Open Audit The Automation of Network Inventory UCCSC 2009 Noah Spahn - UCSB
Presentation Outline UCCSC 2009 Noah Spahn - UCSB
Necessity of Inventory Systems Ignorance is not a valid excuse for Network Administrators Sample Questions: Which systems are near the end of their warranty? Which Towers contain model #*** video card? Which IPs are in use and where? How many licenses are left for X software? Which systems don't have the MS security patch that was released yesterday? the problem
Problems of Inventory Systems Manual entry is Error Prone Especially in complex systems Budget restrictions Economic drought means cheaper solutions are that much more favorable the problem
Manual Entry = Errors Excel Spreadsheets Benefits - query by column - MS familiarity Disadvantages - manual entry - MS knowledge required - possible to overwrite data - file naming conventions & storage - MS advanced function can be dangerous the problem
Origin of Open-Audit Open Source http://winventory. sourceforge.net/ Mark Unwin had written a script to audit computers on a network, saw the need to extend it (to have a query-able web interface). In 2005 the project was originally released via the GPL (http: //www.gnu.org/copyleft/gpl.html ) wmi, vbscript, mysql & php background
Free Software License Open-AudIT is licensed under the terms of the GNU General Public License Version 2 as published by the Free Software Foundation. This gives you legal permission to copy, distribute and/or modify OpenAudIT under certain conditions. Read the 'LICENSE' file in the Open-AudIT distribution or read the online version of the license for more details. Open-AudIT is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE WARRANTY OF DESIGN, MERCHANTABILITY, AND FITNESS FOR A PARTICULAR PURPOSE. background
No Warranty??? Consider the notion put forth by Carla Schroder (editor of Linux Today), that it is our duty to support Open Source Software ('editors note: you get what you pay for '). By using the software and contributing to it's development (via forums or writing code), we add to it's value and usability. background
Open-Audit is FREE FreeAsInBeer and FreeAsInSpeech Under the creative commons license: http: //creativecommons.org/licenses/by-sa/2.5/ There is a good size user group and active forum benefits
What do you get for free? benefits
Open-Audit = Automation Overview Open Audit audits the hardware and software it discovers on your computers, and posts its findings to a MySQL database. From there the data is presented in a clean and readable form via a set of PHP web pages. A.Hull (Moderator, Open-Audit forums ) the solution
Automation = No typing errors! the solution
Free: Automated data collecting Hardware Software Operating System Settings Security Settings Users and Groups Disk Usage Graphs Audit History benefits
Free: Data Reports Operating System Type IE Versions Firefox Versions Memory Sizes Processor Types and Speeds Hard Disk sizes Software Keys Detected Network Servers Newly Detected Software Low Disk Space Systems not audited for xxx days Export to Inkscape, Dia, PDF benefits
What's the catch? benefits
Not Free: Cost of ownership Requirements: Web server PHP MySQL Secured installation Beneficial components: Apache (recommended) Windows Domain Domain Admin account Secured LAN the catch
Not Free: Knowledge and Skills Q: We are a windows shop A: XAMPP is an easy to install Apache distribution containing MySQL, PHP and Perl. Q: No knowledge of PHP/MySQL A: No configuration, easy to install Open Audit. Must possess basic sysadmin troubleshooting and problem solving skills. After all, it is a tool, not an employee. the catch
How Open-Audit works mechanics
How Open-Audit works Roles of Components: Application resides on Web Sever Domain Admin account to remote audit machines If there is no Domain admin account: Local machine can have a scheduled job to regularly audit and send results to the server mechanics
Server installation: Mac (osx 10.4) Up and running in minutes (overview): Turn on web sharing Install MySQL (DMG available from project site) Install PHP (Entropy PHP 5.2.9-7.pkg is an easy solution) Optional SQL GUI Create a database and user Subversion installation (Follow instructions from WikiHow ) Check Out Open-Audit from repository Follow web based installation guide http://server-address/open-audit/ mechanics
Server installation: Linux (Centos) Up and running in minutes (overview): yum install httpd subversion mysql php php-mysql php-common create database and user svn co https://open-audit.svn.../trunk /var/www/open-audit/ /etc/init.d/httpd start /etc/init.d/mysqld start Follow web install instructions mechanics
Server installation: windows Up and running in minutes (overview): Download and install XAMPP & tortoisesvn Create database and user Grab a copy of Open-Audit from svn repository Follow web based installation guide http://server-address/open-audit/ mechanics
Client installation ** note: No client installation is needed if all computers are on a domain and you have domain admin account Overview: Scheduled task to run.cmd file on network share network share has the audit.config file which points to the server Windows audit with vbs script Unix audit with shell script mechanics
Open-Audit : quick tour tour