UNFINISHED PRE-RELEASE ONLY
...
Important Caveats
We now only support Redhat 8/9, Debian 11/12, and Ubuntu 20.04/22.04. Upgraders please read all the documentation below.
For version 5.0.0, we do not have OKTA authentication in place. This will be coming ASAP.
The New Stuff
Version 5 of Open-AudIT. Wow, what a ride. Underneath the skin, it is huge. We have upgraded the underlying framework and brought the code itself up to current best practices. As a result, we now install on current Redhat, Debian, and Ubuntu and we need a minimum of PHP 7.4. Hence, the following are the officially supported distributions: Redhat 8/9, Debian 11/12, and Ubuntu 20.04/22.04. We also deprecated the omkd daemon and associated Perl framework. So now there is a single interface and a single website. Obviously, this makes for less code. Which means fewer errors. And less work. All in all, I'm very happy with the result. 
But that's all underneath - you don't care about that! You just want the new features. Well, to be honest, there aren't a lot. We have upgraded the front end to use Bootstrap 5. Community users will notice that the most. We have also moved on from the Tango icons set. Now in use is the Newaita Reborn set. Tango has been awesome, but after almost 20 years, it's time for a change! 
If you download the package from FirstWave, you'll get the Enterprise functionality which includes the javascript library for charting. If you download, build, and install from Github you won't get the Enterprise functionality, nor the javascript charting library. Those pieces are not open source. Them's the breaks - a guy's gotta eat! 
OK, the nitty gritty. 
The largest change - the 'system' table that holds all your device data (IP, name, manufacturer, model, et al) is now called the 'devices' table. Much more intuitive and something I've been meaning to do for years. For those upgrading - your queries, summaries, and widgets (et al) will be upgraded as best we can. I would suggest checking any self-created items to ensure they work as intended. Also for upgraders, we have implemented a 'view' in the database named 'system' which should function as the system table did before and enable a (relatively) painless transition. That view will not exist for new installs. 
We have removed a few items that were surplus to needs and to be frank, creating unnecessary complexity. Buildings, Floors, Rooms, and Rows are all gone. Those attributes were used only by the Racks collection and the attributes are now stored directly in the Racks table. When you create a new rack you can select an existing building, floor, room, and row or create a new one. Your existing data will populate the racks table as you would expect. 
All web requests now go to /open-audit/index.php/$collection. Previously we had that URL for Community and /omk/open-audit/$collection for Enterprise. The latter has now been removed. You will need to update any of your own links. 
The format of the JSON response for included has changed. Previously it was a single array of objects, each of which could be any type. Now we have included being an object, with each attribute being an array. Each included attribute is the $collection. So now we have included->orgs[{},{}]. This saves time enumerating the entire included array when you need a specific type of item. They're now all neatly grouped together. An example is at the bottom of this page.
We have removed the /devices?sub_resource=$component URL and replaced it with /components?components.type=$component. If you're calling this URL, you should supply a type, i.e. - /components?components.type=bios. The components collection covers the following database tables: bios, certificate, disk, dns, file, ip, log, memory, module, monitor, motherboard, netstat, network, nmap, optical, pagefile, partition, policy, print_queue, processor, radio, route, san, scsi, server, server_item, service, share, software, software_key, sound, task, usb, user, user_group, variable, video, vm, windows. 
A couple of examples:
- To retrieve all Bios entries in the database - /open-audit/index.php/components?components.type=bios
- To retrieve all Software from a given machine (ID 2) - /open-audit/index.php/components?components.type=software&devices.id=2
The DiscoveriesCollection template has been improved to make it render much faster. Previously if you had many discovery logs, generating the list of Discovery Issues could take a long time and even timeout on occasion. We have revised the logging so we can much more easily select any Discovery Issues and in addition have limited the number selected to 100.
Any existing licenses for Professional, Enterprise, and Collectors are automatically imported. 
The data for Baselines Results is now stored in the database, just like a regular collection.
The GUI has nice new shiny buttons. There is now an option (per user) to display the buttons with an icon and text, just an icon or just text. The icons are colored consistently. Blue for read-only, Green for read/write of data, and Red for removing data. Oh, and there are a couple of yellow/orange icons for warnings. This makes sense to me. 
There is no more worrying about SSL/HTTPS. As it is now just a regular site on Apache and not essentially two separate sites that needed to talk to each other, so HTTPS "just works".
We now use the PHP Composer dependency package. If you download from Github you will need to use this and install the dependencies yourself. If you download from FirstWave, we have taken care of that for you. 
If you download from Github you will need to install the OS-level dependencies manually. If you download from FirstWave, the installer script will take care of this for you.
All templates are escaped and protected with nonce's for javascript and use Content Security Policy headers. 
All templates validate against https://websiteaccessibilitychecker.com to WCAG 2.0 (Level AA). 
All templates were validated against https://validator.w3.org with no errors and minimal warnings. 
Logging is now on the filesystem, rather than in the database. All-access is logged by default. You can find daily logs at /open-audit/writeable/logs/. You may need to manually remove these 'eventually'. The logs rotate daily, but we do not delete these. They are potentially a source of security/access information. It is left to you the user to remove these when you want to. The default amount of logging is minimal though, so you should be able to leave a lot of these in place.
Session data is no longer stored in the database. You can find it on the filesystem at /open-audit/writeable/session/
We are incredibly proud of what we have achieved with this release, even if outwardly not a lot is visible. 
Going forward this will enable us to improve the code and add new features at a much faster pace - and we have some ideas for killer features. Stay tuned for those. 
Screenshots
Click to enlarge.
Summaries Collection screenshot (click to enlarge). | Devices Collection screenshot (click to enlarge). | Networks Collection screenshot (click to enlarge).
|
Discoveries Collection screenshot (click to enlarge).
| Dashboard (for Professional and Enterprise licenses).
| Device Details (click to enlarge). |
Upgrading From an Unsupported Distribution
...
As a bonus, you now know how to backup and restore your Open-AudIT server going forward. Take a backup of the database and copy the mentioned directories somewhere safe. If the worst case happens, you can spin up a new server and restore the database and directories - easy
Example included response
...