Search for	Example	Results
A single word	`cat`	Topics that contain the word "cat". You will also find its grammatical variations, such as "cats".
A phrase. You can specify that the search results contain a specific phrase.	`"cat food"` (quotation marks)	Topics that contain the literal phrase "cat food" and all its grammatical variations. Without the quotation marks, the query is equivalent to specifying an OR operator, which finds topics with one of the individual words instead of the phrase.

Search for	Operator	Example
Two or more words in the same topic	`AND` `and` `+` (plus symbol) `&` (ampersand)	`cat AND dog` `"cat food"+milk` `"cat food"&"dog food"`
Either word in a topic	`OR` `or` `\|` (pipe)	`cat OR dog` `cat \| dog`
Topics that do not contain a specific word or phrase	`NOT` `not` `!` (exclamation point)	`NOT cat` `! dog`
Topics that contain one string and do not contain another	`^` (caret)	`cat ^ mouse`
A combination of search types	`( )` parentheses	`cat + (dog \| mouse)` `cat \| dog + (! mouse)`

Server Automation10.51

Administer > Audit and compliance > Audits, audit policies, and audit results > Audit and remediation rules > Audit and snapshot rules > Configuring the custom scripts rule

Configuring the custom scripts rule

The custom scripts rule allows you to define your own script (batch, Python, or Visual Basic and, for ESXi servers, only PowerShell) to retrieve and compare values used in an audit, an audit policy, or a snapshot specification. You can also write your own remediation scripts.

When you configure a custom scripts rule, you specify the target value, which is the expected values you want the script to return. The audit can gather this information based on the following methods:

Comparison-Based Audit: Execute the script on the source server. The return values from the script (exit code or standard output) are compared with the output of the script after it has run on the target server or servers. This option is named Source.
Value-Based Audit: Specify your own value. This value is compared with the output of the script after it has run on the target server. You can enter this value manually, if you know what the expected results of the script should be, or you can execute the script on the source server and use those return values. When the audit is run, this value is compared with the returned results from the script after it has executed on the target server or servers. The option is named Value.

For an audit, you can also configure a remediation script, which can be used if differences are found between the rule and the value returned after the script has run on the target server.

For a snapshot, the script results will be generated by running the script (as defined in the rule detail) on target servers and then captured in the snapshot. When you set up a snapshot specification, you can also add a remediation script. This type of script can be used to force remediation on target servers. You can execute the snapshot’s remediation script on target servers on an individual server basis from the Snapshot window.

To configure a custom script rule:

Create the new audit using one of the methods for creating an audit in Creating an audit . (If you want to create this rule for a snapshot specification, see Creating a snapshot specification .)
Select an Audit Source: Server, Snapshot, Snapshot Specification, or No Source. (Some audit rules, such as Application Configuration and Windows User’s and Groups, must have a source.)
To build a script and define the audit rule, you can choose the following options:

Source
- Rules: Click Add Rule to add a new custom script rule.
- Move Up: Click Move Up to move selected audit rules up to specify the execution order for custom script audit rules. The audit rules are saved in the order you specify. This order displays when you open the audit or audit policy.
- Move Down: Click Move Down to move selected audit rules down to specify the execution order for custom script audit rules. The audit rules are saved in the order you specify. This order displays when you open the audit or audit policy.
Rule Details
- Name: Enter a name for the script.
- Type of Script: Choose from Batch, Python, PowerShell, Visual Basic (VBS), or PowerShell for ESXi.
- Script:Type or copy and paste the script contents here. Or, click Import Script to import a script from your local drive.
Success Criteria
- Output: Either Exit Code or Standard Output.
- Operator: Choose an Operator, such as equals (=), not equals (<>), less than (<(), greater than (>), and so on.
- Reference: Choose the source of the script output.
  - Source: Select this option if you want the rule to execute the script on the source when an audit is run, and gets the value that the script requests. It will then compare that value with the value retrieved from the script that was run on the target server.
    If you choose this option for a snapshot specification, then the script will run on the target, and the results of the script execution will be captured in the snapshot (results).
    If the source of the audit is a snapshot, then the custom script rule will use the custom script definition configured in the snapshot specification.
  - Value: Enter your own value. This option uses the value you enter and compares it with the value returned from the script after it is run on the target server. This option means that the script does not run on the source server at audit runtime. Click the icon if you want to immediately get the output from the script from the source server. The returned value is displayed in the text box, which you can accept as is or edit as needed.
    If the source of the audit is a snapshot, the custom script rule will use the Custom Script definition that is configured in the snapshot specification.
- Server Attribute: Select this option to compare a server attribute found on the source server with the output from the script that is run on the target server.
- Custom Attribute: Select this option to compare a custom attribute found on the target server with the output from the script that is run on the target server. Custom attributes for this option derive from the selected source server for the audit.
  
  If you choose a custom attribute here for the rule definition, this custom attribute must also exist on the target servers or the audit for this rule will fail.
  
  If you do not choose a source for the audit, this list will be empty.
Remediation
- Type of Script: Choose from Batch, Python, PowerShell, or Visual Basic (VBS), or PowerShell for ESXi.
- Script: Type or copy and paste the script contents here. Or, click Import Script to import a script from your local drive.
(Optional) You can add a remediation script to run if the audit comparison fails. The remediation will not be applied automatically; you can only run the remediation script from the audit results after the audit has run.

For a snapshot, the remediation script you define here can be executed on target servers on an individual server basis. The execution order for remediation is not separately specified. Instead, remediation for selected, non-compliant rules are executed in the same order that is defined in the audit or audit policy. For example, if the audit policy has 10 rules and rules 2, 4, 6, and 8 are non-compliant, and rules 4 and 8 are selected for remediation, rule 4's remediation script will run first, followed by rule 8's remediation script.
To finish configuring the audit, set the target servers, schedule, and notification for the audit.
To save the audit, from the File menu, select Save. You can also save the Audit as a policy. For more information, see Saving an audit or a snapshot specification as an audit policy.
To run the audit, from the Actions menu, select Run audit.

For more information about running an audit, seeCreating an audit policy

Custom scripts sample

The following example is a custom VB script rule that is designed to enable a Windows user account and set the user’s password. This script will only work on Windows OS versions that are later than Windows NT 4.0. If you want to enable a user account and set the password on Windows NT 4.0, you must manually perform the required actions.

strComputer = "."
strAccountName = "red2"
Set objUser = GetObject("WinNT://" & strComputer & "/" & strAccountName )
objUser.AccountDisabled = False
objUser.SetPassword "AiH345^hjq"
objUser.SetInfo

Send Help Center feedback