Table of Contents |
---|
Introduction
Open-AudIT introduces the feature of Collector / Server with Enterprise provides a Collector Server or distributed solution (since the 2.0.6 release).
To understand the benefits and some background refer to the product information here:
https://opmantek.com/network-discovery-inventory-software/collector/
Benefits
Collector / Server is designed so that you can have a remote or 'collector' instance of Open-AudIT running on a remote machine. That collector instance might be in another security zone, subnet and discovering devices that is , cloud hosting instance or at a customer site. The remote collector is then doing all the discovering and auditing of devices locally avoiding networking and firewalling complexity. The Collector once it has registered is completely controlled by the 'server'. This means you only need an HTTP or HTTPS connection from that Collector to the Server.
Collector / Server is an Enterprise only feature. Enterprise customers receive one Collector license for free. Additional Collector license licenses can be purchased as required.
Details
The collector is essentially a full install of Open-AudIT in ‘collector’ mode. This mode would reduce visible functionality in an effort to simplify and focus the application. It is designed to collect information about reachable networks and devices. The collector is designed to run discovery upon the network it is situated in. It is not restricted to only that network, but ideally it would essentially be “one collector per subnet” where required. The collector is driven on a schedule by the server and runs discovery upon the network as specified. It can run all functions that a full Open-AudIT installation can run, although most are removed from the GUI as they're not required.
Once installed and setup, control of the collector Collector is performed on the serverServer.
The only required network ports between the collector and server are 80 or 443 (TCP connection established from the Collector to the Server). The Open-AudIT database is not shared between these installs.
By default the collector will request from the server any discovery tasks every 15 minutes.
Any discovery tasks for the collector should be scheduled for 0, 15, 30 or 45 minutes.
Enabling
In the example below our server will be running on 192.168.88.45 and our collector will be running on 192.168.88.47.
Server
Install Open-AudIT Enterprise on your designated Server.
Log in to Open-AudIT on the server.
Add a license for Open-AudIT Enterprise. (The Enterprise Server License has one built in Collector License.)
Add an additional license for Open-AudIT Collector (if you have one).
Note - Enterprise users receive one Collector license for free as part of their Enterprise License.
Make a user account in Open-AudIT for your collector. (menu -> Manage -> Users -> Create User). Ensure the type is 'collector'. Ensure you click the Default Organisation. Ensure the role is 'collector'. These details will be required below.
Users Create
Collector
Install Open-AudIT on your designated Collector.
Info |
---|
The collector license is built into the server license. As such a collector instance does not require a license to be installed. |
Log in to Open-AudIT Enterprise on the collector.
In the menu click Collector -> Make this install a Collector.
Provide a name for this collector.
Provide the address of the Server (http://192.168.88.45) in the host field.
Provide the username and password that were used above when creating the collector user.
Provide the network address of the Collector (http://192.168.88.47/open-audit/). This is used to populate discoveries on the server. This is the usual network address used in discovery and should be where the target device submit their audits to (the Collector).
Click Submit.
You should now have configured your collector to ask the server for any Discovery tasks, every 15 minutes.
After Login.
Collector Create
Collector Dashboard
Checking the registration of the collector has succeeded
You should now be able to see on the server, the collector you have just registered. Go to menu -> Admin -> Collectors -> List Collectors.
You should now be able to see on the collector, the task that will run every 15 minutes that will ask the server for any discoveries to execute. Go to menu -> Admin -> Tasks -> List Tasks.
Collectors
Tasks
5 minutes (you can configure this on the server for new Collectors using the configuration item collector_check_minutes) therefor any discovery tasks for the collector should be scheduled for 0, 5, 10, 15, etc minutes.
Enabling Collectors
Please refer to the dedicated Collector server creation page
Example of Creating a discovery for the collector
On the server.
Add credentials as required.
This is no different than credentials for discoveries run from the Server.
On the server.
Create a Discovery. NOTE - Choose the network address of the collector server.
On the server.
Create a task. NOTE - use the Collector you just createdTask/Discovery Schedule (menu → Discover → Discoveries → Schedule Discoveries) or (menu → Admin → Tasks - Create Tasks ) . Choose the "Discovery" you just created. Set , set "Type" to Discovery and "Collector" to the Collector you wish to run it on. Set your minute for 0 and/or 15 and/or 30 and/or 45. Choose the required hour(s), day(s), etc.
Credentials Create
Discoveries Create
Tasks Create
Once you have a working Collector and you have configured credentials, discoveries and tasks Discoveries and Tasks which use that Collector, the next time the collector Collector checks-in with the server, if a discovery is due to run for that Collector, it should run. The collector Collector should forward the details of any discovered devices to the server.
More Information
Collectors and Orgs.
Credentials and Orgs.
Server.