Managing your IT infrastructure is always been a hard job if you are not taking advantage of free and Open Source network discovery, inventory and auditing application like Open-audit. It actually tell you exactly what is on your network, how it is configured and when it changes. So, we say that Open-AudIT is a database that contains the information about all the devices connected in our network then shows them on the web interface. The Open-AudIT application is written in php, bash and vbscript that makes the changes and customization both quick and easy.
To scan network and its devices automatically Open-AudIT can be configured with daily scan as per recommended for systems. That way, you can be assured of being notified if something changes. Its powerful reporting framework enables information such as software licensing, configuration changes, non-authorized devices, capacity utilization and hardware warranty status with its ability to request Reports to be run on a pre-defined schedule and emailed.
Basic Requirements
There are few basics requirements that must be figured out before the start of Open-audIT installation setup on CentOS 6/7.
1- FQDN, Hostname
2- System Update
3- Apache Web Server
4- PHP Configurations
5- MySQL Database
6- Nmap and SNMP
1) Hostname
Starting from first step, login to your centOS 6/7 server using the root or sudo user. Configure your network and host name settings by opening the hosts file with a text editor.
# vim /etc/hosts
2) System Update
If you are using an old version of CentOS, then you can upgrade it using below command.
# yum upgrade
After that make sure that your CentOS server is upto date with latest security updates and patches. You can update your system with below command.
# yum update
3) Apache, MySQL, PHP
Open-audIT is a web based apploication developed in PHP language. So we need to setup a web server, a data base server and some PHP libraries for a fully functional Open-Audit Web portal.
So, we will be installing all these required packages in one go using the below commands.
# yum -y install epel-release
# yum install httpd mysql mysql-server php php-cli php-mysql php-ldap php-mbstring php-mcrypt php-snmp php-xml nmap net-snmp zip curl perl wget sshpass screen samba-client
Press 'Y' to yes for starting installation of packages, then a list following packages will installed as shown in the image while n centOS 7 MariaDB package will be installed instead of MySQL. Open-AudIT uses Nmap for discovery, sshpass for Linux auditing and screen / samba-client / winexe for Windows auditing without these packages discovery will not work. If you are unable to install winexe using 'yum' the follow this link to get the Winexe RPM Package
# wget http://download.opensuse.org/repositories/home:/ahajda:/winexe/CentOS_CentOS-6/x86_64/winexe-1.00-2.5.x86_64.rpm
# rpm -i winexe-1.00-2.5.x86_64.rpm
After installation completes start apache web server and and MySQL DB service and configure the both to run automatically at startup.
In centos6
# service httpd start
# chkconfig –levels 235 httpd on
# service mysqld start
# chkconfig –levels 235 mysqld on
In centos7
# systemctl start httpd.service
# systemctl enable httpd.service
# systemctl start mysqld.service
# systemctl enable mysqld.service
Run the command below to setup root password for the MySQL/MariaDB and choose the default options after setting up the new password.
# mysql_secure_installation
4) PHP and Apache Configuration
To configure PHP configurations, Open its default file with a text editor and update its parameters as shown.
[root@open-audit ~]# vim /etc/php.ini
# sed -i -e 's/memory_limit/;memory_limit/g' /etc/php.ini
# echo "memory_limit = 512M" >> /etc/php.ini
# sed -i -e 's/max_execution_time/;max_execution_time/g' /etc/php.ini
# echo "max_execution_time = 300" >> /etc/php.ini
# sed -i -e 's/max_input_time/;max_input_time/g' /etc/php.ini
# echo "max_input_time = 600" >> /etc/php.ini
# sed -i -e 's/error_reporting/;error_reporting/g' /etc/php.ini
# echo "error_reporting = E_ALL" >> /etc/php.ini
# sed -i -e 's/display_errors/;display_errors/g' /etc/php.ini
# echo "display_errors = On" >> /etc/php.ini
# sed -i -e 's/upload_max_filesize/;upload_max_filesize/g' /etc/php.ini
# echo "upload_max_filesize = 10M" >> /etc/php.ini
# sed -i -e 's/date.timezone/;date.timezone/g' /etc/php.ini
# echo "date.timezone = Europe/London" >> /etc/php.ini
Now configure the hostname in configuration file of apache web server using below command.
# echo "ServerName open-audit" >> /etc/httpd/conf/httpd.conf
Then change the shell for Apache and restart its services to take effect of the changes made.
[root@open-audit ~]# chsh -s /bin/bash apache
Changing shell for apache.
Shell changed.
[root@open-audit ~]# systemctl restart httpd.service
Using the commands below we will setup the SUID for the nmap binary so that it be used for apache front end to run scripts which call nmap.
[root@open-audit ~]# chmod u+s /usr/bin/nmap
Now run the below command and make sure that you see the IP Address of your Open-AudIT server.
[root@open-audit ~]# ifconfig | grep -Eo 'inet (addr:)?([0-9]*\.){3}[0-9]*' | grep -Eo '([0-9]*\.){3}[0-9]*' | grep -v '127.0.0.1'
172.25.10.173
It looks great, now our next step is to move forward to start the installation of Open-Audit after downloading its latest package.
Installing Open-Audit
To install Open-Audit, Let's Open the Offical Download Page of Open-Audit to get its latest package put your information.
Or use the the command below after copying the download source to get its package on your server.
# wget http://dl-openaudit.opmantek.com/OAE-Linux-x86_64-release_1.8.4.tar.gz
Extract the package into '/usr/local' directory using below command.
# tar -zxvf OAE-Linux-x86_64-release_1.8.4.tar.gz -C /usr/local/
Once the package is extracted move to that directory and run the installation script using below command.
[root@open-audit Open-AudIT-1.8.4]# ./installer -t /var/www/html/oa
Here you might come across the below error in CentOS 7.
Can't locate version.pm in @INC (@INC contains: /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5 .) at ./installer line 38.
BEGIN failed--compilation aborted at ./installer line 38.
To fix, Open the installation script using any editor and comment out line number 38.
After that re run the installation script and it will show that the installer will install Open-AudIT into /var/www/html/oa.
Press "Y" key or Hit to proceed then you will see that a number steps will be performed by this installation script including "Web access", "Updating YUM metadata cache", "Checking Installed Packages" and will also install the missing packages. So, you don't need to worry about if you missed any package to be installed. After that a list of following post installation operations will be performed.
The installation script will integrates Open-Audit with Apache and Databases, where you will be asked to provide the password for the root user.
++++++++++++++++++++++++++++++++++++++++++++++++++++++
Integration of Open-AudIT with Apache
++++++++++++++++++++++++++++++++++++++++++++++++++++++Ok to install the updated Apache proxy config file?
Type 'y' or hit to accept, any other key for 'no':
Restarting Apache++++++++++++++++++++++++++++++++++++++++++++++++++++++
Installing Open-AudIT files
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Copying Open-AudIT Web files
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Open-AudIT Database Setup
++++++++++++++++++++++++++++++++++++++++++++++++++++++We require the MySQL root user credentials to create the database and user.
Enter the MySQL root user's password:
After performing final update operations and Adjusting Open-AudIT for standalone operation to setup Opmantek Daemon Startup, the installation process will be completed as shown below.
Open-Audit Web Access
Let's Open you web browser and give your server's IP or FQDN in the address bar then click on the Open Audit button to get started with Open Audit.
Then login with default credentials providing the user and password after that change the credentials.
Upon successful credentials you will directed toward the welcome screen of Open Audit as shown.
Now you free to use Open Audit by using its admin web console to discover new devices, adding new devices and groups of your choice.
Conclusion
At the end end of this article you have learned the installation of Open-Audit on CentOS 7/6 with LAMP stack and able to scan your system for auditing as well as adding new devices using its discovery or manually. This is one of the best and most important tool mostly used in large enterprise environments to keep record of their infrastructure.
The post How to Install Open-audIT on CentOS 6 / 7 appeared first on LinOxide.