Open-AudIT FAQ
- 1 Opening a Support Ticket? Please Attach These Files
- 2 What are the default credentials to log into the web interface?
- 3 My AntiVirus is prompting me to deny/allow things.
- 4 How can I add another user to Open-AudIT?
- 5 How can I access the Open-AudIT application?
- 6 Discovery has stopped working
- 7 An Open-AudIT page is not displaying and all I am seeing is a white screen.
- 8 My time is off in Open-AudIT.
- 9 I cannot start the Apache service on Windows.
- 10 I Still cannot start the Apache service on Windows
- 11 Bulk Edit selections won't stay selected after clicking next page
Opening a Support Ticket? Please Attach These Files
If you open a support ticket, please do attach the Install Support as per this page - Open-AudIT Support Information
If your support request relates to a discovery issue, please also include the Discovery Support from this page - Open-AudIT Support Information
What are the default credentials to log into the web interface?
For Open-AudIT, the following user is set up by default.
Username | Password | Level | Used For |
|---|---|---|---|
admin | password | Administrator | default logon |
You should use the admin user to log on to the web interface.
My AntiVirus is prompting me to deny/allow things.
If you have Anti-Virus software running, allowing the services of Apache (apache2.2) and MySQL (mysql) to auto start and run is essential. These services are used by Open-AudIT. You should only need to do this once. If your AntiVirus program keeps prompting you about Open-AudIT, please post to the forums or send an email to support with the name and version of your AntiVirus software.
Sometimes Windows Defender will quarantine the Open-AudIT installer. This is because of a false positive detection on winexe-static. We use this program on Linux to execute code on the target Windows machines. This program requires valid credentials for the target machine, just as any other remote administration tool would. It is not a virus. It is safe to remove the installer from quarantine and make an exception for it, then install as usual.
How can I add another user to Open-AudIT?
In the Open-AudIT web interface, as an admin user, select the menu item menu -> Manage -> Users -> Create Users.
Complete at least the username and password fields assign at least one Role and provide access to at least one Organization.
How can I access the Open-AudIT application?
The default URL for accessing Open-AudIT is http://<SERVER>/open-audit/index.php/ (where <SERVER> is your computer name or IP Address).
If you have installed on Windows, in your Start Menu you will see entries for both Open-AudIT Enterprise and Open-AudIT.
Discovery has stopped working
If you are running a RedHat or Centos system and you have upgraded Nmap, please reset the SUID on the binary by
chmod u+s /usr/bin/nmapAn Open-AudIT page is not displaying and all I am seeing is a white screen.
If you copy the file
(Windows) c:\xampplite\htdocs\open-audit\env
(Linux) /usr/local/open-audit/env
to the same directoy, but name it .env (with a dot as the first character), then edit that .env file and change the line:
# CI_ENVIRONMENT = developmentto
CI_ENVIRONMENT = developmentYou should then have any errors displayed on the web page.
My time is off in Open-AudIT.
This is likely due to MySQL time being off. MySQL typically uses the host devices time. You can check this by:
Windows
c:\xampplite\mysql\bin\mysql.exe -u openaudit -popenauditpassword -e "SELECT NOW() as `timestamp`;"Linux
mysql -u openaudit -popenauditpassword -e "SELECT NOW() as `timestamp`;"
I cannot start the Apache service on Windows.
Have you checked that another program is not already using port 80? If you start a command prompt and type:
netstat -abnYou should get an output similar to:
C:\>netstat -abnp tcp
Active Connections
Proto Local Address Foreign Address State
TCP 0.0.0.0:80 0.0.0.0:0 LISTENING
[httpd.exe]
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
RpcSs
[svchost.exe]
TCP 0.0.0.0:443 0.0.0.0:0 LISTENING
[httpd.exe]
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
Can not obtain ownership information
TCP 0.0.0.0:554 0.0.0.0:0 LISTENING
[wmpnetwk.exe]
TCP 0.0.0.0:1025 0.0.0.0:0 LISTENING
[wininit.exe]
TCP 0.0.0.0:1026 0.0.0.0:0 LISTENING
eventlog
[svchost.exe]
TCP 0.0.0.0:1027 0.0.0.0:0 LISTENING
Schedule
[svchost.exe]
TCP 0.0.0.0:1028 0.0.0.0:0 LISTENING
[lsass.exe]
TCP 0.0.0.0:1029 0.0.0.0:0 LISTENING
[services.exe]
TCP 0.0.0.0:1030 0.0.0.0:0 LISTENING
PolicyAgent
[svchost.exe]
TCP 0.0.0.0:2869 0.0.0.0:0 LISTENING
Can not obtain ownership information
TCP 0.0.0.0:3306 0.0.0.0:0 LISTENING
[mysqld.exe]
TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING
CryptSvc
[svchost.exe]
TCP 0.0.0.0:5357 0.0.0.0:0 LISTENING
Can not obtain ownership information
TCP 0.0.0.0:8042 0.0.0.0:0 LISTENING
[opmantek_server.exe]
TCP 0.0.0.0:10243 0.0.0.0:0 LISTENING
Can not obtain ownership information
TCP 192.168.0.86:139 0.0.0.0:0 LISTENING
Can not obtain ownership information
TCP 192.168.0.86:2869 192.168.0.1:3115 TIME_WAITLook for a program using port 80. In this case, note the output
TCP 0.0.0.0:80 0.0.0.0:0 LISTENING
[httpd.exe]
That indicates port 80 is being used by the executable httpd.exe (in this case, Apache). You should not see any entries using :80.
If there is another program using port 80 either stop and remove it, change it's port (if possible) or install Open-AudIT on another machine.
Skype uses port 80 by default. If it gets in first it prevents Apache using port 80. Completely exit Skype (on a Windows 7 machine you need to go to the taskbar and right click/quit the Skype icon) and then start the Apache service. You can then restart Skype and it will use another port. Alternatively force Skype to not use port 80 and 443: In Skype | options | advanced | connection untick the "use port 80 and 443 as alternatives for incoming connections". This should also solve the problem.
I Still cannot start the Apache service on Windows
You may need to download and install the MS Visual C++ redistributable. You can find it here - https://support.microsoft.com/en-au/help/2977003/the-latest-supported-visual-c-downloads
Bulk Edit selections won't stay selected after clicking next page
If this occurs then the issue you’re seeing is related to the table control being used on the webpage. It only stores in memory the state of the check boxes for the current page being viewed. If you make selections, then page forward/back those selections will be lost. You can, however, accomplish what you want by expanding the number of devices shown on each page. In the top-left corner is a drop-down labeled “records per page”; use this to expand the number of entries displayed until you see all you want to select for Bulk Edit.
