|
<< Click to Display Table of Contents >> RayVentory Scan Engine > 12.6 u4 > User Guide > Command-Line Tools Remote Inventory for Unix / Linux (RIU) |
Use the program to run a remote OS inventory on Linux and unix-like target platforms. See the online help of the program for arguments that allow customization. The program may use credentials passed to it via the command-line for authentication against the target hosts. This program comes with a built-in credential store, a target database, and job management.
Remote Inventory for Unix / Linux (RemoteInventory4Unix.exe) is a command-line oriented tool for generating inventories from remote machines running different unixoid plattforms including different flavors of Linux.
The RIU tool can be operated in two modes:
•Batch mode
Allows you to manually create job files, target hosts, or automatically create job files from the content of target files while specifying simple credential store files with optional encryption. During startup RIU looks for job files, checks their status, and continues them until all job items (target machines) reached one of the end-states (Success, AuthenticationFailure).
•Single mode
Allows you to specify a singe host as a target machine
RIU generates inventories by connection to a target machine via SSH and performing different built-in shell commands and system utilities to determine the platform and architecture characteristics. According to those characteristics, it gathers hard- and software inventory relevant data by running further commands and by parsing and evaluating their results to store them in an inventory file for each target machine. Then the resulting NDI file is uploaded to an inventory data sink like RayVentory Scan Engine, RayVentory Server, and RayManageSoft or it is stored in the local file system.
The command-line arguments are passed to RIU as name-value pairs. Flags are set by their name.
RemoteInventory4Unix.exe [<argument-name>=<value>|<flag-name>]...
Name |
Type |
Description |
|---|---|---|
addhosts |
TEXT |
Add hosts from a .csv file to the targets. Each line of the file must be in the format: hostname[,port][,hostkey] Mind that port and hostkey are optional. |
authKey |
TEXT |
Fallback authentication key in the OpenSSH format. This is used if no authentication key is given for a target. |
authKey.pass |
TEXT |
Passphrase for the fallback authentication key. |
authKeyFile |
TEXT |
Fallback authentication key file in the OpenSSH format. |
conFailureAuthLog |
TEXT |
Enables output of the authentication failure log to the file specified. |
conFailureLog |
TEXT |
Enables output of the connection failure log to the file specified. |
config |
TEXT |
Path to the configuration file. The optional configuration file is an XML file root element Config and sets the values ConsoleRefreshInterval, UploadAddress, and Workers which equal the command-line arguments refresh, upload, and workers. |
conSuccessLog |
TEXT |
Enables output of the connection success log to the file specified. |
credentials.file |
TEXT |
Defaults to credentials.xml: Credentials store file. |
credentials.key |
TEXT |
Encryption key for the passwords in the credentials store file. |
decryptLog |
TEXT |
Decrypting the partially encrpyted log file, given, and exit. |
decryptLog.key |
TEXT |
The key for decrypting the file given by the argument decryptLog. |
DeviceID |
TEXT |
RMS / RV network device ID for inventory binding. |
forceFileName |
TEXT |
Forces the use of supplied file name for the inventory file. |
help |
FLAG |
Shows a usage hint and lists the command-line options. Ignores all other arguments except pause and quits. |
host |
TEXT |
Host to scan. |
host.add |
FLAG |
Adds to the store and exit. Requires: host |
host.key |
TEXT |
Expected host key fingerprint for host authentication. Requires: host |
job |
TEXT |
Job tag / ID (this is supposed to be used by Raynet's inventory / discovery agents, only). |
jobs |
TEXT |
Path to directory for job files. |
mssqlts.connection |
TEXT |
Connection string to a MSSQL DB as source for targets Requires: mssqlts.query. |
mssqlts.query |
TEXT |
Query string for a MSSQL DB as source for targets. Requires: mssqlts.connection |
outputpath |
TEXT |
Path for output. Excludes: upload |
pass |
TEXT |
Fallback password. |
pass.key |
TEXT |
Encryption key for fallback password. |
pause |
FLAG |
Pauses before exit and waits for a single key press. |
port |
INTEGER |
defaults to 22: SSH port on the target host. |
recordHostKeys |
FLAG |
Add the host-keys that were reported by the hosts for hosts which do not have got a host-key, yet. |
refresh |
INTEGER |
Defaults to 5000: Interval for refresh of console and saving of job state in milliseconds. |
rerunAllJobs |
FLAG |
Retry all jobs no matter what their status is. Excludes: retryAllJobs, single, retryAuthFailure. |
retryAllJobs |
FLAG |
Retry all jobs no matter what their status is. Excludes: single |
retryAuthFailure |
FLAG |
Retry targets in jobs which failed due to authentication errors. Excludes: single. |
scanTimeout |
INTEGER |
Timeout in seconds for scanning a single target. Set this this to 0 in order to disable the timeout. |
single |
FLAG |
Run for a single host given on command-line, ignoring all job files. |
successfulHosts |
TEXT |
During job creation, set the targets in the specified list to status Done. Excludes: single |
talkingFileNames |
FLAG |
Use certain bits from the inventory for the inventory file name instead of a generic number. |
targetsfile |
TEXT |
Path to a file with targets. |
upload |
TEXT |
Address for upload. Excludes: outputpath |
user |
TEXT |
Fallback username. |
user.add |
FLAG |
Add the fallback user with password or authentication key and authentication key passphrase to the credentials store and exit. Requires: user |
user.elevpass |
TEXT |
The password that is passed to sudo. Requires: user |
user.sudo |
FLAG |
Indicates that the sudo command is enabled for the fallback user. Requires: user |
user.super |
FLAG |
Indicates that the fallback user is a super user Requires: user |
user.target |
TEXT |
Regular expression to match the targets (by hostname) that the fallback credentials apply to. Requires: user |
useTargetCache |
FLAG |
Loads targets not from the given sources but from a cache when present or creates the cache. |
verbose |
FLAG |
Log the remote commands. |
workers |
INTEGER |
Maximum number of workers to spawn. |
What privileges are needed depends on what data is needed.
You will need a user with root privileges or that is allowed to sudo, prbrun, or priv to run programs with elevated privileges with or without a keyboard interactive password query.
For example: Without such privileges you will not be able to read inventory and dependency mapping relevant data as for example the BIOS serial number of a VM (to determine which virtual guest system reflects the target machine) or a system enclosure serial number.
Ports in Use
•22 for connecting to the target machine.
•80(443) for HTTP(S) upload to the data sink or 445 for SMB upload to the data sink.