Standalone audit systemhound 2007
From systemhoundwiki
Contents |
systemhound 2007 standalone audit
Introduction
systemhound standalone audit is designed either for auditing machines not connected to the network or for machines on which you do not wish to install systemhound client software.
The standalone audit procedure has two processes:
1. create the initial build of the standalone audit application.
2. run the standalone audit on client PCs.
The following guide takes you through the process of customising the standalone application by running the through the ’build’ process initiated by the standalone audit wizard. The wizard also enables you to configure where the audit log files should be stored and there is an option to email them via SMTP.
The screenshot below of the standalone audit program shows the customisable elements of the user interface which include the title, bitmap and welcome message.
Figure 1
Building the standalone audit application
To build a customised standalone audit launch the "standalone audit wizard"
Figure 2
Click next to begin the configuration process and on the next page click "change bitmap" to browse for an alternate bitmap.
Figure 3
Once the required image has been selected click next. On the next page you should enter the text message you wish the person who is running the application to see. Click next once the text is entered.
Figure 4
On the next page choose how you wish the log files to be collected and stored by the tool.
- If you intend to store the log files on a common file shared which end-users have access to or if you wish to store the log files in the same location as the audit tool (such as a USB drive/key ring) then please select file system.
- If you plan to email the tool to remote users and collect the log file via email select SMTP. To use SMTP you will require details of SMTP server that accepts anonymous logon.
Figure 5
Sending via SMTP
If you chose SMTP fill in the details as required. As shown in the screenshot, environment variables are supported for the email subject and email ’from’ name. Once details have been entered, please click the ’send test email’ button to test the connection to the SMTP server.
Figure 6
Saving to shared directories
If you chose to store the log files on a shared drive you have two options.
1. Choose to save the logs to the same location as the standalone audit tool. Use this option your users will run the tool from different drive letters e.g. if you plan to run the tool from a USB drive/key ring.
2. Alternatively hardcode the full path to a shared drive on the network (UNC can be used) – this option is useful if you plan to email the executable out to users to run manually but you wish the log files to be collected centrally.
Figure 7
Click next and enter the window title for the application or accept the default.
Figure 8
Click next and select the location for the wizard to save the standalone audit tool to. The default location is the Windows desktop.
Figure 9
Click next to build the executable.
Figure 10 Compiling
Once compilation is complete the standalone audit executable is ready for use.
Figure 11 Finished
Launching standalone audit
The finished standalone audit executable can either be launched directly by double clicking the executable which will start the application in full mode (Figure 12) or in minimised mode (Figure 13) by running the application with the command line argument AUTO. In ’auto’ mode the application automatically performs the audit and exits without user intervention and is intended for use within logon scripts.
Example of command line:
Standaloneaudit.exe AUTO
|
|
Importing audit data
Each time the standalone audit completes, a per machine zip file of audit details is created. The standalone audit wizard is used to load these zip files into the systemhound website.
On the systemhound server, launch the standalone audit wizard. The following wizard page is displayed. Click the 'Import Log files' button on the first screen and the following screen will be displayed..
Alternatively the application can be launched in import mode from the command line: "C:\Program Files\systemhound\Utils\StandaloneAudit\StandaloneAuditWizard.exe" IMPORT
Figure 14
Select the directory where the machine zips (Figure 15) are located and click next.
Figure 15
Click next and start the import process.
After each audit zip file is successfully processed, it is renamed to have the file extension ".processed" so it is not processed by the tool again.
Once all files have been processed the final summary screen is displayed
Figure 16
