Jump to content
Kizzer721

Dynamic Group to pick up multiple old versions of ESET

Recommended Posts

Hello,

I am currently trying to create a dynamic group that will capture any client that isn't running the latest version of ESET.

At the moment i use a group to capture any device on V6. I currently use:
(AND)
Installed software . Application vendor > Contains > ESET
Installed software . Application name > Contains > Endpoint
Installed software . Application version > has mask > 6.*

This group works well and gives me any device that is a v6 machine and it attached to a client task to install the latest version of ESET v7

What i also want to add to that group is any machine that has ESET v7.0* installed as well. As the latest release is v7.1*

Would the best thing to do to be create another group with the same rules but use 7.0* and setup another trigger and attach this to my client task to install the latest version of ESET?

Ideally i would like all old versions of ESET on a network under one Dynamic Group.

Thanks in advance!

Share this post


Link to post
Share on other sites

You can do it in a way, that you combine condition of “is one of” (product name) and version “is not” (latest version number). However you will have to update with new product releases. 

Share this post


Link to post
Share on other sites
13 hours ago, MichalJ said:

You can do it in a way, that you combine condition of “is one of” (product name) and version “is not” (latest version number). However you will have to update with new product releases. 

Hi Michal,

Please can you write it out in the format i did above? I'm slightly confused as to how you do it as i wasn't aware you could combine different operations in a dynamic group.

Thanks!

Share this post


Link to post
Share on other sites
Posted (edited)

Sure, here it is: 

NOTE: I will ideally put it as nested group under a group where ESET Endpoint Clients are installed. You might need similar group for servers (if required). 

DG template.png

Edited by MichalJ

Share this post


Link to post
Share on other sites
2 minutes ago, MichalJ said:

Sure, here it is: 

NOTE: I will ideally put it as nested group under a group where ESET Endpoint Clients are installed. You might need similar group for servers (if required). 

DG template.png

Thats amazing - thanks! Would i be able to use 6.* and 7.0* as my "variables" as it were or would i need exact version numbers and just add to my dynamic group template each time a new version is released?

Share this post


Link to post
Share on other sites

Honestly, I do not know the answer, I can test it tomorrow, once I am back in the office. However, the scenario with updated template with a new version number will work for sure. The other one, we will have to check. 

Share this post


Link to post
Share on other sites
12 hours ago, MichalJ said:

Honestly, I do not know the answer, I can test it tomorrow, once I am back in the office. However, the scenario with updated template with a new version number will work for sure. The other one, we will have to check. 

Thanks Michal! Would love to know if it is possible! Do you have a list of version releases that i can use for the Dynamic Group Template?

Share this post


Link to post
Share on other sites

Hello, I have tested it, and you can use the condition "is one of (string mask)" and "is not one of (string mas), in conditions as well. You can test it easily, by creating the DG, and then adjusting the template. Then please wait for agent connections (as DG membership is evaluated and reported by agent) to validate you got correct results. But it worked in my environment. 

With regards to the granular history of Endpoint releases, unfortunately we do not have this as of now (last few versions are always available in ESMC repository view (when you try to start a new software install task)), but we are planning to introduce a better concept of release notes, where granular history of version releases will be included as well. 

 

string mask.png

Share this post


Link to post
Share on other sites
8 minutes ago, MichalJ said:

Hello, I have tested it, and you can use the condition "is one of (string mask)" and "is not one of (string mas), in conditions as well. You can test it easily, by creating the DG, and then adjusting the template. Then please wait for agent connections (as DG membership is evaluated and reported by agent) to validate you got correct results. But it worked in my environment. 

With regards to the granular history of Endpoint releases, unfortunately we do not have this as of now (last few versions are always available in ESMC repository view (when you try to start a new software install task)), but we are planning to introduce a better concept of release notes, where granular history of version releases will be included as well. 

 

string mask.png

That's perfect! I will test this now and add in an extra one for 6.* and wait for the agents to check back in! Thanks for all your help on this.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...