for tedious items such as "Java(TM) 6 Update 19 (6.0.190)". Given this ability I would suggest that not too much effort should be expended on such a feature in OA (v1).

John

_________________
OA environment:
OA Server: Ubuntu 10.04LTS
1 Windows 2008R2 Server
4 Windows 2003 Servers
20 Windows XP workstations
1 Windows 7 workstation
2 Ubuntu 11.10 servers
Misc other networked items

[quote="A_Hull"]Having an approved software list may not be quite as easy as it appears, since "Outlook", "Outlook 2002", "Outlook 2003", "Outlook 2008" etc might be approved, but "Outlook Hookey Toolbar" is not, and often things I think might be iffy turn out to be componets of existing software. HP scanners for example install a surprising amount of bloat, but I cant NCR someone if they requested that they be allowed to install their shiny new scanner, just because it installed ZinPing Image software, not on the approved software list.

Automating the approval of software is not as simple as it sounds either, for example some users at a remote site, might be permitted Office Pro, and others only Office Standard, due to licensing restrictions.

If they sneak in to the software cupboard and install Pro without asking that is an NCR, but since the software is on the approved list, we might not spot it. Likewise some users are allowed to install Google Earth (if they seek approval) in order to plan site visits or whatever, other most certainly are not, since they probably only be using it to look for evidence of UFOs .

We dont want to make things too complicated, but...

Interesting read and different needs makes it really complicated to make something that will suit every ones needs.

[code]
Select software_name, software_version FROM software
group by CONCAT(software_name, software_version)
[/code]

Should give you a list of unique software in your environment. Took a list of 550,000 entries down to 1,700, so it must work