AuditWizard - Using AuditWizard - Administration - Auditing - AuditScanner Configuration

From Layton Support
Jump to: navigation, search

Btn back up.png Back to Contents

Contents

Overview

Aw admin aud scan config.jpg


Ribbon Commands

Aw admin aud scan config ribbon.png

Scanner Configuration

New Configuration: Asks you to save the current configuration, if desired, then a set of defaults is displayed for modification, to become the new configuration.

Load Configuration: Load a saved configuration.

Save Configuration: Save the currently displayed settings with the name that appears in the Scanner Name field. If it already exists, you will be asked to confirm.

Scanner Deployment

Deploy to Network: Writes the Scanner executable and configuration file to the network share. This must be done any time the Scanner configuration is changed, in order to output the settings to the configuration file used by the Scanner executable.

Instant Settings

These settings are the minimum you need in order to use the Scanner.

  1. Go to Administration > Auditing > AuditScanner Configuration.
  2. Enter the name of your network share in UNC format, \\SERVER\SHARE, in the Network Share Folder field. AuditWizard will populate the Data Folder field based on this information.
  3. Click the Save Configuration button. This saves the configuration with the name in the Scanner Name field.
  4. Click the Deploy to Network button. This writes the data and scanner folders to the root of the network share, if not present, then writes AuditScanner.exe and AuditScanner.xml (the Scanner executable and configuration file, respectively) into \\SERVER\SHARE\scanner.

Btn back up.png Back to Contents

Advanced Settings

General Settings

2011-02-22 1155.png

Scanner Name

The name for the scanner you are currently running. In addition to the technique of clicking the New Configuration button as noted above, you can create additional configurations by changing the Scanner name, then saving it, which saves a copy with the new name.

Description

Description of the currently loaded Scanner configuration.

Scanner Mode

Non-Interactive

The scanner runs in the background and is not visible to the user.

Interactive

The scanner is visible to the user so they can fill in custom forms.

Pre-Population of Fields

To have the dialog fields pre-populated with the information entered in the past, disable the Overwrite User-Defined Data upload option.

Overwriting Fields

To have the dialog field pre-populated with the information currently being audited, overwriting any manually entered data from past audits, enable the Overwrite User-Defined Data upload option.

Interactive Options

Click the Interactive Options button to open the Interactive Audit Designer dialog.

Aw scanner interactive 02.png


Allow the User to Cancel the Audit

This setting lets the user stop the audit at any time during the dialog interaction.

Display Basic Asset Information Screen

Fields from the Basic Information tab, viewable when an asset is selected in Network View, will be displayed. Four of these fields can be independently displayed or hidden.

Display Asset Location Screen

A separate page of the dialog will present the location structure so that the user can select where the computer is located.

Display User Defined Data Screen(s)

A separate page of the dialog will present the user-defined fields, one page per user-defined data category.

First Time Interactive

The Scanner runs interactively the first time, then is invisible for subsequent audits. Useful for newly deployed computers that you want to get certain data from, but don't want users to see on a regular basis.

Re-audit Interval

The number of days that will pass before another audit is done. 0 is used to indicate that an audit will be done every time the Scanner runs.

Run Scanner Invisible to the User

Unchecking this option will place a notification icon in the notification area of the taskbar. The icon indicates that the Scanner is running.

Enable Auto-Upload for the results of this Scanner

There is a global setting that you can use to enable or disable automatic uploading in Upload Options. If you want to disable an individual configuration, load the configuration, uncheck this option and save the configuration.

Audited Items

2011-02-22 1153.png

Hardware

Various attributes of the computer. Turn general classes on or off by clicking the Configure button.

Internet Explorer Usage

History of websites visited and stored cookies. Turn these options on or off by clicking the Configure button.

Btn back up.png Back to Contents

File System

You can specify types of files to be scanned.

  1. Check the File System checkbox.
  2. Click the Configure button. The File System Audit Details dialog will open:

    Lsd file system 01.png

  3. The Folder section defines where the Scanner will look for files. To specify a specific folder or folders, click the Specified Folder(s) radio button. Click the Add button and enter a path. You can enter more than one. The paths are literal, i.e. exactly as they appear in a Windows Explorer address field. Wildcards are not supported. Note that in specifying a folder, any subfolders will also be searched, so, for example, to look for all the .pst files, choose C:\Users.

    Lsd file system 02.png
    You can also specify All Folders, but this will increase the time it takes to run an audit.

  4. The Files section lists the files you want to audit. All Executable Files will return any executable file, regardless of name. The files in Specified Files can be specific, such as game.exe or a wildcard can be used, such as *.pst. All Files will return every file and will take a long time.

    Lsd file system 03.png

It's important to note the relationship between the settings in Folders and Files. If you specify a folder or folders but don't specify files, you won't get any results. Similarly, if you configure files to audit and don't specify a folder, then you won't get results. The File System feature looks for the specified files in the specified folders. Note that you may sometimes not get results because those files weren't in that folder, though they may still be on the computer.

Windows Registry

You can specify registry keys to be audited.

  1. Check the Windows Registry checkbox and click the Configure button to open the Audit Registry Keys dialog.

    Lsd reg key01.png

  2. Click the Add Key button to open the Enter Registry Key dialog. Enter a Registry Key Name and Value Name, or click the Browse Registry button Aw btn reg key browse.png to open a dialog to browse to the desired key.

    Aw reg key02.png

  3. Click the OK button to save the Registry key. It will appear in the Enter Registry Key dialog.

    Aw reg key03.png

  4. Click the OK button to close the Enter Registry Key dialog.

Mobile Devices

Audit mobile devices such as phones and PDAs and the files on them. Manage these by clicking the Configure button.

USB Devices

To audiit the presence of USB devices such as flash drives and cameras that appear as storage volumes, check the USB Devices checkbox.

Additionally, the files contained on USB devices can be audited. Click the Configure button.

By default, the No Files radio button is selected. This will audit the presence of drives but none of the files contained on them.

To audit specific files or file types, click the Specified Files radio button and click the Add button to enter a string. Use of an asterisk * will match any character(s), so *.mp3 will audit any MP3 files, Doc*.docx will audit any .docx file beginning with Doc. Document X.docx will audit that precise file name.

Aw admin scanner aud items usb.png


To audit all the files on USB devices, click the All Files radio button.

Click the OK button to save the settings.

Software

Audits the software on a computer.

To configure, check the Software button and click the Configure button.

Aw admin scan config aud item software.png

There are two options:

  • Installed Applications: Any applications that are not part of the operating system
  • Operating System: The operating system itself.

Btn back up.png Back to Contents

Audit Scanner Location

Audit Scanner Location configuration

Here is where you can define where the scanner will be built to. It is recommended that this location be in UNC path notation (\\ServerName\Folder). Users will need at least Read access to this folder. Admins will need Read/Write access if they are building new scanners.

Results Location

Here is where you can specify where the audits will go once a PC has been scanned. There are 3 different methods to send the results of the audit.

Results Location configuration

Network Folder

The Data folder should be specified in UNC path notation. Users and Admins will need Full Access to the folder.

FTP Site

For off-site assets that cannot connect to the network. The audits upload to an FTP site, for later download to the server. Click Details and the following window will be displayed:

FTP Upload Settings.png


Enter the Connection Type, Address, Port, Default Directory, and Login Credentials. Click OK to save the FTP settings.

Removable Media Device

For storage on removable media, specify a folder path in the Data Folder field.

Alert Monitor Settings

Alert Monitor Settings configuration

This is where the basic settings are for activating AlertMonitor and configuring check intervals.

To enable AlertMonitor, check Enable AlertMonitor for this Scanner Configuration. To set specific alerts, go to AlertMonitor Configuration.

Check for Setting Changes Every: X Seconds – This setting denotes how often the Alert Monitor will check for changes on the system.

Check for Alterable Changes Every: X Seconds – This setting tells the Alert Monitor how often to send the changes it has found back to the server.

Select a predefined Alert Monitor Definition: This is where you can select a default trigger that you have setup in AlertMonitor Configuration.

Configuring the Logon Script

When you first install AuditWizard, the Setup Wizard has a step that gives you the strings to use in your logon script. This is reproduced here:

Windows Networks

Add the following line to your Windows Logon Script

   Start \\SERVER\SHARE\scanner\AuditScanner.exe

Novell Networks

Add the following line to your Novell Networks Logon Script

   @\\SERVER\SHARE\scanner\AuditScanner.exe

Rebuild the Scanner

Most upgrades will require the scanner to be rebuilt and redeployed in order to ensure that the latest version is in use. The Release Notes will confirm this. To rebuild the scanner:

  1. Go to Administration > Auditing > AuditScanner Configuration.
  2. Click the Save Configuration button. This saves the configuration with the name in the Scanner Name field.
  3. Click the Deploy to Network button. This writes the data and scanner folders to the root of the network share.

Btn back up.png Back to Contents

Personal tools
Namespaces

Variants
Actions
Main Page
Online User Guides
General Support
Release Notes
Toolbox