Baselines in Open-AudIT

by Blog Post, Open-AudIT

Our new major feature for 1.10 is the beginning of our Baselines feature. This is not finished as yet (in 1.10), but we wanted it out there for feedback. Baselines in Open-AudIT Enterprise allow you to take the details of one machine (say it’s software list) and use that as a basis for comparison against another machine or group of machines.

Being able to determine which machines are configured the same is a major part of systems administration and auditing – and now reporting on that will be made simple and automated. Once you define your baseline it will automatically run against a set of devices on a predetermined schedule. The output of these executed baselines will be available for web viewing, importing into a third party system or even as a printed report.

For example – you might create a baseline from a device running Centos 6 which acts as one of your apache servers in a cluster. You know this particular server is configured just the way you want it but you’re unsure if other servers in the cluster are configured exactly the same. Baselines enables you to determine this.

So you can say “Take the software installed on device X and tell me where it’s different on all the machines in the Web Servers group.”

You get a nice GUI interface showing which machines did or did not meet the expected software install state. You can also apply this to users and netstat ports. Other tables will be introduced in the future.

Our initial release (in 1.10) is functional but not yet complete. You can create a baseline, run it against a group of devices and view the results in a web browser. We plan to add scheduled execution, more tables for comparison (currently only software, netstat ports and users are enabled), in place baseline and policy editing, archiving of results, exporting of results and more.

A sample baseline definition screen is below. In this example we show a baseline consisting of software policies targeted at Centos 6 devices.

Baseline Edit - 700
Once this has been run against our target group we have a result which is below.
Baseline Result - 700
From our result page we can inspect individual devices or individual policies for compliance.

Once we have completed the implementation of Baselines in Open-AudIT you will see how powerful this feature can be for reporting items like compliance, ensuring device consistency and more. Stay tuned for more Baselines in our next Open-AudIT release!

Terms:

Baseline – the overarching document that contains the baseline definition and the individual policy tests.

Policies – The individual tests contained within a Baseline. Each test is for a specific item. An example would be testing for SSH version 1.2.3.

Recent Posts

Automation, is it just a buzzword?

When you hear Opmantek refer to ‘Automation’, it’s not just a buzzword – it’s kind of a big deal! But..what exactly is it, and why should you care? Let’s get to the nuts and bolts of it. Robotic Process Automation (RPA) focuses on automating human processes and...

How SMEs can manage their Network Faults using Event Actions

Fault management is the process of detecting, analysing and responding to faults in a system. It is an essential part of any IT infrastructure because it helps maintain availability and quality of service for applications.   Event actions, inside opEvents,...

Why Configuration & Compliance Management Is Crucial

Network security is of paramount concern for all businesses in 2021 and beyond, one facet of network security that should be at the forefront of most organizations is Configuration and Compliance Management. Creating and enforcing configuration and compliance...

4 Best Practices For Automating Your Network Management

This excerpt comes from a blog originally posted on MSP Insights Murphy's Law states: "Anything that can go wrong will go wrong." Equipment always breaks when you're on vacation, often when the on-call engineer is as far away as possible, and with little useful...

Stay up to Date