[regular expression syntax in dynamic group templates]

Hello,

 

I noticed that the expression is incorrectly used as mask rather than regexp. Fixing that it seems this works OK at least with simpler regexp that actually matches some computers that connect often.

 

In ERA 6.2 there is option to select NOR as the condition operator which conveniently negates the regexp if that's the only condition you wanted.

[regular expression syntax in dynamic group templates]

This does not seem to work as described here and there is no description in an official manual.

 

perl test result:

 

"Microsoft Windows Server 2008 R2" does not match "^(?!.*Server).*\$".

"Microsoft Windows 7 Professional" matches "^(?!.*Server).*\$".

"Microsoft Windows Server 2008 R2" matches "^(?!.*( 7| 8 | 10| XP)).*\$".

"Microsoft Windows 7 Professional" does not match "^(?!.*( 7| 8 | 10| XP)).*\$".

 

working group:

 

• EXPRESSION

   
   
   
• OPERATION

  AND (All conditions have to be true)
   
   
• RULES

  OS edition . OS name regex ^(?!.*Server).*$

 

always empty group:

 

• EXPRESSION

   
   
   
• OPERATION

  AND (All conditions have to be true)
   
   
• RULES

  OS edition . OS name has mask ^(?!.*( 7| 8 | 10| XP)).*$

[Have to restart ApacheHTTPProxy service at least once per week]

BTW on an ERA 6 course the Apache proxy (installed on Windows as part of the full ERA 6 install) died on me as well.

 

So yes, this thing is not particularly reliable. If I were to use a proxy I would probably inspect the installed httpd configuration and move it to a production grade Apache installation.

[ERA Proxy 6 installation with windows authentication in MSSQL]

 

The ERA Proxy 6 pretends it supports windows authentication with MS SQL.

 

However, when I try to install with Windows authentication it complains that SQL authentication is not enabled.

 

[Dynamic group template by computer name]

unfortunately, when BIOS has serial number filled in the identifier value becomes the serial number (and identifier type becomes serial)

 

 

edit: actually you can match the hostname even when you have serial.

 

Which probably means that identifier value is ambiguous

 

The interaction between multiple fileds in templte expression is not well documented.

 

When I request that identifier type is hostname AND identifier value has prefix K does it match only hostnames starting with K or also serials starting with K? How does it work for the other operatoes (NOR, ...).

[regular expression syntax in dynamic group templates]

you can achieve that if you expant on the all but Server OS expression

[a group template for computers not having a particular software installed?]

I found the option to filter by Eset products installed which works nicely.

 

This is also helpful since it can work for some non-Eset products. Thanks

 

I would expect the NOR is done per product so every PC with products other than ESET Endpoint Antivirus would match.

 

Unfortunately, some products do not have as nice names as ESET Endpoint Antivirus.

 

For example, matching Java runtime might be done this way

 

 

but this assumes that the AND is performed per product. If it's done per computer it might match computer which has some Foo from Oracle installed and some JavaBar from FooBar and no Java.

[regular expression syntax in dynamic group templates]

I can just type the regexp into perl interpreter and test.

 

That does not give same result as these match rules.

 

I tried a small test perl program:

 

"Microsoft Windows 7 Professional" matches 7.

"Microsoft Windows Server 2008 R2" does not match 7.

"Microsoft Windows Server 2008 R2" matches "Server".

"Microsoft Windows Server 2008 R2" matches "Microsoft Windows Server".

"Microsoft Windows Server 2008 R2" does not match "^(?!.*Server).*\$".

"Microsoft Windows 7 Professional" matches "^(?!.*Server).*\$".

 

However, when I change my rule with "Microsoft Windows Server" from prefix to regex the server systems no longer show up in the group.

 

So yes, your example works. However, some valid regex examples do not.

[a group template for computers not having a particular software installed?]

I can make dynamic groups that show computers that have a prticular software installed but not groups that show computers with a particular software not installed - such as computers with no Eset Endpoint software on which the installation failed for some reason or another.

 

Is there some way I missed or is the template expression language just too limited?

 

[regular expression syntax in dynamic group templates]

I cannot get these to work.

 

Supposedly the perl regexp syntax is supported.

 

A very basic instance of a perl regexp is a word without any special characters which should match as substring. It does not seem to happen. So what is the format of the regular expression?

[Separate certificate for web console]

Hello,

 

I installed the ERA and I am trying to configure it so that it's reasonably accessible.

 

It's completely fine to have agent and server certificates signed by a private CA specific to the ERA installtion. In fact, given the restrictions on certificates issued by commectial CAs it may turn out I would not be even able to obtain certificates that would allow agent installation.

 

The problem is that accessing the console does not work easily without a certificate signed by a well known authority. So what I need is an option to import certificate for remote console access which is separate from the certificates used to authenticate the server and the agents.

 

Unfortunately, I do not see this option in the ERA certificate management.

 

Edit: it is possible to set certificate just for the Tomcat server using Java certificate tool without accessing the console web interface at all. This does not seem to hinder the server operation and allows using  certificate issued by well-known CA for the console so browsers can access it easily. The certificate will be probably overwritten next time new server certificate is installed.