Release Notes for Open-AudIT v5.2.0

Released 2024-04-22

md5sum: 870200661e0835439aad37d660fb7bcc

sha256sum: 313116a73fdbec3fc1897c50dafb33ea72f49f177f2a6fb22fc2d539dba39904

Windows: Unreleased as yet.


VersionTypeCollectionDescription
EnterpriseBugIntegrationsSeveral bugs in the integrations code were found and addressed.
EnterpriseBugCollectorsWhen sending a device from the Collector to the Server, not all component tables were included and some failed to import. This was the result of not removing the device_id field from these tables before sending. This has now been addressed.
CommunityIssueDiscoveriesWhen loading the snmp OID helper file (which is ~54k lines long) resource contention could occur. This mostly appeared in customers running Redhat. The result was when discovery runs, more processes than specified in the configuration (queue_limit, default 20) were being spawned and overwhelming the MySQL connection limit. We now no longer load this file - at all. If your SNMP devices do not have a manufacturer, please create a rule based on their snmp_oid.
EnterpriseNew FeatureAgentsEnterprise users can now deploy Agents to their Windows devices struggling with discovery. NOTE - Agents when audited will not retrieve installed server (IIS, SQL, et al) details. This is coming ASAP.
CommunityNew FeatureDiscoveriesAdd config item for discovery_wmi_timeout (default set to 900 seconds).
CommunityBugDiscoveriesFix bug in the Ubiquiti SNMP specific file.
EnterpriseNew FeatureExecutablesEnterprise users can now check their Redhat or Debian based machines for any executable files found that the package manager does not know about. Must be enabled in configuration.
CommunityNew FeatureAuditsA new powershell script for Windows added. This is not used in discovery just yet - only for Agents.
CommunityImprovementDiscoveriesNew Nmap command for initial ping scan. When executing a discovery, most of the time the first thing to do is ping the subnet and store those IPs responding. For a small subnet (/24) this change will not make a huge difference, but for larger subngets (say a /16) the difference is massive. Testing shows a time decrease from about 30 minutes to under 4 minutes. This is not the time to complete the discovery, only the initial ping scan. Once that has completed, individual device scans commence in parallel as per the queue_limit config item.
EnterpriseImprovementConfigurationWhen we upgrade our database, do not cause an error updating the EULA and hence do not show the "Something went wrong" banner on the following page.
CommunityImprovementAllComposer library updates to latest where depends on PHP is still OK for PHP 7.4.
CommunityImprovementAuditsEnable Audit My PC on the login page.
EnterpriseImprovementTasksEnable Tasks Import CSV.
CommunityImprovementGroupsShow Execute button on groupsRead template.
CommunityBugCredentialsFix credentialsRead to display correct selection in dropdown for authentication_protocol, privacy_protocol and security_level.
CommunityImprovementDevicesExpand the partition.mount_point and bios.serial column sizes to stop false positive changes occurring.
CommunityImprovementDiscoveriesDisable ip change tracking and storage (config items create_change_log_ip and delete_noncurrent_ip) because discoveries create minimal and temporary (assuming more data is retrieved) entries, which in turn create a lot of false positives. If you must have this (which is most definitely not recommended) you will need to manually enable this via the config.