Release Notes for Open-AudIT v4.3.4

Released 2022-08-17

Linux SHA256 - 101e19c3cac7257e830d66dfd28df96a86ff9dd61ed8b38e99c54dbe7b44340f

Linux MD5 - 18642695d6f414e54f93d04f52af7e28

Roles and Permissions revised

NOTE #1 - For new installs the Reporter role has been removed.

NOTE #2 - For new installs the ability to create queries, summaries, users and widgets has been moved from the OrgAdmin to the Admin role.

Neither of the above have been altered for existing (upgraded) installs. It is recommended you change these roles on your installation after checking users will not be affected. Opmantek has not automatically done this as this may cause confusion for users.

These changes were made in an effort to improve and tighten security.

Revised LIKE in URL

Previously if you supplied a URL with an attribute like system.description=LIKEvmware we would process that and add a preceding and trailing %, so we ended up with (in SQL) system.description LIKE '%vmware%'. This has been revised. Now if you provide the same thing (ie, no % symbols) it will function the same as before, but if you put a % anywhere in the attribute value, we will not add preceding and trailing slashes. IE if you provide system.description=LIKEvmware% now you will get the following SQL system.description LIKE 'vmware%' - no preceding % would be added. If you have attribute values like this vm%ware and you were expecting %vm%ware% in SQL, you just need to add your own preceding and trailing % symbols. This may affect any custom items, so if you're seeing different results after upgrading, this could explain it. Please revise any custom items as required. Apologies for any inconvenience this causes, but going forward this allows more flexible and at the same time more accurate queries.

VersionTypeCollectionDescription
CommunityImprovementRolesRemove Reporter role for new installs.
CommunityImprovementRolesRemove Create, Update, Delete ability from all roles except Admin for queries, summaries, users and widgets for new installs.
CommunityFixSummariesFix links for Discovery Scan Options, Discovery Logs and Locations on Summaries collection template.
CommunityImprovementDiscoveriesSome Microsoft service names now include the PID. Split the name on underscore and use the first section.
CommunityFixDiscoveriesFix discoveries.cloud_id to have a default of 0, not 1.
CommunityImprovementDiscoveriesRetrieve share permissions on Windows (as a JSON object) without requiring rmtshare.exe on c:\ of the target.
CommunityImprovementDiscoveriesAdd OrgID to matching rules for hostname and dns_hostname.
CommunityImprovementDiscoveriesImplement devices_assigned_to_org and discovery_use_org_id_match.
CommunityImprovementAllRevise URL LIKE processing. See release notes.
CommunityImprovementDiscoveriesRemove hard set 300 second request time limit in CodeIgniter. Should help long discoveries, particularly on Windows.
CommunityImprovementDevicesDePad the IP address in the details of the change_log.
CommunityImprovementLicensesAdd end_of_life and end_of_service_life to licenses SQL schema.
CommunityImprovementDiscoveriesAdd puppect facts (facter) to environment variables for Linux.
CommunityImprovementSupportRemove devices details from support.
CommunityImprovementDiscoveriesWhen querying the target using SSH, improve the shell detection code.
CommunityImprovementDevicesWhen supplying ip in an IN filter, pad it so it works as expected. IE, system.ip=in("192.168.1.1","192.168.1.2") is translated to system.ip in ("192.168.001.001", "192.168.001.002")
CommunityImprovementDevicesAllow for a join on devices<->locations in request. IE, you can now do /devices?locations.name=Some Place and see a list of all devices in Some Place.
ProfessionalImprovementDevicesAdd firmware version to device details template.
ProfessionalFixDashboardsClick pie slice on widgets::read and we get a bad link.
ProfessionalImprovementLocationsAdd links to devices on locations read template for attributes such as region, city, state, et al.
EnterpriseTaskCloudsInstaller specify AWS CLI 1.18.165 for installation on Redhat / Centos.
ProfessionalFixLicensesIn the licenses modal, fix the product links for licenses.
ProfessionalImproveLicensesWhen requesting a free license for a GDPR based user, automatically generate the license without having the user have to go to opmantek.com and request a license.