Go here and vote for your preferred feature.
If you don't see your feature, let me know!
http://www.open-audit.org/phpBB3/viewtopic.php?f=20&t=5796
Sunday, November 20, 2011
Monday, September 26, 2011
OAv2 beta3 released
Go grab it.
To upgrade your database (for an existing beta1 or beta2 install), copy the OAv2 files over the old ones, then fire up OAv2 and go to Help -> about (as an Admin).
Then click the red upgrade text. Done.
Make sure you use the new audit script, too.
FWIW - I would backup your database before doing this and also copy your original OAv2 files somewhere else. That way, if the worst happens, you can always revert back...
Please submit some statistics (Help -> Statistics) so I have some idea of how many people are using OAv2 (and how many systems they are auditing with it). This submission cannot be linked back to your organisation.
Also - I am off camping with the family from tomorrow night (Tue, Brisbane time). I will have limited internet access and no access to debug issue's. I will check the forums, but fixes won't be forthcoming until next week. Apologies if this causes an inconvenience.
Thursday, July 14, 2011
Help wanted (vbscript)
I am hacking some VBScript to attempt to determine the user that installed a program.
If I can get it going, I can add this to OAv2.
The script is below.
I get an unhelpful error and haven't managed to get it going.
If anyone can help, it would be most appreciated.
You can save it as blah.vbs and run it with "cscript blah.vbs".
It should dump any software it finds an entry for in the App Log - title, who installed it and when.
It should only dump the first entry it finds. IE - if you have installed, removed and installed a given piece of software, it may well have multiple entries in the Application Event Log.
Again, any help much appreciated.
strComputer = "."
const HKEY_LOCAL_MACHINE = &H80000002
set oReg = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & strComputer & "\root\default:StdRegProv")
set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set colItems = objWMIService.ExecQuery("SELECT Message, User, TimeGenerated FROM Win32_NTLogEvent where logfile = 'Application' and eventcode = '11707'",,48)
strKeyPath = "SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall"
oReg.EnumKey HKEY_LOCAL_MACHINE,strKeyPath,arrSubKeys
for each subkey In arrSubKeys
newpath = strKeyPath & "\" & subkey
newkey = "DisplayName"
oReg.GetStringValue HKEY_LOCAL_MACHINE, newpath, newkey, strValue
if strValue <> "" then
package_name = strValue
for each objItem in colItems
mess1 = split(objItem.Message, "--")
mess2 = split(mess1(0), " ", vbTextCompare)
mess3 = split(mess2(0), "Product:")
message_retrieved = trim(mess3(1))
if (not isNull(message_retrieved)) then
if (InStr(message_retrieved, package_name) = 1) then
package_installed_by = objItem.User
package_installed_on = WMIDateStringToDate(objItem.TimeGenerated)
wscript.echo package_name & " Installed By: " & package_installed_by & " On: " & package_installed_on
exit for
else
package_installed_by = ""
package_installed_on = ""
end if
end if
next
end if
next
function WMIDateStringToDate(dtmDate)
WMIDateStringToDate = CDate(Mid(dtmDate, 5, 2) & "/" & _
Mid(dtmDate, 7, 2) & "/" & Left(dtmDate, 4) _
& " " & Mid (dtmDate, 9, 2) & ":" & Mid(dtmDate, 11, 2) & ":" & Mid(dtmDate,13, 2))
end function
If I can get it going, I can add this to OAv2.
The script is below.
I get an unhelpful error and haven't managed to get it going.
If anyone can help, it would be most appreciated.
You can save it as blah.vbs and run it with "cscript blah.vbs".
It should dump any software it finds an entry for in the App Log - title, who installed it and when.
It should only dump the first entry it finds. IE - if you have installed, removed and installed a given piece of software, it may well have multiple entries in the Application Event Log.
Again, any help much appreciated.
strComputer = "."
const HKEY_LOCAL_MACHINE = &H80000002
set oReg = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & strComputer & "\root\default:StdRegProv")
set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set colItems = objWMIService.ExecQuery("SELECT Message, User, TimeGenerated FROM Win32_NTLogEvent where logfile = 'Application' and eventcode = '11707'",,48)
strKeyPath = "SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall"
oReg.EnumKey HKEY_LOCAL_MACHINE,strKeyPath,arrSubKeys
for each subkey In arrSubKeys
newpath = strKeyPath & "\" & subkey
newkey = "DisplayName"
oReg.GetStringValue HKEY_LOCAL_MACHINE, newpath, newkey, strValue
if strValue <> "" then
package_name = strValue
for each objItem in colItems
mess1 = split(objItem.Message, "--")
mess2 = split(mess1(0), " ", vbTextCompare)
mess3 = split(mess2(0), "Product:")
message_retrieved = trim(mess3(1))
if (not isNull(message_retrieved)) then
if (InStr(message_retrieved, package_name) = 1) then
package_installed_by = objItem.User
package_installed_on = WMIDateStringToDate(objItem.TimeGenerated)
wscript.echo package_name & " Installed By: " & package_installed_by & " On: " & package_installed_on
exit for
else
package_installed_by = ""
package_installed_on = ""
end if
end if
next
end if
next
function WMIDateStringToDate(dtmDate)
WMIDateStringToDate = CDate(Mid(dtmDate, 5, 2) & "/" & _
Mid(dtmDate, 7, 2) & "/" & Left(dtmDate, 4) _
& " " & Mid (dtmDate, 9, 2) & ":" & Mid(dtmDate, 11, 2) & ":" & Mid(dtmDate,13, 2))
end function
Tuesday, June 7, 2011
OAv2 beta 1.1 released
Based on some feedback (ie, bugs), I've released beta 1.1.
Make sure you grab 1.1 and not beta 1 from https://launchpad.net/oav2/trunk/beta1.
42 downloads in 24 hours - and feedback/testing submitted.
Thanks to all who take the time to help.
Make sure you visit the forms at
http://www.open-audit.org/phpBB3/viewforum.php?f=20
Make sure you grab 1.1 and not beta 1 from https://launchpad.net/oav2/trunk/beta1.
42 downloads in 24 hours - and feedback/testing submitted.
Thanks to all who take the time to help.
Make sure you visit the forms at
http://www.open-audit.org/phpBB3/viewforum.php?f=20
Monday, June 6, 2011
Beta 1 of OAv2 released
Done, out, pushed, released... finally.
This is a bit of a warthog release - I haven't done anywhere near as much testing as I would have liked. Please report the bugs to the Open-AudIT.org forums.
Seeing as I have now classed this as "beta", I will (from now on) attempt to provide database schema upgrades as scripts. Eventually, I'd like to get an update system similar to Wordpress. Very easy for the user to do. Eventually.
What's new - well it's now available as an XAMPPLITE package. For the Windows users, download it, extract it to C:\ start the xampp-control.exe, start Apache and MySQL and you're done. You should be able to browse to the root of your machine in a browser and get the logon page.
There's also a "code only" release. for IIS, Linux, etc, etc users who just want the application.
Groups and Reports are now stored in OAv2/code_igniter/system/application/controllers/groups (and /reports) directories. Drop the XML definition in the directory and you can "activate" the group or report in the web interface. The other options (import, export, etc) still exist.
I've improved the audit script. SQL won't hang (on SQL Express, etc) auditing now. You can also supply credentials to the audit script for auditing system's not on your domain.
cscript audit_windows.vbs COMPUTERNAME strUser=USERNAME strPassword=PASSWORD
Nice and easy. You can also use the credentials in the "audit list" script. Just add them after the computer name (as above) and when it calls the "audit windows" script, all arguments are passed through.
I've cleaned up the theme-tango/tango-files directory. It's quite clean as far as the .css and .js files are concerned. JQuery has also been updated to the latest version.
Some big feature's since last time -
Creating an Organisation now creates a corresponding Group.
If you have "edit" rights, and Report that includes a System ID will show an extra column. You can select multiple systems and edit their details together. Like when you acknowledge an Alert - only now for all the manually settable item's on a System, itself. One example use would be viewing the Systems in an automatically created network (subnet) group. You could set ALL the owner fields to a particular entity. Very quick and easy, versus editing each system by individually.
I also mean to create an individual audit script when you create an Organisation. All it would do is also set the Org_ID tag in the script - therefore automatically assigning any system audited by that particular script to an Organisation and it's corresponding Group. That's very much on the list...
There are a few other improvements... download it and try them out !
https://launchpad.net/oav2/trunk/beta1
This is a bit of a warthog release - I haven't done anywhere near as much testing as I would have liked. Please report the bugs to the Open-AudIT.org forums.
Seeing as I have now classed this as "beta", I will (from now on) attempt to provide database schema upgrades as scripts. Eventually, I'd like to get an update system similar to Wordpress. Very easy for the user to do. Eventually.
What's new - well it's now available as an XAMPPLITE package. For the Windows users, download it, extract it to C:\ start the xampp-control.exe, start Apache and MySQL and you're done. You should be able to browse to the root of your machine in a browser and get the logon page.
There's also a "code only" release. for IIS, Linux, etc, etc users who just want the application.
Groups and Reports are now stored in OAv2/code_igniter/system/application/controllers/groups (and /reports) directories. Drop the XML definition in the directory and you can "activate" the group or report in the web interface. The other options (import, export, etc) still exist.
I've improved the audit script. SQL won't hang (on SQL Express, etc) auditing now. You can also supply credentials to the audit script for auditing system's not on your domain.
cscript audit_windows.vbs COMPUTERNAME strUser=USERNAME strPassword=PASSWORD
Nice and easy. You can also use the credentials in the "audit list" script. Just add them after the computer name (as above) and when it calls the "audit windows" script, all arguments are passed through.
I've cleaned up the theme-tango/tango-files directory. It's quite clean as far as the .css and .js files are concerned. JQuery has also been updated to the latest version.
Some big feature's since last time -
Creating an Organisation now creates a corresponding Group.
If you have "edit" rights, and Report that includes a System ID will show an extra column. You can select multiple systems and edit their details together. Like when you acknowledge an Alert - only now for all the manually settable item's on a System, itself. One example use would be viewing the Systems in an automatically created network (subnet) group. You could set ALL the owner fields to a particular entity. Very quick and easy, versus editing each system by individually.
I also mean to create an individual audit script when you create an Organisation. All it would do is also set the Org_ID tag in the script - therefore automatically assigning any system audited by that particular script to an Organisation and it's corresponding Group. That's very much on the list...
There are a few other improvements... download it and try them out !
https://launchpad.net/oav2/trunk/beta1
Thursday, June 2, 2011
Currently...
Am auditing a domain with 20k systems (not all active) with OAv2.
Not all are powered up at the same time, but it still take's a few hours for one system to audit all the others... I really need multiple audit hosts... Still, it work's fine - it's just a bit slow.
The actual DB / Web host that contains the application is a virtual machine that's constrained to 1GHz of processor and 1GB memory. Most reports run fine - with the exception of the "All Installed Software" report - it simply times out. I suppose that's to be expected. There are currently 5,500 systems in the DB...
I'm pretty happy with the performance - and I am yet to optimise the SQL !!!
Look for Beta 1 of OAv2 very, VERY soon.
Not all are powered up at the same time, but it still take's a few hours for one system to audit all the others... I really need multiple audit hosts... Still, it work's fine - it's just a bit slow.
The actual DB / Web host that contains the application is a virtual machine that's constrained to 1GHz of processor and 1GB memory. Most reports run fine - with the exception of the "All Installed Software" report - it simply times out. I suppose that's to be expected. There are currently 5,500 systems in the DB...
I'm pretty happy with the performance - and I am yet to optimise the SQL !!!
Look for Beta 1 of OAv2 very, VERY soon.
Friday, March 11, 2011
Project Websites
a - I am fed up.
b - Why ?
a - Damn spammers using phpBB is ticking me off. Seriously.
b - Well, what can we do about this, using phpBB ?
a - Not a whole lot, I've tried. And bulletin boards suck at this.
b - OK then - come up with a better thing, smarty pants.
a - Fine - let me try...
First, a project (in this case, my time sink that is Open-AudIT - but this could apply to most other software projects) needs a website for people to discuss the software in question.
Not a mailing list (apologies to those that love them - I don't think they're a good fit for this). Not even a bulletin board (phpBB, et al). A way to communicate that is relevant to the discussion being held. So - different types for different conversations.
What type's of conversations does a project (usually / regularly) have ?
Users submitting Bug Reports.
Users submitting Feature Requests.
Users wanting help.
Documentation provided by Dev's and commented on by users.
Recipes contributed by Users & Dev's for "doing stuff" with your software - FAQ, How do I, etc.
Other (general) conversations about the software.
OK, so they're stuff to "talk about", but what else does a project website need ?
Brochure type pages.
A demo of the software to play about in.
Statistics of "commits" and ChangeLog reports.
A developer blog.
Somewhere to download the code from.
An easy to use sign-in / sign-up system that stops a lot of spammers.
OK - so now go and try to find ONE easily installable package to deliver ALL that. It doesn't exist. Sure, the various parts exist separately.
Users submitting Bug Reports. Bugzilla.
Users submitting Feature Requests. UserVoice.
Users wanting help. StackOverflow.
Documentation provided by Dev's and commented on by users. PHP Docs.
Recipes contributed by Users & Dev's for "doing stuff" with your software - FAQ, How do I, etc. A website.
General Discussion's. phpBB.
Brochure type pages. A website.
A demo to play about in.
Statistics of "commits" and ChangeLog reports. SF.net reporting.
A developer blog. Wordpress.
Somewhere to download the code from. SF.net code hosting.
An easy to use sign-in / sign-up system that stops a lot of spammers. OpenID.
But I want ONE thing to do this. I want my users to come to ONE place. Not to have to sign in to several individual systems. To have a CONSISTENT experience. To be EASY to use and find stuff.
Nothing exists. Well, not that I have found and that is free. Damn.
I guess it's put up or shut-up time.
I don't want to build something from scratch. I don't have the time (just ask those waiting for the next OAv2 release !). So, what is out there that is written in PHP (I know PHP), runs on Linux (I use Linux on my home desktop and my hosting runs on Linux), is extensible, is well written, has a good community, has good Docs (and books about it even) and can do the above stuff (obviously with modification) ?
My answer is WordPress. Yes, it may not be everyone's answer - but I really don't care. It's what suits ME. I am writing this for ME. If other's wish to use it great - it will be Open Source licensed.
So I am currently reading some WordPress books and it looks to be able to accomplish most of the above. The one's I do not plan to tackle are the code hosting/version control stuff - although a plugin to report on SF.net, GitHub, BitBucker, Google code, LaunchPad, et al would be nice. Obviously an example install of any given project won't be done in/by WordPress. I think everything else though, is achievable.
So - that's my goal.
A theme & plugin and recipe for including others plugins to make this happen.
If you would like to get on board or have some constructive feedback, please let me know (or reply to this blog post). If there's other things a project website would find useful that I have missed, please do let me know.
I have two goals.
First and foremost - to get this working for MY project website.
Second - to package it as a theme & plugin and provide a recipe for others to easily use.
I don't think this is rocket science. I want an easy to use and simple user experience. I realise there will be edge cases and most of them will simply not be catered for. I don't plan for this to be an "all things to all people" type approach. I want it SIMPLE.
So, there you have it. Damn I hate making work for myself :-)
b - Why ?
a - Damn spammers using phpBB is ticking me off. Seriously.
b - Well, what can we do about this, using phpBB ?
a - Not a whole lot, I've tried. And bulletin boards suck at this.
b - OK then - come up with a better thing, smarty pants.
a - Fine - let me try...
First, a project (in this case, my time sink that is Open-AudIT - but this could apply to most other software projects) needs a website for people to discuss the software in question.
Not a mailing list (apologies to those that love them - I don't think they're a good fit for this). Not even a bulletin board (phpBB, et al). A way to communicate that is relevant to the discussion being held. So - different types for different conversations.
What type's of conversations does a project (usually / regularly) have ?
Users submitting Bug Reports.
Users submitting Feature Requests.
Users wanting help.
Documentation provided by Dev's and commented on by users.
Recipes contributed by Users & Dev's for "doing stuff" with your software - FAQ, How do I, etc.
Other (general) conversations about the software.
OK, so they're stuff to "talk about", but what else does a project website need ?
Brochure type pages.
A demo of the software to play about in.
Statistics of "commits" and ChangeLog reports.
A developer blog.
Somewhere to download the code from.
An easy to use sign-in / sign-up system that stops a lot of spammers.
OK - so now go and try to find ONE easily installable package to deliver ALL that. It doesn't exist. Sure, the various parts exist separately.
Users submitting Bug Reports. Bugzilla.
Users submitting Feature Requests. UserVoice.
Users wanting help. StackOverflow.
Documentation provided by Dev's and commented on by users. PHP Docs.
Recipes contributed by Users & Dev's for "doing stuff" with your software - FAQ, How do I, etc. A website.
General Discussion's. phpBB.
Brochure type pages. A website.
A demo to play about in.
Statistics of "commits" and ChangeLog reports. SF.net reporting.
A developer blog. Wordpress.
Somewhere to download the code from. SF.net code hosting.
An easy to use sign-in / sign-up system that stops a lot of spammers. OpenID.
But I want ONE thing to do this. I want my users to come to ONE place. Not to have to sign in to several individual systems. To have a CONSISTENT experience. To be EASY to use and find stuff.
Nothing exists. Well, not that I have found and that is free. Damn.
I guess it's put up or shut-up time.
I don't want to build something from scratch. I don't have the time (just ask those waiting for the next OAv2 release !). So, what is out there that is written in PHP (I know PHP), runs on Linux (I use Linux on my home desktop and my hosting runs on Linux), is extensible, is well written, has a good community, has good Docs (and books about it even) and can do the above stuff (obviously with modification) ?
My answer is WordPress. Yes, it may not be everyone's answer - but I really don't care. It's what suits ME. I am writing this for ME. If other's wish to use it great - it will be Open Source licensed.
So I am currently reading some WordPress books and it looks to be able to accomplish most of the above. The one's I do not plan to tackle are the code hosting/version control stuff - although a plugin to report on SF.net, GitHub, BitBucker, Google code, LaunchPad, et al would be nice. Obviously an example install of any given project won't be done in/by WordPress. I think everything else though, is achievable.
So - that's my goal.
A theme & plugin and recipe for including others plugins to make this happen.
If you would like to get on board or have some constructive feedback, please let me know (or reply to this blog post). If there's other things a project website would find useful that I have missed, please do let me know.
I have two goals.
First and foremost - to get this working for MY project website.
Second - to package it as a theme & plugin and provide a recipe for others to easily use.
I don't think this is rocket science. I want an easy to use and simple user experience. I realise there will be edge cases and most of them will simply not be catered for. I don't plan for this to be an "all things to all people" type approach. I want it SIMPLE.
So, there you have it. Damn I hate making work for myself :-)
Monday, January 17, 2011
Alpha 7 is out
Printers and Monitors now audited.
Many bugs squashed.
Get it now !
http://launchpad.net/oav2/trunk/alpha7/+download/OAv2.zip
Many bugs squashed.
Get it now !
http://launchpad.net/oav2/trunk/alpha7/+download/OAv2.zip
Subscribe to:
Posts (Atom)
Posts
