How To Audit Your Servers In 10 Minutes

By Greg Keller Posted May 6, 2014

Auditing financial documents

Auditing servers is never easy, it’s almost always a time-consuming manual process. And, it’s a process that for the ones auditing the servers is considered time wasted when they’d rather be doing almost anything else. Auditing is needed for inventory purposes, budget planning, capabilities analysis, disaster recovery, security, compliance and a host of other reasons. If you’re in IT, you know this well, and have the scars to prove it.

Depends on who’s asking, but the kinds of things you’re asked for varies a bit:

  1. Where is the server physically located?
  2. What’s the server model?
  3. What’s the server serial number?
  4. What’s the server name?
  5. What kind and speed of CPU?
  6. How much memory does it have?
  7. How much disk space does it have?
  8. What users have access to the system?
  9. Who has root access?
  10. What special privileges do users have?

Where are all my servers?

As far as server location (#1), this is really dependent on where your server is hosted. If it’s hosted in a local data center, the IP address of the server may be sufficient to tell you where it is. If it’s hosted by a cloud provider, the combination of the fully qualified domain name and/or IP address may help. If you need a more specific location, such as rack and bay number, there are systems that help with that type of asset management.

Quick and Dirty Server Assessment Scripts

But, for a quick and dirty assessment of hundreds or thousands of devices, nothing beats a script that runs a few commands and gets info out of /proc. So, when I look at items 2-7 (and to a degree, number 1), my first thought is, I can write a script for that. It looks like:

/usr/sbin/dmidecode/sbin/ifconfig

 

/bin/hostname

/bin/cat /proc/cpuinfo

/bin/cat /proc/meminfo

/bin/df

That gives me all the raw data, and of course if I wanted to, I could embellish that output with grep, sed, and awk: all my favorite command-line tools. But, for now, I’ll just assume that’s an exercise for the reader. The real fun, and the real challenge, is in gathering the data in the first place.

Auditing Your Servers: Three Challenges

Why is it so difficult to audit servers? Well, if you only have a few servers, it’s not, really. Not even close. You can easily go run that script on each of your servers, get the results, be happy, and move on with your life.

The challenge comes in three main areas:

  1. Where do I run it? Of course, you need to figure this out first… do you have a central location that tells you the names or IP addresses of all your servers? I’ve heard about more than one team with a spreadsheet that may or may not be up to date, and then they look at their cloud console. Scary, but understandable, because what else are you gonna do?
  2. Do I have access? Of course, I can access everything from my trusty administration server, right? Does this mythical beast even exist? When folks are spread across multiple data centers, clouds, and VMs, how can it? This may be the most difficult problem to solve out of all of these.
  3. Who runs it? Do I have a service account I can use everywhere? Is the password or public key consistent everywhere? Do I have the private key for it? When you have hundreds of servers, unless you’re using some sort of centralized tool or directory service, this gets to be really tricky to manage.

These are challenging problems to solve, problems that most organizations can’t afford to solve by themselves, especially as they start to achieve any kind of reasonable scale. I know companies that have made this investment. They’ve taken years to do it, and by the time they were done, they got an extremely capable and customizable system that requires code changes every time they want to do something new.

Okay, I’m sure you’re going to tell me that it is crazy-easy to audit servers with JumpCloud

Yes, you’re right, it is crazy-easy:

  1. Create a command in JumpCloud’s Command tab with our mini-script:
/usr/sbin/dmidecode/sbin/ifconfig

 

/bin/hostname

/bin/cat /proc/cpuinfo

/bin/cat /proc/meminfo

/bin/df

  1. Click “select all servers”
  2. Set the command to run as any user
  3. Click “Save and Run”

Boom, done. Your servers will sit up and fly straight, and start singing like birds, or at least like a bunch of servers running your command for you. And, those results will be available to your whole team, immediately, and be easily searchable, auditable, and repeatable.

Server Management: Big Plumbing for Big Problems

Building the infrastructure to turn an hours-long endeavor like this into a quick 4-step process isn’t easy. It’s expensive, and if you’re doing it yourself, that means you probably can’t dedicate a whole team of people to it for 100% of their day, so it will probably take you a long time to get there. And, when you do, you probably won’t have a pretty UI for it, nor an eminently usable API, nor will you have user management, and security all built in, and it won’t have benefited from all the feedback, scalability, polish, and experience that comes from supporting lots and lots of customers. That’s what you get when you get a commercial solution.

Audit Your Servers with JumpCloud

Even if you’ve already built all this, how much does it cost you to maintain it? JumpCloud starts at $6.87 per user per month and with volume discounts available, so it’s very affordable.

It’s the classic build-versus-buy argument, but I’m sure you have better things to do than build a central user management system with command execution capabilities. Let us know how we can help and if you are inclined, check out JumpCloud’s Directory-as-a-Service® platform. You can trial it across your entire infrastructure, so testing the auditing functionality will be pretty simple!

Greg Keller

Greg is JumpCloud's Chief Product Officer, overseeing the product management team, product vision and go-to-market execution for the company's Directory-as-a-Service offering. The SaaS-based platform re-imagines Active Directory and LDAP for the cloud era, securely connecting and managing employees, their devices and IT applications.

Recent Posts