OctoSAM technical documentation¶
Technical documentation is aimed at system administrators and advanced users who want a deeper understanding of OctoSAM software or would like to customize, extend, or integrate OctoSAM with other software systems.
Resources¶
Apart from this documentation, more information is available here:
User forum¶
Register at https://www.octosoft.ch/forum
The forum also contains a download section for further documentation, scripts, and tools.
Database documentation¶
Documentation of the OctoSAM Inventory database schema.
Serilog configuration¶
Supported platforms¶
See Octosoft Forum News for supported platforms for your version.
License file¶
Obtain the license file from Octosoft AG or your software vendor. Import the license into OctoSAM Inventory database using the OctoSAM Inventory GUI.
Using OctoSAM Inventory without a license¶
Unlicensed versions of OctoSAM Inventory do have the following limitations:
- Only 25 machines can be scanned and imported into the database
- OctoSAM Monitor can observe only 1 License Manager Server
Software catalog¶
With standard configuration, the catalog gets periodically updated via Internet from the Octosoft update server. You can also manually update the catalog if your network policy does not allow direct updates from the Internet.
OctoSAM components¶
Database¶
OctoSAM Inventory stores its data in a central Microsoft SQL Server database.
Windows GUI¶
The OctoSAM Inventory GUI is a Windows application that connects to the OctoSAM Inventory database. It provides a powerful view of the inventory geared towards professional IT admins and SAM consultants and allows for administrative tasks such as removing stale objects.
Web GUI¶
The Web GUI provides an alternative to the Windows GUI. It sports a more straightforward interface for a broader audience and supports fine-grained authorization via RBAC model.
Scanner for Windows¶
The Windows scanner is a standalone executable .exe file. Octoscan2 builds a compressed .zip file with the suffix .scan. The OctoSAM Inventory Import Service imports .scan files into the OctoSAM Inventory database.
The Windows scanner also scans information about Hyper-V hosts and guests.
Scanner for macOS¶
The Mac OS X scanner is provided as a shell script that you can integrate into your Mac environment. Some centralized Mac management is required to roll out Mac scanning efficiently.
Octosoft can also provide a pre-configured notarized application package if you prefer installing the Mac scanner or do not have a management system for your Macs.
Scanner for Linux¶
The Linux scanner is provided as a python script that you can integrate into your environment. Some centralized management is required to roll out Linux scanning efficiently.
Upload server¶
OctoSAM provides an upload server that allows to upload scan files via http(s). Scan file upload is either implemented directly in the scanner or can be scripted using the curl command.
The standard upload server provided by Octosoft is implemented in .net and can be used on any platform that supports .net 8.0 Alternatively, OctoSAM provides an open source upload server that can be used on platforms that support OpenResty.
VMWare vCenter scanner¶
The WMWare scanner collects information about your virtual machines from a vCenter management perspective. This allows to relate physical hardware information from your virtualization infrastructure with the logical guest operating system instance. The scanner is provided as Powershell source code. See the provided readme.txt for configuration instructions.
Adobe scanner¶
Scans Adobe Cloud user information via Adobe UMAPI.
Import service¶
The OctoSAM Inventory import service is a Windows service that imports data collected by the various scanners into the OctoSAM Inventory database. The import service also has built-in capabilities to read AzureAD/Microsoft 365 and Active Directory.
License manager observer service¶
The license manager observer service is a Windows service that monitors your license servers and collects usage statistics into the OctoSAM Inventory database.
Use existing infrastructure
You can use any mechanism to copy files from remote locations to a central folder where the import service will pick them up. If your organization already has any form of centralized file transfer infrastructure, we recommend using the existing tools.
Use internal sftp functionality
The OctoSAM Inventory import service has built-in functionality to collect files from remote sftp servers.
OctoUtil¶
is a command-line tool execute application tasks.
OctoDump¶
Octodump is a command-line tool that de-compresses .scan files into their human-readable XML format. You can also use it to get summarized information about multiple .scan files.
OctoOffline¶
A GUI wrapper tool for offline Windows scanning - for example from a USB stick - for disconnected machines.
OctoSAM module versions¶
OctoSAM uses a versioning convention that is similar to Semver. We use 4 numeric parts.
MAJOR.MINOR.DATAMODEL.PATCH
All components except for the scanners should have identical MAJOR.MINOR.DATAMODEL parts. The patch level can be different between modules. That means if a patch fixes an issue you have in a module, you do not need to update the other modules unless explicitly stated in the release notes of the patch.
Scanners should have the same MAJOR.MINOR version number, but the import usually also supports importing files generated with older scanners for the last 2 or more MINOR releases. See the release notes of each release. In case of the Windows scanner, older versions are supported for scan of legacy systems which do not meet the requirements of the current scanner. These scanners are maintained for stability and security only. New features are usually not backported to these older versions. The current scanners usually support all versions of the scanned target which are under ordinary or extended (paid) support by the publisher.
A change in the PATCHLEVEL does not require a database migration. However, we recommended that you create a database backup and a filesystem backup of the installed software and configuration before installation of a new patch level.
A change in the DATAMODEL part means that the data semantics have changed. All parts that access the database should be updated. The change can optionally include a database migration script. An update to the DATAMODEL level always requires creating and verifying a database backup and performing a filesystem-level backup before updating.
A change in the MINOR part means that interfaces, command-line options, data structures, configuration, required platform, or hardware requirements may have changed. An update to a new MINOR version requires careful planning and migration testing on a copy of the database.
Beta versions¶
Beta versions are to be installed / updated by Octosoft staff only. Requirements may change between betas outside of the scheme defined above.