Inventory of system components, logs and active services

Right now, I have a dilemma. I need to come up with a (hopefully) non-interactive solution to gather auditing and data collection on a number of Windows and RHEL servers we own in a private cloud environment (we are talking about 40+ servers in all).

On Windows servers, we are using a freeware tool called WinAudit. It gives us pretty much what we need to know (even though it's not an automated application).

However, on our RHEL servers, there is no application that we have found that can collect all the information we need (as seen above) and put this into a readable text file for each system. I was considering on using Spiceworks, but this application required root-permissive ssh access to the RHEL servers and due to our guidelines, the root account is not accessible via ssh directly (root is only accessible via 'sudo'). I was thinking of trying to use SNMP for each of the RHEL servers, but discovered there is a limitation as it cannot actually print out each of the configuration/variables I am seeking for audit needs.

So, I am looking for a script, series of scripts or even a program that can be run from a central collection server that can obtain the following information from RHEL servers for auditing purposes:

- Installed software version and patches
- Error logs (i.e. syslog)
- Server security related settings
-- Configured ports (i.e. open ports and what applications are hooked to them)
-- Configured services (i.e. running processes, apache, java, etc)
-- Configured networks (i.e. ethernet settings)
-- Configured firewall (i.e. iptables)

The first one could most likely be done with just running 'yum list installed' on each RHEL server instance.
The second one could possibly be done with a syslog-ng setup on each server, then reporting back to a main server.
As for the third, I have no idea how to even consider this one as the are many parts to it -- especially since the final output needs to be in a report-like format.

Anyone know a site or application or have a group of scripts that has something about what I am looking for? Also, if someone has a better solution for the Windows aspect, I would be willing to look at this as well.
LVL 29
Michael WorshamInfrastructure / Solutions ArchitectAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
Michael WorshamConnect With a Mentor Infrastructure / Solutions ArchitectAuthor Commented:
I found the best way was to just develop my own auditing script from the ground up. Our documentation librarian approved it as it providers all of the information that was needed for covering both FIPS and NIST requirements.

I am attaching a copy of it here if anyone wants to use it for their RHEL, Fedora or CentOS server environment.

rhel-audit.txt
0
 
halejr1Commented:
I use spiceworks, and some administrators I know have had some difficulty with it because it is so easy.  And free too.

www.spiceworks.com

I've loaded it on my local desktop to test, and then to a dedicated network machine for live auditing and management.  Pretty good stuff, for free.

I recommend giving it a try.
0
 
Michael WorshamInfrastructure / Solutions ArchitectAuthor Commented:
I guess you didn't read very closely, but I already stated I tried using Spiceworks. Do to Spiceworks limitations with requiring a 'root' account for doing its system inventory and package checks, it isn't a viable solution in this aspect.
0
The new generation of project management tools

With monday.com’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

 
ygouthamCommented:
i have used ocs inventory
www.ocsinventory-ng.org

you can get all the information on hardware, hard disks, ram, and a great many other details with this freeware

the second option is to run cacti which is again a freeware which uses snmp monitoring for the said activities  available from www.cacti.net
0
 
Michael WorshamInfrastructure / Solutions ArchitectAuthor Commented:
I will take a look at the ocsinventory-ng application. Hopefully it won't have the same limitations as Spiceworks does.

As for cacti, I thought that was geared more of metric nneds (i.e. traffic) than for system inventory and checking against running services.
0
 
halejr1Commented:
Sorry MWE, missed the spiceworks comment.  Glad you found a solution that meets your needs!

Cheers!
0
 
gmckeown99Commented:
I use OCS Inventory http://www.ocsinventory-ng.org/ It's quite powerful and has lots of config options.
0
All Courses

From novice to tech pro — start learning today.