SecurityExpressions Server User Guide
Supported Functions
Function | Argument | Description |
|
|
|
iprange | a valid IP range | Returns TRUE if the target |
|
| computer is a member of the IP |
|
| range. |
domain | a windows domain in Netbios or | Returns TRUE if the target |
| DNS format | computer is a member of the |
|
| windows domain. |
machinelist | a database machine list created | Returns TRUE if the target is a |
| using the console application | member of the machine list. |
devicetype | a valid device type | Returns TRUE if the target is the |
|
| type of device specified. |
fqdnmatch | a shell expression | Returns TRUE if the target’s full |
|
| qualified domain name matches |
|
| the shell expression. |
ou | the name of an OU in Microsoft | Returns TRUE if the target is a |
| shorthand, and optionally an LDAP | member of the organizational |
| URL specifying what directory and | unit. |
| credentials should be queried |
|
detectionmethod | a method for detecting systems on | Returns TRUE if the target was |
| the network | detected on the network using |
|
| this method. |
aocserver | a shell expression | Returns TRUE if the server |
|
| processing the connection event |
|
| matches the shell expression. |
Org Unit Scopes
Also known as an OU, a system's organizational unit is listed in the domain controller. The software searches OUs in order to find
Use Microsoft shorthand notation to type OUs. You do not need to type OUs in a
If you're running the server application on a system that's not a member of an Active Directory domain, you'll need to override the directory, protocol and login credentials to the
directory by specifying an LDAP URL as the first OU. The syntax is "ldap://[user:password@]host[:port].” The User can be in Microsoft format such as "user@domain.com” or in standard LDAP format such as "cn=user,dc=symantec,dc=com."
A system matches this scope if its
Detection Method Scopes
38
