Table of Contents |
---|
Introduction
As at version 1.12.8, Open-AudIT can now retrieve details about a file or directory of files and monitor these files for changes as per other attributes in the Open-AudIT database.
...
To create an entry to track either a single file or a directory of files, use Open-AudIT Enterprise and go to menu: Discover-> Views Files -> Create Files and click the Create button.
Create . Create a file by providing values for the path (either the file or a directory with a trailing slash) and an optional description. Click Submit.
Once Once you have created the file you will see it appear in the list at menu Discover -> Views Files -> List Files.
An entry will be create in the Open-AudIT database, in the "files" table.
Viewing File Details
File details will appear under the "Settings" menu item for a device. They are displayed as below. This is from a Linux machine using our /etc/init.d/ entry from earlier.
The database entry will look as below (for a single file).
id: 48
system_id: 8
current: y
first_seen: 2016-08-04 00:56:35
last_seen: 2016-08-04 00:56:35
files_id: NULL
name: single
full_name: /etc/init.d/single
size: 590
directory: /etc/init.d
hash: 27579d05edbd1b71307d2059a6c3370a00823c54
last_changed: 2014-03-13 11:33:14
meta_last_changed: 2014-08-22 17:42:38
permission: 755
owner: root
group: root
type:
version:
inode: 5374232
Go to menu: Discover -> Files -> List Files.
Enabling the Feature Under Windows
...
Navigate to the Service list.
Double click the apache 2.2 service.
Click the tab for logon and then click the "this account" option. You might want to click the Browse button and search for the account. Click OK and then restart the service.
Apache will now be running under an account with network access and Open-AudIT will now be able to copy the audit script to the target Windows machine and run it, hence retrieving file details.
Database Schema
The database schema can be found in the application is the user has database::read permission by going to menu: Admin -> Database -> List Tables, then clicking on the details button for the table.
API / Web Access
...
You can access the
...
collection using the normal Open-AudIT JSON based API. Just like any other collection. Please
...
see The Open-AudIT API documentation for further details.
...
API Routes
Request Method | ID | Action | Resulting Function | URL Example | Notes | Example Response |
---|---|---|---|---|---|---|
GET | n | collection | /files | Returns a list of files. | files_collection.json | |
GET | y | read | /files/{id} | Returns a file's details. | files_read.json | |
PATCH | y | update | /files/{id} | Update an attribute of a file entry. | ||
POST | n | create | /files | Insert a new file entry. |
Web Application Routes
Only available under Open-AudIT Enterprise
Request Method | ID | Action | Resulting Function | URL Example | Notes |
---|---|---|---|---|---|
GET | n | create | create_form | /files/create | Displays a standard web form for submission to POST /files. |
GET | y | update | update_form | /files/{id}/update | Show the script details with the option to update attributes using PATCH to /files/{id} |
...