Running a Discovery

Step-by-step guide to creating and running your first network discovery in Open-AudIT, including advanced options and scheduling.

BeginnerUpdated Apr 10, 2026
On this page

Running a Discovery

This guide walks through running your first network discovery in Open-AudIT. Make sure you've already set up at least one credential set before starting — see Setting Up Credentials.

Creating a Discovery

  1. Go to Menu → Discover → Discoveries → Create Discoveries
  2. Fill in the discovery form:
    • Name — Give it a descriptive name, e.g., "Office LAN - 192.168.1.0/24"
    • Network Address — Enter an IP range, subnet, or single IP. Supported formats:
      • Subnet: 192.168.1.0/24
      • Range: 192.168.1-10.1-254
      • Single IP: 192.168.1.200
  3. Click Submit. You'll be taken to the Discovery Details page.

Running the Discovery

On the Discovery Details page, click the Execute button (the play icon) in the top-right toolbar. Open-AudIT will kick off the discovery process and the log panel at the bottom of the page will start showing activity.

The page refreshes automatically every 20 seconds while the discovery runs. If you want to stop the auto-refresh, click the X in the log panel header — the discovery will keep running in the background.

What to Expect

Discovery happens in stages:

  1. Nmap scan — Open-AudIT uses Nmap to ping sweep the range and identify live hosts.
  2. Port scanning — Each responding IP is scanned for ports 22 (SSH), 135 (WMI), and UDP 161 (SNMP), among others.
  3. Credential testing — Open-AudIT tests your credential sets against each device.
  4. Audit — For devices where credentials work, an audit script is copied to the device (or WMI/SSH queries are run), executed, and the results are returned to Open-AudIT.
  5. Data storage — Device details are stored or updated in the database.

Warning

The first time a Windows or Linux device is discovered, you may initially see only limited Nmap data. The full audit details appear after the audit script has run and been processed. Give it a few minutes.

Advanced Options

Click the Advanced button on the Create Discoveries form to reveal additional settings, including:

  • Discovery type (Subnet, Active Directory, or Seed — see Discovery Types)
  • Scan options (which Nmap options to use)
  • Credential priority (for Enterprise users)
  • Per-discovery match rules (Enterprise only)

Scheduling Discoveries

Rather than running discoveries manually, you can schedule them to run automatically. Go to Menu → Admin → Tasks to create a scheduled task. You can set a discovery to run daily, weekly, or on any custom schedule.

Tips for Better Discovery Results

  • Limit your scan range to /24 subnets. Larger ranges work but take much longer. Scanning a /16 (65,000+ IPs) can take hours.
  • Use specific credentials. The more accurate your credentials, the faster and more complete the audit.
  • Check firewall rules. Windows WMI requires ports 135 and additional dynamic ports to be open on the target. SSH needs port 22.
  • Start with a single device. If you're troubleshooting, scan a single known IP first before moving to full subnets.
Previous · DocumentationCredentialsDocumentation · NextDiscovery Types

Was this page helpful?