Open-AudIT Configuration
Key configuration settings in Open-AudIT covering discovery behaviour, change logging, data retention, and how to edit them.
On this page
Configuration
Open-AudIT has a large number of configuration settings that control everything from discovery behaviour to change logging. You can find them all under Menu → Admin → Configuration → List Configuration.
Key Settings to Check After Installation
After a fresh install, it's worth reviewing these settings before running your first discovery:
| Setting | What It Does | Recommendation |
|---|---|---|
default_network_address | The URL that external devices use to reach Open-AudIT (used when copying audit scripts to targets) | Set this to your server's actual IP or hostname |
discovery_limit | Maximum number of parallel discovery processes | Default is 20; increase for faster scanning on capable hardware |
discovery_linux_script_directory | Where the audit script is copied on Linux targets | Default is /tmp/; change if /tmp has noexec set |
log_level | Logging verbosity | Default is 5; set to 7 for detailed debugging |
discovery_ip_exclude | IP addresses to skip during discovery | Add any IPs you never want scanned |
Change Logging
By default, Open-AudIT logs changes to almost every component table — software, disks, network interfaces, services, and more. This is incredibly useful for tracking what changed on a device and when.
The change log settings follow the pattern create_change_log_tablename. Most are enabled by default. You might want to disable change logging for high-churn tables that generate a lot of noise, like ARP (create_change_log_arp) or IP (create_change_log_ip).
Data Retention
Related to change logging is the cleanup of "non-current" data. When a component (e.g., a piece of software) is no longer detected on a device, Open-AudIT marks it as non-current rather than deleting it immediately. Settings like delete_noncurrent_software control whether and when that historical data is deleted.
Discovery Defaults
The discovery_default_scan_option setting controls which Nmap scan profile is used as the default for new discoveries. You can review and customise scan profiles under Menu → Discover → Discovery Scan Options.
Editing Configuration
- Go to Menu → Admin → Configuration → List Configuration
- Use the search box to find the setting you want
- Click the edit icon next to the setting
- Update the value and save
Changes to most configuration items take effect immediately — no restart required.