Open-AudIT Default Configuration Values and Description
Below are the default values and a description for the configuration of Open-AudIT (as at Open-AudIT 5.7.0). These can all be changed to work as you desire.
To change these using the GUI in Open-AudIT navigate to menu -> Admin -> Configuration -> List Configuration
| access_token_count | 20 | number | Allow this many access tokens to be stored in the cookie. |
| access_token_enable | y | bool | Should we enable access tokens for CSRF mitigation. |
| collector_check_minutes | 5 | number | The default check interval for collectors. |
| components_extra_columns | | text | Any extra columns from the devices table to show on the components list page. Should be comman separated, no spaces, column name only. |
| create_change_log | y | bool | Should Open-AudIT create an entry in the change log table if a change is detected. |
| create_change_log_arp | n | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the arp table. |
| create_change_log_bios | y | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the bios table. |
| create_change_log_certificate | y | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the Certificate table. |
| create_change_log_disk | y | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the disk table. |
| create_change_log_dns | y | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the dns table. |
| create_change_log_file | y | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the file table. |
| create_change_log_ip | n | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the ip table. |
| create_change_log_log | y | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the log table. |
| create_change_log_memory | y | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the memory table. |
| create_change_log_module | y | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the module table. |
| create_change_log_monitor | y | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the monitor table. |
| create_change_log_motherboad | y | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the motherboard table. |
| create_change_log_netstat | y | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the netstat table. |
| create_change_log_netstat_dynamic | n | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the netstat table and the port is 49152 or greater. |
| create_change_log_netstat_registered | n | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the netstat table and the port is in the range of 1024 to 49151. |
| create_change_log_netstat_well_known | y | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the netstat table and the port is 1023 or lower. |
| create_change_log_network | y | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the network table. |
| create_change_log_nmap | y | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the nmap table. |
| create_change_log_optical | y | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the optical table. |
| create_change_log_pagefile | y | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the pagefile table. |
| create_change_log_partition | y | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the partition table. |
| create_change_log_policy | y | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the policy table. |
| create_change_log_print_queue | y | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the print_queue table. |
| create_change_log_processor | y | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the processor table. |
| create_change_log_radio | n | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the radio table. |
| create_change_log_route | y | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the route table. |
| create_change_log_san | y | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the san table. |
| create_change_log_scsi | y | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the scsi table. |
| create_change_log_server | y | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the server table. |
| create_change_log_server_item | y | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the server_item table. |
| create_change_log_service | y | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the service table. |
| create_change_log_share | y | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the share table. |
| create_change_log_software | y | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the software table. |
| create_change_log_software_key | y | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the software_key table. |
| create_change_log_sound | y | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the sound table. |
| create_change_log_task | y | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the task table. |
| create_change_log_usb | y | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the USB table. |
| create_change_log_user | y | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the user table. |
| create_change_log_user_group | y | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the user_group table. |
| create_change_log_variable | n | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the variable table. |
| create_change_log_video | y | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the video table. |
| create_change_log_vm | y | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the vm table. |
| create_change_log_windows | y | bool | Should Open-AudIT create an entry in the change log table if a change is detected in the windows table. |
| decrypt_credentials | y | bool | When we display or export credentials, should we decrypt them. |
| default_network_address | | text | The URL used by external devices to talk to Open-AudIT. |
| delete_noncurrent | n | bool | Should we delete all non-current data. |
| delete_noncurrent_arp | y | bool | Should we delete non-current arp data. |
| delete_noncurrent_bios | n | bool | Should we delete non-current bios data. |
| delete_noncurrent_certificate | n | bool | Should we delete non-current Certificate data. |
| delete_noncurrent_disk | n | bool | Should we delete non-current disk data. |
| delete_noncurrent_dns | n | bool | Should we delete non-current dns data. |
| delete_noncurrent_file | n | bool | Should we delete non-current file data. |
| delete_noncurrent_ip | y | bool | Should we delete non-current ip data. |
| delete_noncurrent_log | n | bool | Should we delete non-current log data. |
| delete_noncurrent_memory | n | bool | Should we delete non-current memory data. |
| delete_noncurrent_module | n | bool | Should we delete non-current module data. |
| delete_noncurrent_monitor | n | bool | Should we delete non-current monitor data. |
| delete_noncurrent_motherboard | n | bool | Should we delete non-current motherboard data. |
| delete_noncurrent_netstat | y | bool | Should we delete non-current netstat data. |
| delete_noncurrent_network | n | bool | Should we delete non-current network data. |
| delete_noncurrent_nmap | n | bool | Should we delete non-current nmap data. |
| delete_noncurrent_optical | n | bool | Should we delete non-current optical data. |
| delete_noncurrent_pagefile | n | bool | Should we delete non-current pagefile data. |
| delete_noncurrent_partition | n | bool | Should we delete non-current partition data. |
| delete_noncurrent_policy | n | bool | Should we delete non-current policy data. |
| delete_noncurrent_print_queue | n | bool | Should we delete non-current print_queue data. |
| delete_noncurrent_processor | n | bool | Should we delete non-current processor data. |
| delete_noncurrent_radio | y | bool | Should we delete non-current radio data. |
| delete_noncurrent_route | n | bool | Should we delete non-current route data. |
| delete_noncurrent_san | n | bool | Should we delete non-current san data. |
| delete_noncurrent_scsi | n | bool | Should we delete non-current scsi data. |
| delete_noncurrent_server | n | bool | Should we delete non-current server data. |
| delete_noncurrent_server_item | n | bool | Should we delete non-current server_item data. |
| delete_noncurrent_service | n | bool | Should we delete non-current service data. |
| delete_noncurrent_share | n | bool | Should we delete non-current share data. |
| delete_noncurrent_software | n | bool | Should we delete non-current software data. |
| delete_noncurrent_software_key | n | bool | Should we delete non-current software_key data. |
| delete_noncurrent_sound | n | bool | Should we delete non-current sound data. |
| delete_noncurrent_task | n | bool | Should we delete non-current task data. |
| delete_noncurrent_usb | n | bool | Should we delete non-current USB data. |
| delete_noncurrent_user | n | bool | Should we delete non-current user data. |
| delete_noncurrent_user_group | n | bool | Should we delete non-current user_group data. |
| delete_noncurrent_variable | y | bool | Should we delete non-current variable data. |
| delete_noncurrent_video | n | bool | Should we delete non-current video data. |
| delete_noncurrent_vm | n | bool | Should we delete non-current vm data. |
| delete_noncurrent_windows | n | bool | Should we delete non-current windows data. |
| devices_default_display_columns | devices.id | text | When requesting a list of devices, display these columns. (see in-app) |
| devices_default_group_columns | devices.id | text | When requesting a group of devices, retrieve and display these columns. (see in-app) |
| devices_default_retrieve_columns | devices.id | text | When requesting a list of devices, provide these columns. (see in-app) |
| devices_default_sort | name | text | The default sort on the Devices List page. |
| device_auto_delete | n | bool | Should we delete the device data completely from the database when the device status is set to Deleted. |
| discovery_default_scan_option | 1 | number | The default discovery options for Nmap. |
| discovery_ip_exclude | | text | Populate this list with ip addresses to be excluded from discovery. IPs should be separated by a space. |
| discovery_linux_script_directory | /tmp/ | text | The directory the script is copied into on the target device. |
| discovery_linux_script_permissions | 700 | text | The permissions set on the audit_linux.sh script when it is copied to the target device. |
| discovery_linux_use_sudo | y | bool | When running discovery commands on a Linux target, should we use sudo. |
| discovery_override_nmap | n | bool | Override the detection of Nmap to enable discoveries. |
| discovery_route_retrieve_limit | 500 | number | When discovering a device using SNMP, do not retrieve the route table if it contains more than this number of entries. |
| discovery_ssh_timeout | 900 | number | Timeout duration (in seconds) when discovering a device via SSH. |
| discovery_sudo_path | | text | Optional hardcoded path to sudo executable. Comma seperated for multiple paths. |
| discovery_sunos_use_sudo | y | bool | When running discovery commands on a SunOS target, should we use sudo. |
| discovery_use_dns | y | bool | Should we use DNS for looking up the hostname and domain. |
| discovery_use_org_id_match | n | bool | When matching a device and assign_devices_to_org is set, use that attribute in the relevant match rules. |
| discovery_use_vintage_service | n | bool | On Windows, use the old way of running discovery with the Apache service account. |
| discovery_wmi_timeout | 900 | number | Timeout duration (in seconds) when discovering a device from Linux via WMI. |
| enterprise_env | | text | Set to allow execution not in /tmp for Linux. |
| feature_agents_advanced | n | bool | Allow Agents to execute commands and download files. |
| feature_executables | n | bool | Activate the linux based Executables feature. |
| feature_news | n | bool | Use online requests for news, updates, queries and packages. |
| feature_news_last_request_date | 2000-01-01 | text | When did we last request a news article. |
| feature_powershell_audit | n | bool | Use the PowerShell audit script instead of the VBScript audit script in discoveries. |
| feature_queries_advanced | n | bool | Allow Queries without a filter. |
| graph_days | 30 | number | The number of days to report on for the Enterprise graphs. |
| homepage | summaries | text | Any links to the default page should be directed to this endpoint. |
| license_string | | text | The license string (or key) for Open-AudIT (if used). |
| license_string_collector | | text | The license string (or key) for Open-AudIT Collectors (if used). |
| mail_domain | | text | Email domain to use. |
| mail_from | | text | Email address used for as the sender. |
| mail_password | | text | Email password for the email account. |
| mail_server | | text | Email server to use to send email. |
| mail_server_port | 25 | text | Email server port to use to send email. |
| mail_user | | text | Email account name used to send emails. |
| mail_use_tls | y | bool | Email use TLS or not. |
| maps_api_key | | text | Your API key for Google Maps. |
| match_dbus | n | bool | Should we match a device based on its dbus id. |
| match_dns_fqdn | n | bool | Should we match a device based on its DNS fqdn. |
| match_dns_hostname | n | bool | Should we match a device based on its DNS hostname. |
| match_fqdn | y | bool | Should we match a device based on its fqdn. |
| match_hostname | y | bool | Should we match a device based only on its hostname. |
| match_hostname_dbus | y | bool | Should we match a device based on its hostname and dbus id. |
| match_hostname_serial | y | bool | Should we match a device based on its hostname and serial. |
| match_hostname_uuid | y | bool | Should we match a device based on its hostname and UUID. |
| match_ip | n | bool | Should we match a device based on its ip. |
| match_ip_no_data | y | bool | Should we match a device based on its ip if we have an existing device with no data. |
| match_mac | y | bool | Should we match a device based on its mac address. |
| match_mac_vmware | n | bool | Should we match a device based mac address even if its a known likely duplicate from VMware. |
| match_serial | y | bool | Should we match a device based on its serial number. |
| match_serial_type | y | bool | Should we match a device based on its serial and type. |
| match_sysname | y | bool | Should we match a device based only on its SNMP sysName. |
| match_sysname_serial | y | bool | Should we match a device based only on its SNMP sysName and serial. |
| match_uuid | y | bool | Should we match a device based on its UUID. |
| message_of_the_day | | text | Displayed on the logon page. Can be HTML. |
| output_escape_csv | y | bool | Escape CSV output so Excel will not attempt to run contents. |
| page_size | 1000 | number | The default limit of rows to retrieve. |
| process_netstat_windows_dns | n | bool | Should we keep track of Windows netstat ports used by DNS above port 1000. |
| queue_limit | 20 | number | The maximum number of concurrent device scans we should run. |