How I setup my network for audits

Alloy Network Inventory is a comprehensive, budget-friendly, easy-to-deploy network inventory solution that provides you with accurate and up-to-date information from every computer on your network.
 

How I setup my network for audits

Postby condabas on Thu Oct 07, 2004 9:16 pm

I hope this can be used as a rough guide for those who are either new or needing some help getting this setup on there network. I have spent some time figuring this all out, and thought that it could save a few of you, some time and headaches.

There are pretty much 2 situations that I know of for Auditing: network machines and off network machines (Telecommuters, Traveling Sales reps, Remote Sites). Either one is simple to setup and run once you get to know the system.

First the Networked machines:

I have setup 3 different audit configurations for my network: Monthly, silent, Interactive. Each one was created in the audit deployment wizard. This is why I have done this:

The monthly audit is a given, this will run every month based on the date on the ina32.ini file in the %winnt% directory. The monthly configuration is what is setup in my scripts to run everytime a user logs into the network. My script looks like this for it:

start \\serverpcauditsmonthlyina32.exe
exit \\serverpcauditsmonthlyina32.exe

and my ina32.cfg looks like this:

Path=\\serverpcauditsmonthly
DataPath=\\serverpcauditsAuditdata
LogPath=\\serverpcauditsLog
StrictSchedule=1
ModeInteractive=0
ModeSilent=1
ModeInteractiveOnce=0
EnableCancel=1
EnableSaveTo=1
ShowUserName=1
ShowEMail=0
ShowProgress=0
AT_AssetTag=0
AT_SerialNumber=0
AT_ComputerName=1
AT_Manual=0
AT_Smart=0
EditAssetTag=0
EL_Period=5
EL_App=1
EL_Security=1
EL_System=1
EL_Error=1
EL_Warning=1
EL_Info=1
InventorySchedule=Monthly
FileScanSchedule=Monthly

This will output the results to the \\serverpcauditsauditdata folder. I do this becuase I have 2 other audit configurations outputing to this file location as well, which makes it easier to bring all the audit info into AN from one location.

I use a silent audit (\\serverpcauditssilentina32.exe) to manually run on a machine that I have just worked on and the user has logged back into (usually a user will need to make sure the changes work under his profile, and this will let me know who's machine it is).

ina32.cfg:

Path=\\serverPcauditsSilent
DataPath=\\serverPcauditsAuditdata
LogPath=\\serverPcauditsLog
StrictSchedule=0
ModeInteractive=0
ModeSilent=1
ModeInteractiveOnce=0
EnableCancel=1
EnableSaveTo=1
ShowUserName=1
ShowEMail=0
ShowProgress=0
AT_AssetTag=0
AT_SerialNumber=0
AT_ComputerName=1
AT_Manual=0
AT_Smart=0
EditAssetTag=0
EL_Period=5
EL_App=1
EL_Security=1
EL_System=1
EL_Error=1
EL_Warning=1
EL_Info=1
InventorySchedule=
FileScanSchedule=

I have an Interactive configuration (\\serverpcauditsinteractiveina32.exe) outputting to \\serverpcauditsauditdata. I use the interactive audit when I work on a machine and the user is not there to log into it. I can run this audit and input the username and email address so my audit comes out correct (for not showing me as the logged user for the machine, rather annoying sometimes)

ina32.cfg:

Path=\\serverPcauditsinteractive
DataPath=\\serverPcauditsAuditdata
LogPath=\\serverPcauditsLog
StrictSchedule=0
ModeInteractive=1
ModeSilent=0
ModeInteractiveOnce=0
EnableCancel=1
EnableSaveTo=1
ShowUserName=1
ShowEMail=1
ShowProgress=1
AT_AssetTag=0
AT_SerialNumber=0
AT_ComputerName=1
AT_Manual=0
AT_Smart=0
EditAssetTag=0
EL_Period=5
EL_App=1
EL_Security=1
EL_System=1
EL_Error=1
EL_Warning=1
EL_Info=1
InventorySchedule=
FileScanSchedule=


The Off Network or Remote machines

The tricky part was figuring out how to do some of the off network users. I first tried the "put the audit on disk and run on each machine" way but it just takes too much time and work. If its a remote location that you can remote into, the easy thing would be to create a local audit location, run it on a schedule, and FTP the results back to home base. The real issue is with the traveling machines or ones that never connect to the network. Well, I think I have finally figured it out. This is what I have come up with, it was a little involved to get setup but I think its the easiest to do.

You will need 2 applications for this: sendemail (GPL license = free) "http://caspian.dotconf.net/menu/Software/SendEmail/" and a zip program. What I want to do is automate a scan and have the results sent to an email address. I had to setup the remote machine with a c:audit folder with an interactive or silent audit configuration. I have 3 files in this folder (ina32.cfg, ina32.exe, sendemail.exe). I also have winzip installed on the machine.

My ina32.cfg is like this:

Path=c:audit
DataPath=c:auditAuditdata
LogPath=c:auditLog
StrictSchedule=0
ModeInteractive=1
ModeSilent=0
ModeInteractiveOnce=0
EnableCancel=1
EnableSaveTo=1
ShowUserName=1
ShowEMail=1
ShowProgress=1
AT_AssetTag=0
AT_SerialNumber=0
AT_ComputerName=1
AT_Manual=0
AT_Smart=0
EditAssetTag=0
EL_Period=5
EL_App=1
EL_Security=1
EL_System=1
EL_Error=1
EL_Warning=1
EL_Info=1
InventorySchedule=
FileScanSchedule=

The batch file I have created:

del c:auditauditdata*.scn
del c:auditauditdata*.adt
del c:auditaudit.zip
start /wait c:auditina32.exe
cd
cdprogram fileswinzip
start /wait winzip32.exe -min -a c:auditaudit.zip c:auditauditdata*.*
cd
cd
cdaudit
sendemail.exe -f from@me.net -t to@you.com -s mail.server.net:25 -u "Audit file from user" -m "here it is" -a audit.zip

What this does is first deletes my last ran audit on the machine, runs a new audit, zips up the results, and then emails me them. From there, I can manually move the audit results into \\serverpcauditsauditdata folder for importing into AN. The only hangup on this is that I need the user to run the batch file while they have an internet connection. If anybody can tell me how to get these results into an email that sits in there email clients outbox, please let me know.

This is what I have done, I would be interested in seeing how some others have setup there audits, I know there could be points that I am missing here.
condabas
Senior
 
Posts: 42
Joined: Mon Jul 07, 2003 11:52 am
Location: Seattle, WA

Postby bstadtherr on Fri Oct 08, 2004 11:25 am

I'd try out this gal's solution.
http://www.codeproject.com/shell/sendtomail.asp
bstadtherr
Junior
 
Posts: 2
Joined: Tue Sep 07, 2004 2:21 pm
Location: Minneapolis, MN

Postby omarr on Fri Oct 08, 2004 2:47 pm

For the sendemail app, can it use wildcards for the subject and/or the zip file? I looked at the site to get sendemail but could not find any useful info.
omarr
Newbie
 
Posts: 1
Joined: Tue Apr 22, 2003 3:01 pm
Location: Atlanta, Georgia

Postby condabas on Fri Oct 08, 2004 4:06 pm

Nope, thats why I had to use winzip to zip the files. It can use wildcards when zipping files.
condabas
Senior
 
Posts: 42
Joined: Mon Jul 07, 2003 11:52 am
Location: Seattle, WA


Return to Alloy Network Inventory 4

Who is online

Users browsing this forum: No registered users and 2 guests

cron