Have fixed the reported Bugs in alpha 6.
Have been doing some streamlining / cleanup work on Groups.
Have added to the FAQ page, inside the application (help -> FAQ menu item) detailing how the columns work when displaying Groups and Reports.
Alpha 7 should be out soon with these updates.
Friday, December 3, 2010
Tuesday, November 30, 2010
OAv2 Alpha 6 released
Heaps of changes in this release.
I'll attempt to detail them in a subsequent post.
Please download it and report feedback to the Open-AudIT forums - LINK.
I have a few days off, so I plan to code, code, code. Any feedback / bugs can be corrected quick smart !).
You can find the download link on the right of this page.
I'll attempt to detail them in a subsequent post.
Please download it and report feedback to the Open-AudIT forums - LINK.
I have a few days off, so I plan to code, code, code. Any feedback / bugs can be corrected quick smart !).
You can find the download link on the right of this page.
Thursday, November 4, 2010
What's next ?
CMDB or Software Licensing Register ?
Both will take a bit of time, so does anyone have a preferrence which I take a look at next ?
Personally, I'm thinking Software Register, but I'm open to change.
FYI - I have the DB design mostly complete for both of these - it's just the actual code that needs to happen now. "Just" the code he says... :-)
Both will take a bit of time, so does anyone have a preferrence which I take a look at next ?
Personally, I'm thinking Software Register, but I'm open to change.
FYI - I have the DB design mostly complete for both of these - it's just the actual code that needs to happen now. "Just" the code he says... :-)
IIS Auditing
IIS auditing for Windows 2003 and up is working.
I also have 64bit Windows CD Keys enumerating, too.
Some spit and polish to do, but another alpha should be inbound soon.
I also have 64bit Windows CD Keys enumerating, too.
Some spit and polish to do, but another alpha should be inbound soon.
Monday, October 4, 2010
What's next for OAv2 ?
My work program (in my head) is such:
1 - Finish off the existing functions that have been implemented.
2 - Get IIS auditing working.
Those two will take a week or so.
Look-out for another alpha next week sometime...
1 - Finish off the existing functions that have been implemented.
2 - Get IIS auditing working.
Those two will take a week or so.
Look-out for another alpha next week sometime...
Tuesday, September 28, 2010
Alpha 5 released
Fixed a few bugs.
Export a Group definition to XML and import.
SQL Database enumeration.
Export a Group definition to XML and import.
SQL Database enumeration.
Monday, September 27, 2010
Update
No coding done over the weekend - we have visitors staying with us.
I should be able to get a release up pretty soon though.
I've had some feedback (from alpha 4) and have also managed to get SQL Server DBs enumerating / storing / reporting.
I should be able to get a release up pretty soon though.
I've had some feedback (from alpha 4) and have also managed to get SQL Server DBs enumerating / storing / reporting.
Thursday, September 23, 2010
CodeIgniter Sessions + IE sucks
Man - what a pain in the ass.
Apparently the in built CodeIgniter session class and IE7/8/9 don't like each other.
On top of that, if you're using an internal computer name to access the site, well, that's not a valid W3C URL standard. You have to have at least two "." 's in the URL. So, trying to access the site via http://mycomputer is not strictly valid and IE will reject the cookie. Sigh.
So, I found the "session hybrid" class for CodeIgniter. Combining this with accessing the site via http://www.mypcname.com seems to work in IE. You also have to put the www.mypcname.com in your /etc/hosts file to make it work (otherwise it obviously will not resolve through normal DNS).
So, the long and the short is - I have sessions in OAv2 with IE7/8/9 working, but it requires a change to your /etc/hosts file (or your internal DNS). Or you could use the full domain name / path to your machine. In my case, that's rather long...
This does not affect submitting audit results, as that page does not use cookies.
If anyone has a better option - please advise.
BTW - IE6 & Firefox(3.6.9) work fine. Not sure about Chrome, Opera, et al... Strictly speaking Firefox should break just like IE if it followed standards. Maybe the Mozilla Devs are slack, maybe they thought they would deliberately _not_ meet the standard to make it easier for "internal to company" type sites - who knows ?
As per http://curl.haxx.se/rfc/cookie_spec.html,
Apparently the in built CodeIgniter session class and IE7/8/9 don't like each other.
On top of that, if you're using an internal computer name to access the site, well, that's not a valid W3C URL standard. You have to have at least two "." 's in the URL. So, trying to access the site via http://mycomputer is not strictly valid and IE will reject the cookie. Sigh.
So, I found the "session hybrid" class for CodeIgniter. Combining this with accessing the site via http://www.mypcname.com seems to work in IE. You also have to put the www.mypcname.com in your /etc/hosts file to make it work (otherwise it obviously will not resolve through normal DNS).
So, the long and the short is - I have sessions in OAv2 with IE7/8/9 working, but it requires a change to your /etc/hosts file (or your internal DNS). Or you could use the full domain name / path to your machine. In my case, that's rather long...
This does not affect submitting audit results, as that page does not use cookies.
If anyone has a better option - please advise.
BTW - IE6 & Firefox(3.6.9) work fine. Not sure about Chrome, Opera, et al... Strictly speaking Firefox should break just like IE if it followed standards. Maybe the Mozilla Devs are slack, maybe they thought they would deliberately _not_ meet the standard to make it easier for "internal to company" type sites - who knows ?
As per http://curl.haxx.se/rfc/cookie_spec.html,
Only hosts within the specified domain can set a cookie for a domain and domains must have at least two (2) or three (3) periods in them to prevent domains of the form: ".com", ".edu", and "va.us". Any domain that fails within one of the seven special top level domains listed below only require two periods. Any other domain requires at least three. The seven special top level domains are: "COM", "EDU", "NET", "ORG", "GOV", "MIL", and "INT".
Tuesday, September 21, 2010
Alpha 4 released
I've created a release, even though the (internal OAv2) Change stuff isn't finished.
Grab it here -
http://launchpad.net/oav2/trunk/alpha4/+download/OAv2_alpha_4.zip
Grab it here -
http://launchpad.net/oav2/trunk/alpha4/+download/OAv2_alpha_4.zip
Enumerating SQL Server DBs
Does anyone have a VBScript (that can be run from the command line) that can enumerate the databases (and their attributes) on a SQL Server - NOT using SQLDMO ?
IE - not like the one below
My problem is that a standard (non SQL installed) machine doesn't have SQLDMO installed as far as I can tell - please correct me if I am mistaken. Basically I want to use the normal audit_windows.vbs script to enumerate all databases on a server and their size (and anything else that you might find interesting). Can anyone help ?
UPDATE - I found an example script, incorporated it into the audit script and it's all good. I created a basic "Show Databases" report and it works.
IE - not like the one below
strDBServerName = "."
Set objSQLServer = CreateObject("SQLDMO.SQLServer")
objSQLServer.LoginSecure = True
objSQLServer.Connect strDBServerName
Set colDatabases = objSQLServer.Databases
For Each objDatabase In colDatabases
WScript.Echo objDatabase.Name
Next Set colDatabases =NOTHING
Set objSQLServer =NOTHING
My problem is that a standard (non SQL installed) machine doesn't have SQLDMO installed as far as I can tell - please correct me if I am mistaken. Basically I want to use the normal audit_windows.vbs script to enumerate all databases on a server and their size (and anything else that you might find interesting). Can anyone help ?
UPDATE - I found an example script, incorporated it into the audit script and it's all good. I created a basic "Show Databases" report and it works.
Posting each week
OK, so I've now set a reminder in my calendar for every Monday to post something here...
Maybe I need a PA ?!?!?!
Maybe I need a PA ?!?!?!
Too Long
Wow - it's been waaaaay too long between posts.
Here's what's been happening.
I spoke at SAGE-AU in Hobart. It went down OK.
I've been away a couple of times with a work course (3 days at a time).
We're in the middle of ripping out our kitchen. Nearly there with the new one.
The kids have been to 1001 birthday parties lately.
Real life is just too busy !!!
OK, having mounted my defense of excuses, where is the next release of OAv2 at ? I'm glad you asked.
I think all that's left to do for another release is to post the Change form to the DB. Really. That's it. I'll do my best to knock it off tonight - but the kitchen benchtops and plumbing are going in this afternoon - sigh...
I've completed migrating the "reports" into the DB. You can now define a report and it's display columns. You can export it as XML (and import it back) as well. Essentially, someone can come up with a nice report, export the XML and post it to the forums for others to use.
There has been much refactoring and code cleanup, too. Oh, and partition use graphs are in, too (along with trend lines). And exporting to CSV and XML works (along with Excel). If you want, you can always grab the code from Launchpad using Bazaar.
Here's what's been happening.
I spoke at SAGE-AU in Hobart. It went down OK.
I've been away a couple of times with a work course (3 days at a time).
We're in the middle of ripping out our kitchen. Nearly there with the new one.
The kids have been to 1001 birthday parties lately.
Real life is just too busy !!!
OK, having mounted my defense of excuses, where is the next release of OAv2 at ? I'm glad you asked.
I think all that's left to do for another release is to post the Change form to the DB. Really. That's it. I'll do my best to knock it off tonight - but the kitchen benchtops and plumbing are going in this afternoon - sigh...
I've completed migrating the "reports" into the DB. You can now define a report and it's display columns. You can export it as XML (and import it back) as well. Essentially, someone can come up with a nice report, export the XML and post it to the forums for others to use.
There has been much refactoring and code cleanup, too. Oh, and partition use graphs are in, too (along with trend lines). And exporting to CSV and XML works (along with Excel). If you want, you can always grab the code from Launchpad using Bazaar.
Monday, July 5, 2010
Linking alerts to changes
Finished the basics of linking generated alerts to changes.
What this means is that on the "list alerts" page, you can select multiple alerts and a form will appear so you can associate them to :
The "changes" table functionality in OAv2 (not complete),
An external system (via ID and/or URL),
A simple acknowledgement within the "alert" table in OAv2.
Very ITIL like. Very nice.
At the end of the day, you can audit machines, get a listing of alerts (which are changes to audited fields) and associate these with a Change System - either the basic one within OAv2 or an external one.
Next up is to start the Change System within OAv2. It's going to be simple (at least to start). Basically a recording of proposed changes - what, where, how, why, who, etc. Pretty simple from a coding perspective - CRUD mainly with a small amount of User credential checking. I don't plan on workflow style Changes (at least yet).
Once that is done, Alpha 4 will be inbound.
What this means is that on the "list alerts" page, you can select multiple alerts and a form will appear so you can associate them to :
The "changes" table functionality in OAv2 (not complete),
An external system (via ID and/or URL),
A simple acknowledgement within the "alert" table in OAv2.
Very ITIL like. Very nice.
At the end of the day, you can audit machines, get a listing of alerts (which are changes to audited fields) and associate these with a Change System - either the basic one within OAv2 or an external one.
Next up is to start the Change System within OAv2. It's going to be simple (at least to start). Basically a recording of proposed changes - what, where, how, why, who, etc. Pretty simple from a coding perspective - CRUD mainly with a small amount of User credential checking. I don't plan on workflow style Changes (at least yet).
Once that is done, Alpha 4 will be inbound.
Thursday, June 10, 2010
Alpha 3 available
Yep, you read right - it's available.
Go grab it and give it a thrashing.
All previous Bugs should have been addressed.
http://www.open-audit.org/OAv2_03.zip
Go grab it and give it a thrashing.
All previous Bugs should have been addressed.
http://www.open-audit.org/OAv2_03.zip
Import / Export in OAv2
I have the import and export routines working for Devices, Locations and Organisations. Excel only at this stage.
One interesting aspect was the need to alter the network group creation routine. Think of a network device that you know about, but don't know specific IP details. IE - you know it's IP Address, but what about it's configured subnet ? What about it's MAC Address ? A lot of people will not know the details. So now network group creation has to account for IP Addresses in the system table - not just the sys_hw_networkcard_ip table. Interesting, but all good and working.
Any report type page (ie - a list of "All Devices") now has a shiny little button (an Excel icon). Click it and you can download & open the resulting Excel spreadsheet. At the moment it's a straight data dump, so things like column headings come direct from the DB. I will have to make another option that removes certain columns and alters the column headings (IE - man_ip_address would become IP Address, system_id would disappear altogether, etc). This would make two styles of output - a dump and a report. Will address this later on.
I think that's good enough for a release. Give me a few hours (when I get home from work) and I'll post again with release details.
Any help debugging would be appreciated.
One interesting aspect was the need to alter the network group creation routine. Think of a network device that you know about, but don't know specific IP details. IE - you know it's IP Address, but what about it's configured subnet ? What about it's MAC Address ? A lot of people will not know the details. So now network group creation has to account for IP Addresses in the system table - not just the sys_hw_networkcard_ip table. Interesting, but all good and working.
Any report type page (ie - a list of "All Devices") now has a shiny little button (an Excel icon). Click it and you can download & open the resulting Excel spreadsheet. At the moment it's a straight data dump, so things like column headings come direct from the DB. I will have to make another option that removes certain columns and alters the column headings (IE - man_ip_address would become IP Address, system_id would disappear altogether, etc). This would make two styles of output - a dump and a report. Will address this later on.
I think that's good enough for a release. Give me a few hours (when I get home from work) and I'll post again with release details.
Any help debugging would be appreciated.
Monday, June 7, 2010
Nearly ready for another release
What have I been doing on OAv2 ?
Well, for one thing, creating routines so you can import your devices / locations / organisations from a spreadsheet. Most places can easily conjure up a listing of relevant data - most often in a spreadsheet. The import routines for Locations and Organisations are complete, I just need to finish off Devices (which I have working in test code).
I also have nearly finished the routine to export any Report to Excel, PDF or CSV. Thanks PHPExcel !
I've also completed the Group Edit pages so they don't break auto-created Groups.
Give me a couple of days to finish up and another release will be available.
Well, for one thing, creating routines so you can import your devices / locations / organisations from a spreadsheet. Most places can easily conjure up a listing of relevant data - most often in a spreadsheet. The import routines for Locations and Organisations are complete, I just need to finish off Devices (which I have working in test code).
I also have nearly finished the routine to export any Report to Excel, PDF or CSV. Thanks PHPExcel !
I've also completed the Group Edit pages so they don't break auto-created Groups.
Give me a couple of days to finish up and another release will be available.
Wednesday, May 5, 2010
Update
Have created a couple of new reports in OAv2.
All reports are based on a Group of systems or optionally, all systems you are authorised to view, regardless of group:
These now live alongside :
I fixed a bug in the audit script that would not retrieve share permissions when there was a space in the Share Name.
I altered the audit script to retrieve the size of remote Shared Directories.
One thing to note is the increase of script execution time when retrieving the size of remote shared directories. I've seen it take 10 minutes (on a large file server - multiple terrabytes) to complete... I run it overnight, so it isn't an issue for me, but I may make it an optional thing to enable...
All reports are based on a Group of systems or optionally, all systems you are authorised to view, regardless of group:
- System Shares
- Orphaned Users
These now live alongside :
- Partiton Useage,
- Partiton Alert (partitions below %20 free space),
- Local Admins
- Audit Dates
- System Locations
I fixed a bug in the audit script that would not retrieve share permissions when there was a space in the Share Name.
I altered the audit script to retrieve the size of remote Shared Directories.
One thing to note is the increase of script execution time when retrieving the size of remote shared directories. I've seen it take 10 minutes (on a large file server - multiple terrabytes) to complete... I run it overnight, so it isn't an issue for me, but I may make it an optional thing to enable...
Tuesday, May 4, 2010
ToDo for OAv2
I think if I can get these done, I'll call it a 0.3 release...
- Fix the Alter Groups code (as per OAv2 release notes).
- Display all the "man_" fields for a system (as per OAv2 release notes). "man_" fields are meant to be manually updated data - stuff like physical location, etc, that cannot be derived from querying a system.
- Revise the menu structure.
- Fix the installed software SQL (as per OAv2 release notes).
- Create a form to manually add a system. You can do this currently by taking an audit result XML file and replacing the details for the manual system - but it's ugly, annoying and a hack.
Presenting at SAGE-AU
I have been asked to present at the SAGE-AU conference in August on Open Source Tools. My talk will be about Configuration Management and CMDB's... I wonder if Open-AudIT will get a plug ? :-)
FYI - SAGE-AU Conference is on from the 9th - 13th of Auagst in Hobart, Tasmaina.
http://www.sage-au.org.au/conference-2010/
They're (the organisers) still finalising details around schedule, presenters, etc, etc.
FYI - SAGE-AU Conference is on from the 9th - 13th of Auagst in Hobart, Tasmaina.
http://www.sage-au.org.au/conference-2010/
They're (the organisers) still finalising details around schedule, presenters, etc, etc.
Progress
I have already addressed a couple of issues with OAv2 Alpha 0.2.
It doesn't like PHP 5.3 - the short tags are ON in the code. Have replaced them. PHP 5.3 depreciates the "ereg" function(s) - I've replaced them with "preg_match" functions.
Look for Alpha 0.3 soon.
It doesn't like PHP 5.3 - the short tags are ON in the code. Have replaced them. PHP 5.3 depreciates the "ereg" function(s) - I've replaced them with "preg_match" functions.
Look for Alpha 0.3 soon.
Alpha 0.2 released
A new public Aplha of OAv2 has been uploaded. We're getting there slowly - but damn real life keeps getting in the way !!!
You can grab the code here:
http://www.open-audit.org/OAv2_02.zip
Some release notes...
The "system display" page still looks a bit weird in Internet Explorer.
The headings are in blue (should be dark grey).
The background of the sections overflows vertically.
Best not to alter a Groups - (eg: rename a Group).
When you alter a Group, it is not catered for when importing a system and a duplicate group is created.
It thinks the Group no longer exists and creates a new one if need be (think network groups).
I need to fix this ASAP.
There have been a few database changes.
Best to create a new database and go from there.
Not all man_ type fields are displayed on the "system display" page - to do.
Under the "Queries" menu, you will only see two options now.
Choose Groups and from there click the Group Name to see the systems.
Once a Group is being viewed, "Reports" menu becomes available.
You can run a "Report" on all systems YOU can see (not just one specific Group), by replacing the Group_id in the URL (the last number) with a zero - 0.
If you can view the "All Devices" group, it's better (SQL wise) to use that option.
The "Installed Software" SQL need attention.
Running it across ~3,000 systems takes so long, I haven't seen it actually complete.
Need to revise the SQL.
The main problem is the counting of how many installs a particular piece of software is on.
Have removed that and it is OK, but we NEED that functionality.
To be addresses ASAP.
Created a couple of seperate scripts to audit your domain or a list of PCs.
They both take the PCs and run audit_windows.vbs against them.
Check the scripts for details.
NOTE - if submitting online, make sure to set the URL in audit_windows.vbs
You can grab the code here:
http://www.open-audit.org/OAv2_02.zip
Some release notes...
The "system display" page still looks a bit weird in Internet Explorer.
The headings are in blue (should be dark grey).
The background of the sections overflows vertically.
Best not to alter a Groups - (eg: rename a Group).
When you alter a Group, it is not catered for when importing a system and a duplicate group is created.
It thinks the Group no longer exists and creates a new one if need be (think network groups).
I need to fix this ASAP.
There have been a few database changes.
Best to create a new database and go from there.
Not all man_ type fields are displayed on the "system display" page - to do.
Under the "Queries" menu, you will only see two options now.
Choose Groups and from there click the Group Name to see the systems.
Once a Group is being viewed, "Reports" menu becomes available.
You can run a "Report" on all systems YOU can see (not just one specific Group), by replacing the Group_id in the URL (the last number) with a zero - 0.
If you can view the "All Devices" group, it's better (SQL wise) to use that option.
The "Installed Software" SQL need attention.
Running it across ~3,000 systems takes so long, I haven't seen it actually complete.
Need to revise the SQL.
The main problem is the counting of how many installs a particular piece of software is on.
Have removed that and it is OK, but we NEED that functionality.
To be addresses ASAP.
Created a couple of seperate scripts to audit your domain or a list of PCs.
They both take the PCs and run audit_windows.vbs against them.
Check the scripts for details.
NOTE - if submitting online, make sure to set the URL in audit_windows.vbs
Thursday, February 4, 2010
OAv2 Alpha update
I have sent the Alpha to one of our Developers (Andy Hull).
Andy has sent some feedback, which we are working on.
I'll post the download link here, when I make a public upload (when I get home tonight).
** As promised - try this - http://www.open-audit.org/OAv2.zip
Things to bear in mind.
THIS IS ALPHA SOFTWARE.
IT WILL EAT ALL YOUR DATA.
Now that I've scared you...
Check back here later for a download link (I'm such a tease :-) ).
** As promised - try this - http://www.open-audit.org/OAv2.zip
Andy has sent some feedback, which we are working on.
I'll post the download link here, when I make a public upload (when I get home tonight).
** As promised - try this - http://www.open-audit.org/OAv2.zip
Things to bear in mind.
THIS IS ALPHA SOFTWARE.
IT WILL EAT ALL YOUR DATA.
Now that I've scared you...
- I would NOT recommend this for running in Production.
- Sure, you might audit a production system, but I wouldn't rely on this as a replacement for Open-AudIT right now. Feature wise, it's still a way behind.
- There is no install routine. You will need to know how to setup MySQL databases, et al. There IS a readme in the file detailing basic steps needed to do this. Please don't ask for help. If you cannot install this, then you shouldn't be playing with it !!! One of the things high on the todo list is an installer (both for Windows and Linux).
- Linux auditing probably wont work. I have spent most of my time on the Windows side of things. Linux auditing is on the list - and indeed there is a basic script in the download. I haven't even opened it for months though, so I'm guessing it wont upload into OAv2 correctly.
- SQL Server doesn't have a database creation script. Simply because the database schema still isn't finalised.
- Manual running of the audit script and inserting it into the web form. Running the audit script against a remote system. Running the audit script and auto uploading (via Explorer).
- Dynamic Groups. I haven't built the web forms for static groups yet.
- OAv2 users and Group permissions.
- Locations and assigning systems to them.
- Editing manual values in web forms.
- Creating / Editing / Deleting Users, Groups and Locations.
Check back here later for a download link (I'm such a tease :-) ).
** As promised - try this - http://www.open-audit.org/OAv2.zip
Monday, January 25, 2010
OAv2 Alpha is inbound
Well, I have today (Mon) and Wed off from work.
Am coding my butt off to get OAv2 into an Alpha state.
Have spent a couple of hours on it this morning, and I think be Wed night (at the latest), I will look to push the code to SVN.
Looking "good enough" at this stage.
As per my last post, the status on various items are...
* - Audit script runs on PCs and submits to database. DONE.
* - Users can be created and assigned rights to groups. DONE.
* - Groups can be created/edited/deleted. DONE.
* - Devices can be viewed with all submitted audit details. DONE.
* - Devices can have their "manual" fields edited. DONE.
* - "List" type pages (based on groups) complete DONE.
It's more about cleanup and release readiness than anything else now.
Am coding my butt off to get OAv2 into an Alpha state.
Have spent a couple of hours on it this morning, and I think be Wed night (at the latest), I will look to push the code to SVN.
Looking "good enough" at this stage.
As per my last post, the status on various items are...
* - Audit script runs on PCs and submits to database. DONE.
* - Users can be created and assigned rights to groups. DONE.
* - Groups can be created/edited/deleted. DONE.
* - Devices can be viewed with all submitted audit details. DONE.
* - Devices can have their "manual" fields edited. DONE.
* - "List" type pages (based on groups) complete DONE.
It's more about cleanup and release readiness than anything else now.
Subscribe to:
Posts (Atom)
Posts
