...
Discovery will scan network subnets addresses and audit computers (Windows and Linux computers, Linux, OSX, AIX, HP-UX, Solaris and ESXi), as well as SNMP scan network devices. Discovery runs entirely from the web interface regardless of the Open-AudIT server running on Linux or Windows.
...
We are often asked this question and the answer most definitely is "it depends". It depends on the number of IPs to be scanned, the network connection speed, the speed of the devices being scanned, the type of devices being scanned, the number of different credentials being tested and the speed of the Open-AudIT server. We do not have a calculator that would allow us to input those variables and return a value. It is simply too complex. Generally I limit my discoveries to 256 IP addresses - ie, a /24 subnet. We have had customers scan /16 subnets (65k addresses) and it does work - but it takes a long time. You are much better off scanning in /24 blocks. If you simply do not know what your address ranges are, then this is a good case for a Seed discovery.
Notes
When auditing a Linux device via SSH, some Linux distributions do not allow sudo commands to be passed without a TTY (which we are doing). To completely audit one of these linux distributions it is best to supply the root user credentials. If no root is supplied and sudo without a TTY is not possible, the audit script will be run but will not contain the amount of data as would otherwise. Subsequent audits using root (or run locally using sudo) will therefore provide extra details about the system and generate several "changes".
You will need the ports for WMI on the Windows firewall opened on each target Windows computer. For Windows Core servers, ensure you allow the firewall connections as per - http://blogs.technet.com/b/brad_rutkowski/archive/2007/10/22/unable-to-remotely-manage-a-server-core-machine-mmc-wmi-device-manager.aspx
For further details information, see:
- Target Client Configuration
- Running Open-AudIT Apache Service under Windows
- Items affecting Discovery times
- Import / Export devices in various formats
- How to use Open-AudIT Discovery on a Subnet
- How to use Active Directory Discovery
- How to discover a single Device
- How to Audit in complex network environments
- How to audit a Computer
- Discovery - Community vs Professional vs Enterprise
- Credentials for Microsoft Azure used in Cloud Discovery
- Credentials for Amazon AWS used in Cloud Discovery
- Configuring Open-Audit with HTTPS/SSL
- Collector / Server
- Auditing Linux without root
Outdated below as at v4.
How To
...