Release Notes for Open-AudIT v1.0.4

New audit scripts

Open-AudIT contains updated Windows and Linux audit scripts. Please ensure you replace any existing audit scripts being used with this new version. An initial release of an OSX audit script is now included - audit_osx.sh. It can be found in open-audit/other like the rest of the scripts.

New configuration options

If you go to Admin -> Configure you will now see additional options for configuration. snmp_default_community is used to set a community string when discovering devices. It is initially populated with "public". name_match is used when an audit result is submitted - if all else fails when trying to match a submitted system, use the system name. This is set to "n" by default and restores the way Open-AudIT functioned pre v1.0.3. 

New Group Definitions

All Group Definitions have been revised. Please deactivate any standrd Groups in your existing install and activate new Groups from Menu -> Admin -> Groups -> Activate Group.

List of updated items

Revised SNMP files. Each SNMP organisation has a dedicated "helper" file in open-audit/code_igniter/application/helpers. The file name is snmp_XXX_helper.php where XXX is the Org OID. This splits up the existing (huge) snmp_oid_helper file and we can cater to different (for example) serial number snmp locations on a per OrgId or even per OID value. Several different devices have been tested but as users encounter devices that are not reported correctly, they should submit the details to have them included and "just work" in future releases of Open-AudIT.

Config item now exists to specify a default community string when scanning a new system. It is initially set to "public".

Extend the length of the config value field to 250 characters from 40.

Added a dropdown instead of a text field for location type. Each type has an associated icon.

Added links to input Open-AudIT Enterprise license details from Open-AudIT Community logon page if license not exists or not valid or expired.

Every admin controller and method now logs to the log file with the exception of Admin->View Log.

Help -> About now shows if the PHP extensions for SNMP and MBString are not installed.

Help -> About shows the timezone PHP is configured to.

Extended the descript and man description fields to 250 characters.

Included OSX audit script with ip address, network card and software detection.

Added group by version as well as name in software licensing report.

Revised report names to fit 'Installed - ' format.

Removed Edit button from list groups -> All Devices group.

Fixed all device image sizes of devices to 100px x 100px.

Added version to installed software report group by.

Allowed for a third attribute when creating a web page report in v_report.php.

Added extra fields when updating an existing network card from an audit.

Added timeout to audit_subnet script on Linux.

Added size in database system table for rack tables like functions to calculate rack space, use, etc. No front end as yet.

Added more OS icons.

Added NetStat database table and script collect (Linux and Windows), input and display on device details page routines.

Removed system.man_vendor column (unused).

Revised all Group definitions.

Added function to delete non-current rows from tables in Menu -> Admin -> Database -> Maintenance.

Added an entry in device audit log for each system and attribute that is changed via a bulk edit.

Option to match or not based ONLY on hostname. Configuration item exists in Menu -> Admin -> Config.

Added overwrite some man_ items if they have been set ONLY by an audit script.

Added [ and ] in list of accepted URL characters.

Download export to NMIS file if NMIS not installed on same server.

Added GET login option for Open-AudIT Enterprise that sets a cookie and echos treu or false. No redirect. When a user logs into Open-AudIT Enterprise a request is sent to Open-AudIT with the same credentials. No need to log in to Open-AudIT.

Fixed display of custom picture for any devices. If a custom picture exists it will over write any other existing pictures (model, type, etc).

Improved sample data generation and added softare packages.

Windows Audit bugs fixed as reported in the forums.

Revised logo banner in Open-AudIT to reflect Open-AudIT Enterprise license status.

Added reports for Active Directory OU's.

Network speed patch from forums applied. http://www.open-audit.org/phpBB3/viewtopic.php?f=20&t=6199

Corrected hard coded redirect when acknowledging an alert.

Added Open-AudIT Enterprise system user and default Open-AudIT Enterprise user, same as NMIS, to Open-AudIT.

Software package auditing under LinuxMint.

Revised some items for matching attributes when submitting through subnet, snmp, active directory.

Fixed blank SNMP credentials over writing a system that is present in the DB, when a SNMP scan occurs (after nmap subnet scan, etc).

Database maintenance added to Admin menu.

Added pagefile size to stored attributes (sys_sw_pagefile).

Removed unused tables from database - oa_net_nmap_ports, oa_net_scan_latest, oa_net_scan_log, oa_net_scan_type, sys_hw_battery, sys_hw_firewire, sys_hw_floppy, sys_hw_keyboard, sys_hw_modem, sys_hw_mouse, sys_hw_onboard_device, sys_hw_scsi_device, sys_hw_tape_drive, sys_hw_usb, sys_sw_antivirus, sys_sw_database_log, sys_sw_firewall, sys_sw_firewall_auth_app, sys_sw_firewall_ports, sys_sw_mapped, sys_sw_odbc, sys_sw_startup, sys_sw_system_security, sys_sw_system_security.

Fixed dynamic DNS and DHCP details not updating in process_network_card.

Removed condition that was causing 'alerts' not to run.

Added ability to GET data as well as accept POST data in 'update_config'.

Added %trend% to the AntiVirus report definition.

Revised the apple icon to look better on a non-white background.

Removed extra strings from en_inc language file and sorted file alphabetically.

When adding or editing a user, the "Group Access Details" table has an "Access Level" selection drop-down in the table header which allows an administrator to assign an access level for all groups at one time instead of manually for each group in the table. This selection drop-down works correctly in Internet Explorer, but the options are not displayed in in Google Chrome. Fixed.

Added system summary API.

Added error handling in Scheduled Tasks as per forum post http://www.open-audit.org/phpBB3/viewtopic.php?f=20&t=6188

Clean up of old files and todo's put to correct format (capitals + :, TODO:, FIX:, BUG:, etc). Now easy to run (for example) grep -R "TODO:".

Added type projector when manually creating a device.

Added functionality to determine if Open-AudIT Enterprise is installed and/or licensed and redirect or show message on logon page.

Account for case sensitivity in os_family in Group definitions.

Updated linux audit and patched system controller to cater for alerts being generated when an initial audit is preformed.