Open-AudIT Configuration
Open-AudIT Configuration
All settings apart from the database credentials should be accessible using the GUI. The GUI menu has entries for each major section and the Professional / Enterprise configuration options are separate from the Community options. The configuration options for Community are stored in the database. The configuration options for Professional / Enterprise are stored in a text file (Linux) /usr/local/omk/conf/opCommon.nmis and (Windows) c:\omk\conf\opCommon.nmis.
Common Settings to Consider Adjusting
The only attributes commonly set are those for email (see below). All other settings should likely be left as-is, unless a specific requirement is to be met.
Configuring Professional or Enterprise
In the config file is a section named authentication. You can verify users logging into Open-AudIT Enterprise using their Open-AudIT Community credentials if you set auth_method_1 to openaudit in this section. You can have up to three methods of authentication. openaudit then htaccess are the defaults.
To change these using the GUI in Open-AudIT navigate to menu -> Admin -> Configuration → Enterprise
You may need to restart the omkd daemon / service after making changes to these items.
The file these settings are stored in is (Linux) /usr/local/omk/conf/opCommon.nmis and (Windows) c:\omk\conf\opCommon.nmis.
The settings are common to all Opmantek commercial applications.
Section | Name | Original Value | Possible Values | Description | |
|---|---|---|---|---|---|
openauditenterprise | oae_application_heading | undef | Unused. | ||
openauditenterprise | oae_baseline_match_case | y | y, n | When we match software in the baselines endpoint, should we match regardless of case in software.name | |
openauditenterprise | oae_cloud_server | https://cloud.open-audit.com | <url> | Unused in on-premise installations. | |
openauditenterprise | oae_debug_level | 0 | 0. 1. 2. 3 | Log verbosity (larger is more verbosity). | |
openauditenterprise | oae_gui_refresh_time | 20 | <integer> | Unused. | |
openauditenterprise | oae_link | /open-audit/ | <absolute url> | The standard link to Open-AudIT Community | |
openauditenterprise | oae_password | <password> | Unused. The password for the Open-AudIT Enterprise user account. | ||
openauditenterprise | oae_rss_url | https://community.opmantek.com/rss/OAE.xml | <url> | The online address of the RSS feed. | |
openauditenterprise | oae_rss_use | y | y, n | Should we use the RSS feed on the dashboard. | |
openauditenterprise | oae_server | http://127.0.0.1/open-audit/ | <url> | The link to Open-AudIT for internal connections. Should always be the original value unless explicitly directed by Opmantek to be changed. | |
openauditenterprise | oae_type | Unused in on-premise installations. | |||
openauditenterprise | oae_username | open-audit_enterprise | <username> | The Open-AudIT Enterprise user (used internally). | |
openauditenterprise | oae_collector_connect_timeout | 10 | <integer> | Seconds to timeout waiting for the server when in Collector mode. | |
openauditenterprise | oae_collector_request_timeout | 240 | <integer> | Seconds to timeout waiting for the server when in Collector mode. | |
openauditenterprise | oae_collector_inactivity_timeout | 30 | <integer> | Seconds to timeout waiting for the server when in Collector mode. |
The email settings are used to email scheduled Queries and Reports. These should be changed to your required email server's settings.
To change these using the GUI in Open-AudIT navigate to menu -> Admin -> Configuration -> Email
You may need to restart the omkd daemon / service after making changes to these items.
The file these settings are stored in is (Linux) /usr/local/omk/conf/opCommon.nmis and (Windows) c:\omk\conf\opCommon.nmis.
The settings are common to all Opmantek commercial applications.
Section | Name | Original Value | Possible Values | Description | |
|---|---|---|---|---|---|
mail_domain | yourdomain.com | <domain> | |||
mail_from | yourmailname@yourdomain.com | <email> | |||
mail_password | your_password | <password> | |||
mail_server | smtp.yourdomain.com | <fqdn> | |||
mail_server_port | 25 | <integer> | |||
mail_subject_prefix | [automatic] | ||||
mail_use_tls | true | true, false | |||
mail_user | your_user_account@your_domain.com | <username> |
Authentication
In the config file is a section named authentication. You can verify users logging into Open-AudIT Enterprise using their Open-AudIT Community credentials if you set auth_method_1 to openaudit in this section. You can have up to three methods of authentication. openaudit then htaccess are the defaults. These should mostly be left as their defaults unless a specific requirement is to be met. To enable MS Active Directory and/or OpenLDAP, see the bottom of this page.
To change these using the GUI in Open-AudIT navigate to menu -> Admin -> Configuration -> Authentication
You may need to restart the omkd daemon / service after making changes to these items.
The file these settings are stored in is (Linux) /usr/local/omk/conf/opCommon.nmis and (Windows) c:\omk\conf\opCommon.nmis.
The settings are common to all Opmantek commercial applications.
Section | Name | Original Value | Possible Values | Description | |
|---|---|---|---|---|---|
authentication | auth_crowd_password | <password> | |||
authentication | auth_crowd_server | <ip> | |||
authentication | auth_crowd_user | <username> | |||
authentication | auth_expire_seconds | 3600 | <integer> | ||
authentication | auth_htpasswd_encrypt | crypt | crypt, plaintext, apache-md5 | ||
authentication | auth_htpasswd_file | <omk_conf>/users.dat | <relative filepath> | ||
authentication | auth_lockout_after | 0 | <integer> | seconds, 0 for none. | |
authentication | auth_login_motd | Authentication required: default credentials are nmis/nm1888 | |||
authentication | auth_method_1 | openaudit | htpasswd, openaudit, radias, tacacs, crowd, system, ldaps, ldap, ms-ldap, ms-ldaps, novell-ldap, connectwise, pam | ||
authentication | auth_method_2 | htpasswd | htpasswd, openaudit, radias, tacacs, crowd, system, ldaps, ldap, ms-ldap, ms-ldaps, novell-ldap, connectwise, pam | ||
authentication | auth_method_3 | htpasswd, openaudit, radias, tacacs, crowd, system, ldaps, ldap, ms-ldap, ms-ldaps, novell-ldap, connectwise, pam | |||
authentication | auth_ms_ldap_attr | sAMAccountName | |||
authentication | auth_ms_ldap_base | CN=Users,DC=your_domain,DC=com | <ldap> | ||
authentication | auth_ms_ldap_debug | true | true, false | ||
authentication | auth_ms_ldap_dn_acc | CN=Administrator,CN=Users,DC=your_domain,DC=com | |||
authentication | auth_ms_ldap_dn_psw | your_administrator_password | <password> | ||
authentication | auth_ms_ldap_group | CN=Users,DC=your_domain,DC=com | <ldap> | ||
authentication | auth_ms_ldap_server | your.ip.address.here | <ip> | ||
authentication | auth_ms_ldaps_capath | required | |||
authentication | auth_ms_ldaps_server | your.ip.address.here | <ip> | ||
authentication | auth_ms_ldaps_verify | ||||
authentication | auth_sso_domain | <domain> |
Configuring Community
Below are the default values and a description for the configuration of Open-AudIT. These can all be changed to work as you desire.
To change these using the GUI in Open-AudIT navigate to menu -> Admin -> Configuration -> All
Name | Original Value |
|---|