Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Note: This Feature is only available In: Open-AudIT Enterprise

For auditing and management purposes it can be advantageous to baseline individual devices against a fixed, know good device. Baselines enable you to combine audit data with a set of attributes you have previously defined (your baseline) to determine compliance of devices.

For example - you might create a baseline from a device running Centos CentOS 6 which acts as one of your Apache servers in a cluster. You know this particular server is configured just the way you want it but you're unsure if other servers in the cluster are configured exactly the same. Baselines enables you to determine this.

You can create a Baseline, run it against a group of devices and view the results, add scheduled execution, add more tables for comparison (currently only software, netstat ports and users are enabled), in place baseline editing, archiving of results and more.

Step 1 - Choose a relevant device to run a baseline against

Step 2 - Create your Baseline definition - Baselines#CreatingaBaselineDefinition

Step 3 - Execute Baseline - Baselines#ExecutingaBaselineDefinition

Step 4 - Schedule Baseline - How to Schedule Tasks in Open-AudIT

...

  1. Identify the device(s) that are your exemplar, or gold image you want to compare similar devices against.
    1. First focus on what the end need is, are you trying to baseline software, users or Netstat data? What is the important thing(s) to compare and report on?
    2. Next do you have a perfect example of this configuration? Perhaps a device located in a lab environment, or a workstation you use to clone workstation VMs from.
  2. Create a Baseline for the exemplar device
    1. Select Manage / Baselines / List Baselines from the Open-AudIT Enterprise menu
    2. To create a new entry click the Create button in the top-right hand corner
    3.  Detailed instructions on creating Baselines can be found HERE: Baselines
  3. Determine how often you want to run the Baseline check against the database and create a Scheduled Report
    1. Select Report / Scheduled Reports from the Open-AudIT Enterprise menu
    2. To create a new entry click the Create button in the top-right hand corner
    3. Note - Under Type make sure to select Baseline, and under Group you should select a Group of devices, if applicable to this baseline, that best represent the devices to apply the baseline against. This will prevent erroneous entries.
    4. More information on Scheduling Tasks can be found HERE: How to Schedule Tasks in Open-AudIT

 Note - There are currently no Baseline reports that can be emailed. After a Baseline check is run the user must refer back to the Open-AudIT GUI to see how many devices were audited and the results. These results, however, can be exported.

Image Added