Detection Based on Script Output
The detection logic for a Custom QID is based on evaluating the script output against the specified cardinalities. These cardinalities validate the script output using the provided value (regular expression or string).
After the script execution is completed, the system compares the output against the provided value and cardinality. If the output satisfies the provided value and cardinality, the detection logic is considered satisfactory. This functionality enables the detection of Custom QID in cases where script execution does not return exit codes.
You can select the Cardinality and enter detection Value (regular expression or string) while creating a Custom QID script.
To configure the detection logic, refer to Creating Custom QID Scripts.
Cardinality
The following Cardinality options are provided:
| Cardinality | Description |
|---|---|
| CONTAINS | Script output must contain all expected values. |
| DOES NOT CONTAIN | Script output must not contain any of the expected values. |
| INTERSECT | Script output should contain any of the expected values. |
| MATCHES | Script output should exactly match the expected value. |
| IS CONTAINED IN | Script output should be contained within expected values. |
| CUSTOM REGEX | Script output is evaluated based on the regular expression you provide. This option allows you to create a custom regular expression as required. |
- The CUSTOM REGEX option accepts only one regular expression as a value.
- The MATCHES option accepts only one string as a value.
- Except for CUSTOM REGEX and MATCHES, all other cardinalities accept more than one string value. A maximum of 10 values is accepted.
Regular Expression
A Regular expression comprises a string of characters used to match specific strings. They provide a powerful and flexible way to identify and extract specific information from strings. The specific strings in this context is a script output.
Let us consider the following example to understand a regular expression:
Regular Expression for Matching Java Versions (Till Date):
\b(1\.[0-9]|[2-9][0-9])(\.\d+)*\b
Explanation:
1\.[0-9]→ Matches legacy Java versions from 1.0 to 1.9.[2-9][0-9]→ Matches Java versions 2 and above (for example, 2, 8, 11, 17, 21).(\.\d+)*→ Supports optional minor versions, including patch versions (for example, 17.0.1, 8.0.271).\b...\b→ Ensures it captures complete version numbers, preventing partial matches within other words.
Example of Custom QID Detection based on Script Output
Let us say you want to create a Custom QID to identify systems running Chrome browser version 119.0.
Script Purpose: Check Chrome browser version on target systems
Script: The below script provides Chrome version information in the output
# Script to check Chrome browser version
$ChromePath = "C:\Program Files\Google\Chrome\Application\chrome.exe"
$ChromePathx86 = "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
if (Test-Path $ChromePath) {
$ChromeVersion = (Get-Item $ChromePath).VersionInfo.ProductVersion
Write-Output "Chrome browser found"
Write-Output "Version: Google Chrome $ChromeVersion"
}
elseif (Test-Path $ChromePathx86) {
$ChromeVersion = (Get-Item $ChromePathx86).VersionInfo.ProductVersion
Write-Output "Chrome browser found"
Write-Output "Version: Google Chrome $ChromeVersion"
}
else {
Write-Output "Chrome browser not installed"
}
Detection Logic Configuration:
- Cardinality: Contains
- Value: 119.0
- Evaluation Criteria: Detected
The output from the above script is:
Chrome browser found Version: Google Chrome 119.0.6045.123
Result: The detection logic evaluates this output to search for the string "119.0". Since the output contains this string, the Custom QID is marked as detected.