Skip to end of banner
Go to start of banner

Release Notes for Open-AudIT v3.2.0

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Released

Linux SHA256: 

Linux md5sum: 


Open-AudIT 3.2.0 see's a major new feature incorporated - Rules. Rules allow you to manage properties for discovered devices. This of it as If This, Then That for Open-AudIT. More details can be found on the Rules page.


Open-AudIT CommunityNew FeaturerulesRules
Open-AudIT CommunityImprovementscriptsEnable running audit_windows.vbs without Admin rights. Admin required for policy reading.
Open-AudIT CommunityImprovementdiscoveries

If we're running under Windows AND the default Apache service user AND have a failed 'net use' in the discovery log, show a warning.

Open-AudIT CommunityImprovementdiscoveriesProvide warning when Windows Apache running as Local System and we have failed audit script copies in the discovery log.
Open-AudIT CommunityBugcredentialsWhen retrieving credentials for a device::read, if they no longer exist, do not try to merge them into the response.
Open-AudIT CommunityBugscriptsRemove unnecessary wscript.quit in policy auditing (left from debugging).
Open-AudIT CommunityImprovementinputRevise 'in' operator to require opening and closing round braces in URL.
Open-AudIT CommunityImprovementqueriesFix parsing queries to use case-insensitive where (as opposed to case sensitive WHERE) when executing.
Open-AudIT CommunityImprovementdiscoveries

Allow the user to supply an ID when creating Discoveries. This enables the Server and Collector to use the same discovery ID so logs will align.

Open-AudIT CommunityImprovementcredentials, locations, orgsAs per discoveries, allow ID for Orgs, Locations and Credentials so they're in sync between Server and Collector.
Open-AudIT CommunityImprovementdiscoveries

Remove $device->id from log messages. We have $device-IP and we use that. Removing the ID (still stored in discovery_log.system_id) removes confusion when reading Collector vs Server discovery logs.

Open-AudIT CommunityImprovementlocations, orgsAdd reset function to Orgs and Locations controllers.
Open-AudIT CommunityImprovementdiscoveries

Set the local IP for a log entry (when status = complete). Only log discovery retrieved if we are given an IP (end of discover subnet script causes this.

Open-AudIT CommunityImprovementinput, logsAllow input/logs from localhost AND any IP of a Collector.
Open-AudIT CommunityImprovementusers, orgsDon't log in m_users::get_org as this is called repeatedly.
Open-AudIT CommunityImprovementscriptsEliminate loop disks (mounted by Snaps) from linux audit.
Open-AudIT CommunityImprovementrulesSet the PHP memory limit to 1024 the input controller. Discovery now regularly uses > 500MB because of the Rules matching.
Open-AudIT CommunityImprovementdiscoveriesAdd another match test, for dns_hostname.
Open-AudIT CommunityImprovementscriptsRemove the DirectX software entry as the registry cannot provide the correct version above 11.
Open-AudIT CommunityImprovementdiscoveriesShow the name as it is always present, rather than the hostname, in the log.
Open-AudIT CommunityImprovementdiscoveriesAdd the peak memory use to the last log line in discoveries.
Open-AudIT CommunityImprovementusersDisable the NMIS user (null password) by default.
Open-AudIT CommunityBugdiscoveriesFix non-updating status for discovery on single device discovery.
Open-AudIT CommunityBugusersFix bug in m_logon when testing for multiple LDAP servers. Allow for user.name@domain.com and parse to user.name when searching for a user or logging on using headers. Full user.name@domain.com is sent from Enterprise.
Open-AudIT CommunityImprovementscripts

Only show 'Audit My PC' on the logon screen if default network address is set and not to localhost.

Open-AudIT CommunityBugdiscoveriesValidate network address when discovery submitted and also when generating the command to be run.
Open-AudIT CommunityImprovementdiscoveriesSet discovery status, duration, etc on logs received for more accurate display in GUI.
Open-AudIT CommunityBugdiscoveriesDo not attempt to SCP audit file from target if not in returned array of audit script output.
Open-AudIT CommunityImprovementdatabaseSchema changes to ensure defaults for all coluins that are not TEXT type.
Open-AudIT CommunityImprovementdatabaseNew function to derive SQL schema columns. Replaces functions in m_collection and include_dictionary. Use new function in collections helper for columns.
Open-AudIT CommunityImprovementdatabase, groupsRemove GROUP BY name on groups collection for Strict MySQL compliance.
Open-AudIT CommunityImprovementgroupsEnable 'expose' in groups create form.
Open-AudIT EnterpriseImprovementcollectorsForward all discovery logs from Collector to Server.
Open-AudIT EnterpriseImprovementcloudsAbility to inventory and audit Google Compute cloud servers.
Open-AudIT ProfessionalImprovementnetworksAdd Cloud Network as a type of network.
Open-AudIT EnterpriseImprovementcollectorsStore the Collectors OS.
Open-AudIT EnterpriseImprovementfiles

Address issue when declaring a Unix style filepath containing a *. This breaks the Windows audit. If a path now starts with a /, exclude it from the Windows audit script.

Open-AudIT EnterpriseImprovementcollectors

Set default collector interval to 5 minutes.

Open-AudIT ProfessionalImprovementdiscoveriesRevise warning message for Centos/Redhat 6 for discovery create form.
Open-AudIT ProfessionalImprovementlogsNew "summary" logs page. Group all logs for an individual request. From Professional / Enterprise, there will still be multiple as a single web browser request can generate several calls to the Community API.
Open-AudIT ProfessionalImprovementAPI

Only load dictionary in include_read when format is screen. When reading a discovery, load org, assigned org and assigned location in the includes array.

Open-AudIT ProfessionalImprovementcredentialsRemove menu entry for Default Credentials (we no longer ship SNMP public).
Open-AudIT ProfessionalBugdevicesSort device types ignoring case in drop down on devices::read template.
Open-AudIT ProfessionalImprovementdiscoveriesRevise the status naming on discoveries::collection and discoveries::read.
Open-AudIT EnterpriseBugdashboardsAllow all dashboards on Cloud.
Open-AudIT EnterpriseImprovementdiscoveries

Do not flag SNMP status as true when cloud auditing.

Open-AudIT ProfessionalImprovementnetworksAdd the new network type and sort alpha on networks::read template.
Open-AudIT ProfessionalImprovementnetworksAdd a Refine button on networks::collection template (Show all /24 networks, for example).
Open-AudIT EnterpriseBugdiscoveriesEnable edit discovery options in Cloud.
Open-AudIT ProfessionalImprovementdiscoveriesShow warning for Discovery Apache Service user under Windows.
Open-AudIT EnterpriseBugtasksShow Collector on tasks:read when type == discoveries.
Open-AudIT EnterpriseImprovementcollectorsAdd OS to the collector details when registering.
Open-AudIT ProfessionalImprovementtasksFor the tasks::create and tasks::read templates, only allow intervals of 5 minutes.
Open-AudIT ProfessionalBugtasksspecify the correct type on tasks::create template form (tasks, not scripts).
Open-AudIT EnterpriseImprovementdiscoveriesDiscovery Execute button on Server should create a task for Collector.
Open-AudIT ProfessionalImprovementGUIAll ? buttons should go to Documentation, not the Feature page.
Open-AudIT ProfessionalImprovementcredentials, discoveriesAdd wizard buttons on Discovery and Cloud pages.
Open-AudIT EnterpriseImprovementcollectorsSync Orgs and Locations to Collector.
Open-AudIT ProfessionalImprovementGUIAdd Get Support to Help menu.
Open-AudIT ProfessionalTaskinstaller

New package requirement for Ubuntu/Debian only - php-curl. Centos/RedHat ship with this, as does our Xampp install for Windows.

Open-AudIT EnterpriseImprovementcollectorsAllow credentials and discoveries when in Collector mode.
Open-AudIT EnterpriseImprovementcollectors, discoveriesDelete the discovery logs on the server when a Collector discovery runs.
Open-AudIT ProfessionalBuginstallerParse database.php config correctly so we can back it up in the installer.
Open-AudIT ProfessionalImprovementdiscoveriesOn discoveries::read template, insert a BR where we have a new line int he logs.
Open-AudIT EnterpriseBugdiscoveries

If we are Cloud or have Collectors, disable Run Discovery on Bulk Edit template. If we run Discovery from Bulk Edit, redirect upon completion to Dashboard with success or fail flash. Allow for new id=in() format in URL.

Open-AudIT ProfessionalImprovementdevices

Remove the sortable attribute from Bulk Edit (in table header) on devices::collection template.

Open-AudIT ProfessionalImprovementGUIOnly populate debug panel if $response is set.
Open-AudIT EnterpriseImprovementGUIDo not allow 'discover this device' when running Cloud.
Open-AudIT EnterpriseImprovementlogsRevised log severity from error to debug on collector request with no discoveries returned.
Open-AudIT ProfessionalBugLDAPFix logging on to Professional / Enterprise using LDAP, verified by Community using full user.name@domain.com format.
Open-AudIT ProfessionalImprovementnetworksUse ip_padded for table display to enable sort on networks::read template.
Open-AudIT EnterpriseImprovementcollectorsPopulate the Collectors discovery response with the config match items from the local (Server) install.
Open-AudIT ProfessionalImprovementGUIOn all individual item pages make the tab title $collection - $name.
Open-AudIT EnterpriseBugcollectors, networksCollector Register should not create multiple entries in /networks (each time one is registered from the same subnet).
Open-AudIT EnterpriseBugcollectorsChange Collector status to approved once a collector requests is received.
Open-AudIT ProfessionalImprovementdiscoveries

Links on Discoveries::Read::Summary now directly show devices audited or not audited, rather than link to the devices::collection template, hence show what the user expects to see.

  • No labels