kaud — Offline Audit utility

In some cases you might want to gather a hardware and (optional) software audit (inventory) in special cases:

A Computer which does not have a network connection to the KeyServer.

A computer which is online, but you want to perform a one time “clientless” audit without actually installing KeyAccess.

A computer which is online and you want to set up regular audits but do not want the active KeyAccess agent recording Usage data.

The kaud utility allows you to save audit data to a file, then upload the data in this file to KeyServer, or save it for future upload from a different computer. You can find the OS-specific versions of kaud in each platform's Installers/Misc folder in the Sassafras Software image archive.

Clientless audit

If a computer has a network connection and can reach KeyServer, you can use kaud to do a clientless audit, without installing the KeyAccess client. The easiest way to do this is to rename the kaud using the pattern kaud@keyserver.example.org.exe. Then this executable can be launched without any command line parameters (e.g. by double clicking) and it will scan, then upload to keyserver.example.org. However, you may want to specify other parameters like the Computer ID

Command line options

There are various command line options available to kaud. For a computer that cannot reach KeyServer, you will generally run it once to perform a scan and save to a file, then run it a second time from a second computer to upload the data in this file to KeyServer.

kaud scan -o /path/to/directory

An audit is performed, and the results are saved in a file. This will create a file in /path/to/directory, with the name "filename.dat", where "filename" is the computer ID.

kaud upload -h keyserver.domain.org filename.dat [filename2.dat ...]

One or more .dat files produced using kaud scan will be uploaded to the KeyServer at keyserver.domain.org.

kaud scan-upload -h keyserver.domain.org

This is equivalent to doing a scan, followed by an immediate upload using the file that was produced. This is useful for a one-time, or “clientless” audit of a computer which can reach KeyServer. In this case the audit file is put in the temp directory.

-m

Audit hardware only, no Programs. Can only be used with the scan or scan-upload options.

-i

Specify the computer ID type. For example, -i B will use Serial instead of the default MAC.

Run kaud help to see more options, or contact Sassafras Software with questions.

Further Considerations

Note that in order to upload data, kaud must connect to KeyServer. This of course means any firewalls or other network configuration must allow the communication. While not typical, it also means that Client Authentication can not be required as no passwords can be passed.

One simple approach then is to put kaud (for various platforms) on a USB drive. Then take the drive to each off-net computer and double-click the right kaud for that platform. Once you have gathered the audits you need, take the drive to a computer that is on the network and do something like kaud upload -h keyserver.domain.org file1.dat for each dat file (note that on mac or linux you can use "*.dat" to send all .dat files, but on Windows all files will have to be listed).

If KeyAccess is installed on the computer where you are using kaud to gather data, there are some additional notes:

• kaud will gather and submit "Last Used" dates as part of the audit. KeyAccess does not need to be able to reach the KeyServer for this functionality.
• kaud will use the Computer ID set by KeyAccess/KeyServer for that computer rather than the default MAC ID. If KeyAccess has never talked to the server, this remains MAC by default and can be customized at command line per above.

Scheduling

Since kaud is a command line program it can be run on a schedule (e.g. Windows Task Scheduler or cron). There are a few scenarios where this might be useful. For example, since kaud generates a full audit each time it runs, it could take up to 20 minutes for the audit to complete. Instead of waiting at each computer for the audit to finish, if kaud is scheduled to run an audit periodically, someone can go to the offline computers and gather the most recent audit files (instead of running kaud manually). Similarly, perhaps there is a group of computers that share a server, but are quarantined from the rest of the network (and from KeyServer). These computers could periodically run kaud and store the offline audit on the server. Then gathering the files is easy, and they can be uploaded to KeyServer from a computer that is on the KeyServer network. Of course if you simply have systems you wish to audit but not have the KeyAccess client installed on for usage tracking, you can schedule kaud with the upload option to have lightweight yet automated clientless inventory.