Linux Inventory Analyzer
Updated in 2023.1
The
Alloy Discovery offers various audit methods based on using standalone audit agent:
Some methods involve installing the audit agent on target computers. Other methods are based on deployment of the Inventory Analyzer package to a target location (a network share or a flash drive) and running the audit from that location.
The
- lina24: the Linux Inventory Analyzer executable for Linux kernel version 2.4 and earlier
- lina26: the Linux Inventory Analyzer executable for Linux kernel version 2.6 and later
- lina: the script to launch the proper Linux Inventory Analyzer executable
- lina.ini: the
- AuditData (for the Portable Audit): the folder where the resulting audit snapshots will be placed
The
- .adt: binary files containing up-to-the-minute hardware and software inventory details of the audited computers
- .log (optional): text files containing status details of the audit operations
When configured, the
Linux Inventory Analyzer configuration file
When launched, the
This lina.ini
ftp-type=FTP/FTPS
ftp-server=smtp.example.com
ftp-port=22
ftp-dir=/alloyaudit
ftp-username=username
ftp-password=[encrypted]
ftp-passive-mode=yes
ftp-ssl=yes/no
mail=collector@example.com
mail-from=sender@example.com
smtp-server=smtp.example.com
smtp-port=25
username=jdoe
password=[encrypted]
out-dir=./AuditData
SoftwareRegistryScanEnabled=yes/no
TargetCollection=sitenameNOTE: While plain text passwords are permitted, we strongly advise against using them for security reasons. When you create the configuration file within the Alloy Discovery application, passwords are stored encrypted.
It's very important that the lina.ini
Transfer audit snapshots via email
There are several ways to send audit snapshots from remote
-
Send the snapshots via SMTP server. To use this option, create a Site with the E-mail Audit Source in Alloy Discovery (for details, see Creating Sites). Make sure all the SMTP-related parameters are specified (-sp, -ss and -p with -u if your SMTP server requires authentication).
-
Send the snapshots using a Mail Transfer Agent (MTA). To use this option, execute "./
Running the Linux Inventory Analyzer
Regardless on your Linux kernel version, use lina to launch Linux Inventory Analyzer, and the script will launch the proper executable. There are several ways to launch the Linux Inventory Analyzer:
-
Launch the Linux Inventory Analyzer from the command line without command-line switches. This way, the Linux Inventory Analyzer will use the configuration settings from the
lina.iniconfiguration file, if the file was created. -
Launch the Linux Inventory Analyzer from the command line using command-line switches. If you run the Linux Inventory Analyzer with command-line parameters (switches), those parameters will override the
lina.inifile settings. -
Create a schedule to run the Linux Inventory Analyzer automatically.
Command-line options for lina
After reading the lina.ini configuration file, the audit agent attempts to read its command line. Command-line parameters take precedence over the configuration file. The command-line options can include the following:
| Option | Description |
|---|---|
|
|
print these command-line options |
|
|
send snapshot to collector@example.com |
-mf,
--mail-from sender@example.com |
set 'From' field to sender@example.com |
-of, --out-file report.adt |
store snapshot in report.adt file |
-od, --out-dir /var/audit/ |
store snapshot file in /var/audit/ folder |
-sp, --smtp-port 25 |
port SMTP server listens on |
-ss, --smtp-server smtp.example.com |
send e-mail via SMTP server |
-u, --username jdoe |
username for SMTP authentication |
-p, --password verysecret |
password for SMTP authentication |
-V, --version |
display program version and exit |
-v, --verbose |
verbose output |
Note that certain parameters are mutually exclusive: either output file or e-mail address can be specified, but not both.
NOTE: If you want to send the audit results over FTP, use the configuration file.
If you want to use an MTA for sending audit results, specify only e-mail address (and the sender address, if needed). If you want to send e-mail via SMTP, specify all SMTP-related options as well (-sp, -ss and -p with -u if your SMTP server requires authentication).
If output file name is not explicitly specified in the .ini file or with the --out-file option, it is assigned automatically. The format is hostname_macaddress.adt. If neither hostname nor MAC address can be determined, then the file is named
Automating audit on client machines running Linux
You can create a schedule to run Linux Inventory Analyzer automatically. One of the ways to automate the task is to use the cron daemon. The cron program is used to schedule various cron jobs such as running some programs overnight.
For example, you could add the following line to the crontab schedule:
5 0 * * * /usr/local/bin/lina -m collector@example.comAs a result, Linux Inventory Analyzer, which script resides in /usr/local/bin, will audit the computer daily at 00:05 AM and will send the generated audit snapshot files via e-mail to collector@example.com.
For details on scheduling tasks using crontab, see the crontab(1) and crontab(5) man pages.
Running lina from a Windows share
In many cases it may be easier to run the Linux Inventory Analyzer directly from a Windows share to avoid moving audit snapshots to a central network location and managing Linux Inventory Analyzer versions from a decentralized location.
The following sample script will connect to a Windows file share using the SMB protocol, run the Linux Inventory Analyzer from that share, and automatically save the .adt file in the proper location.
This sample script requires the following:
- an SMB client (Samba) is installed on Linux machines;
- a shared folder is configured on a Windows machine;
- the script is run with root privileges.
The script will verify root privileges, mount the share using the SMB protocol, run the Linux Inventory Analyzer, and then unmount the share.
Before running you must replace the variables in the script such as SHARENAME, USERNAME, PASSWORD, and MOUNTPOINT.
# !/bin/sh
# Script for running lina from a Windows share
# Change these variables to match your environment
SHARENAME="//<server>/<sharename>"
USERNAME="<username>"
PASSWORD="<password>"
MOUNTPOINT="/mnt/ina"
ROOT_UID=0 # Only users with $UID 0 have root privileges
E_NOTROOT=67 # Non-root exit error
# Verify root privileges
if [ "$UID" -ne "$ROOT_UID" ]
then
echo "Must be root to run this script"
exit $E_NOTROOT
fi
# Connect to the Windows share
echo "Connecting to the Windows share"
mkdir $MOUNTPOINT
chmod 777 $MOUNTPOINT
# For the most of Linux distributions
mount -t cifs -o username=$USERNAME,password=$PASSWORD $SHARENAME $MOUNTPOINT
# Uncomment if the mount.cifs helper is available
# Make sure that the PATH environment variable contains
# the mount.cifs directory (typically, /sbin)
# mount.cifs $SHARENAME $MOUNTPOINT -o username=$USERNAME,password=$PASSWORD
# Uncomment for older Linux distributions
# (such as Red Hat Enterprise 4 and earlier and Debian 3 and earlier)
# mount -t smbfs -o username=$USERNAME,password=$PASSWORD $SHARENAME $MOUNTPOINT
# Run Linux Inventory Analyzer
echo "Running Linux Inventory Analyzer"
cd $MOUNTPOINT
$MOUNTPOINT/lina
# Unmount the $MOUNTPOINT share
echo "Unmounting the $MOUNTPOINT share"
cd /
umount $MOUNTPOINT
# Delete the temporary files
echo "Deleting the temporary files"
rmdir $MOUNTPOINT
echo "All done"
exit