Online Help

Linux Inventory Analyzer

Updated in 2023.1

The Linux Inventory Analyzer is an Alloy Software audit agent that collects inventory data on computers running Linux operating system. The analyzer (code name lina) is deployed onto the client side running the audit outside of Alloy Discovery. The collected inventory data is stored in the audit snapshots, which are saved in the specified location or transferred via FTP (or email) back to Alloy Discovery.

Alloy Discovery offers various audit methods based on using standalone audit agent:

Some methods involve installing the audit agent on target computers. Other methods are based on deployment of the Inventory Analyzer package to a target location (a network share or a flash drive) and running the audit from that location.

The Linux Inventory Analyzer package may include the following files and folders:

  • lina24: the Linux Inventory Analyzer executable for Linux kernel version 2.4 and earlier
  • lina26: the Linux Inventory Analyzer executable for Linux kernel version 2.6 and later
  • lina: the script to launch the proper Linux Inventory Analyzer executable
  • lina.ini: the Linux Inventory Analyzer configuration file
  • AuditData (for the Portable Audit): the folder where the resulting audit snapshots will be placed

The Linux Inventory Analyzer produces the following output files:

  • .adt: binary files containing up-to-the-minute hardware and software inventory details of the audited computers
  • .log (optional): text files containing status details of the audit operations

When configured, the Linux Inventory Analyzer may also generate additional files that can be used by our Support Team.

Linux Inventory Analyzer configuration file

When launched, the Linux Inventory Analyzer attempts to find its configuration file. This file contains the configuration parameters that will govern the Analyzer's operation each time it runs. The configuration file is produced from within your Alloy Discovery, when you create an Audit Agent installer or package.

This lina.ini configuration file may contain zero or more of the following lines in any order. The values are for illustrative purposes only. Some lines are mutually exclusive: either the output file, FTP settings, or email settings can be specified, but not all of them.

ftp-type=FTP/FTPS
ftp-server=smtp.example.com
ftp-port=22
ftp-dir=/alloyaudit
ftp-username=username
ftp-password=[encrypted]
ftp-passive-mode=yes
ftp-ssl=yes/no
mail=collector@example.com
mail-from=sender@example.com
smtp-server=smtp.example.com
smtp-port=25
username=jdoe
password=[encrypted]
out-dir=./AuditData
SoftwareRegistryScanEnabled=yes/no
TargetCollection=sitename

NOTE: While plain text passwords are permitted, we strongly advise against using them for security reasons. When you create the configuration file within the Alloy Discovery application, passwords are stored encrypted.

It's very important that the lina.ini file resides in the same folder as the Linux Inventory Analyzer executable (lina), since it contains the necessary configuration settings for the analyzer.

Transfer audit snapshots via email

There are several ways to send audit snapshots from remote Linux computers via email:

  • Send the snapshots via SMTP server. To use this option, create a Site with the E-mail Audit Source in Alloy Discovery (for details, see Creating Sites). Make sure all the SMTP-related parameters are specified (-sp, -ss and -p with -u if your SMTP server requires authentication).

  • Send the snapshots using a Mail Transfer Agent (MTA). To use this option, execute "./lina -m collector@example.com" (make sure to replace an example e-mail address of the recipient with the real one) from the command line. The snapshots will be sent directly to the specified e-mail address via the sendmail-compatible MTA installed locally.

Running the Linux Inventory Analyzer

Regardless on your Linux kernel version, use lina to launch Linux Inventory Analyzer, and the script will launch the proper executable. There are several ways to launch the Linux Inventory Analyzer:

  • Launch the Linux Inventory Analyzer from the command line without command-line switches. This way, the Linux Inventory Analyzer will use the configuration settings from the lina.ini configuration file, if the file was created.

  • Launch the Linux Inventory Analyzer from the command line using command-line switches. If you run the Linux Inventory Analyzer with command-line parameters (switches), those parameters will override the lina.ini file settings.

  • Create a schedule to run the Linux Inventory Analyzer automatically.

Command-line options for lina

After reading the lina.ini configuration file, the audit agent attempts to read its command line. Command-line parameters take precedence over the configuration file. The command-line options can include the following:

Option Description

-h, --help

print these command-line options

-m, --mail collector@example.com

send snapshot to collector@example.com
-mf, --mail-from sender@example.com set 'From' field to sender@example.com
-of, --out-file report.adt store snapshot in report.adt file
-od, --out-dir /var/audit/ store snapshot file in /var/audit/ folder
-sp, --smtp-port 25 port SMTP server listens on
-ss, --smtp-server smtp.example.com send e-mail via SMTP server
-u, --username jdoe username for SMTP authentication
-p, --password verysecret password for SMTP authentication
-V, --version display program version and exit
-v, --verbose verbose output

Note that certain parameters are mutually exclusive: either output file or e-mail address can be specified, but not both.

NOTE: If you want to send the audit results over FTP, use the configuration file.

If you want to use an MTA for sending audit results, specify only e-mail address (and the sender address, if needed). If you want to send e-mail via SMTP, specify all SMTP-related options as well (-sp, -ss and -p with -u if your SMTP server requires authentication).

If output file name is not explicitly specified in the .ini file or with the --out-file option, it is assigned automatically. The format is hostname_macaddress.adt. If neither hostname nor MAC address can be determined, then the file is named lina.adt.

Automating audit on client machines running Linux

You can create a schedule to run Linux Inventory Analyzer automatically. One of the ways to automate the task is to use the cron daemon. The cron program is used to schedule various cron jobs such as running some programs overnight.

For example, you could add the following line to the crontab schedule:

5 0 * * * /usr/local/bin/lina -m collector@example.com

As a result, Linux Inventory Analyzer, which script resides in /usr/local/bin, will audit the computer daily at 00:05 AM and will send the generated audit snapshot files via e-mail to collector@example.com.

For details on scheduling tasks using crontab, see the crontab(1) and crontab(5) man pages.

Running lina from a Windows share

In many cases it may be easier to run the Linux Inventory Analyzer directly from a Windows share to avoid moving audit snapshots to a central network location and managing Linux Inventory Analyzer versions from a decentralized location.

The following sample script will connect to a Windows file share using the SMB protocol, run the Linux Inventory Analyzer from that share, and automatically save the .adt file in the proper location.

This sample script requires the following:

  • an SMB client (Samba) is installed on Linux machines;
  • a shared folder is configured on a Windows machine;
  • the script is run with root privileges.

The script will verify root privileges, mount the share using the SMB protocol, run the Linux Inventory Analyzer, and then unmount the share.

Before running you must replace the variables in the script such as SHARENAME, USERNAME, PASSWORD, and MOUNTPOINT.

# !/bin/sh
# Script for running lina from a Windows share

# Change these variables to match your environment
SHARENAME="//<server>/<sharename>"
USERNAME="<username>"
PASSWORD="<password>"
MOUNTPOINT="/mnt/ina"

ROOT_UID=0	# Only users with $UID 0 have root privileges
E_NOTROOT=67	# Non-root exit error

# Verify root privileges
if [ "$UID" -ne "$ROOT_UID" ]
then
echo "Must be root to run this script"
exit $E_NOTROOT
fi

# Connect to the Windows share
echo "Connecting to the Windows share"
mkdir $MOUNTPOINT
chmod 777 $MOUNTPOINT

# For the most of Linux distributions
mount -t cifs -o username=$USERNAME,password=$PASSWORD $SHARENAME $MOUNTPOINT

# Uncomment if the mount.cifs helper is available
# Make sure that the PATH environment variable contains
# the mount.cifs directory (typically, /sbin)

# mount.cifs $SHARENAME $MOUNTPOINT -o username=$USERNAME,password=$PASSWORD

# Uncomment for older Linux distributions
# (such as Red Hat Enterprise 4 and earlier and Debian 3 and earlier)

# mount -t smbfs -o username=$USERNAME,password=$PASSWORD $SHARENAME $MOUNTPOINT

# Run Linux Inventory Analyzer
echo "Running Linux Inventory Analyzer"
cd $MOUNTPOINT
$MOUNTPOINT/lina

# Unmount the $MOUNTPOINT share
echo "Unmounting the $MOUNTPOINT share"
cd /
umount $MOUNTPOINT

# Delete the temporary files
echo "Deleting the temporary files"
rmdir $MOUNTPOINT
echo "All done"

exit