Search for	Example	Results
A single word	`cat`	Topics that contain the word "cat". You will also find its grammatical variations, such as "cats".
A phrase. You can specify that the search results contain a specific phrase.	`"cat food"` (quotation marks)	Topics that contain the literal phrase "cat food" and all its grammatical variations. Without the quotation marks, the query is equivalent to specifying an OR operator, which finds topics with one of the individual words instead of the phrase.

Search for	Operator	Example
Two or more words in the same topic	`AND` `and` `+` (plus symbol) `&` (ampersand)	`cat AND dog` `"cat food"+milk` `"cat food"&"dog food"`
Either word in a topic	`OR` `or` `\|` (pipe)	`cat OR dog` `cat \| dog`
Topics that do not contain a specific word or phrase	`NOT` `not` `!` (exclamation point)	`NOT cat` `! dog`
Topics that contain one string and do not contain another	`^` (caret)	`cat ^ mouse`
A combination of search types	`( )` parentheses	`cat + (dog \| mouse)` `cat \| dog + (! mouse)`

Server Automation10.51

Administer > Audit and compliance > Audits, audit policies, and audit results > Audit configuration > Server objects

Server objects

The following table lists all server objects that you can create rules for in an audit or in a snapshot specification. Some server object values are captured and audited live and some objects are captured from the Model Repository.

Server Object	Description	Captured Live and/or from Model Repository
Application Configurations	Contents of application configuration files and their values.	Live
Windows COM+(See note below table.)	COM+ objects and component categories.	Live
Custom Scripts	Write your own custom scripts to retrieve information from a server and compare contents. For example, you can run a script to gather output from a custom application and evaluate returned output against values set in the audit. (Python only for python scripts.) If you target an ESXi server, you can only run PowerShell scripts.	Live
Discovered Software	Discovered Software provides a signature-based software discovery mechanism for Windows and UNIX managed servers to help you manage applications and software that are not managed by SA.	Live
Files	Contents of files and directories (and subdirectories), user and group access, checksum for files, file modification date, and Windows ACLs (Windows only).	Live
Hardware	CPU, storage devices, and memory.	Model Repository
IIS Metabase	Microsoft IIS Metabase objects and configuration values to snapshot or audit.	Live
IIS 7.0	Microsoft IIS 7.0	Live
Internet Information Server	Real time information about IIS for a Windows server, such as server name, server type, server state, log file path, document file path, and so on.	Live
Local Security Settings	Real time information about security settings, including security settings such as password policy, audit policy, user rights, and security options.	Live
Registered Software	All installed packages or patches actually installed on a source server, whether or not they have been registered by the model repository.	Live
Users and Groups	Compare information about users and groups on servers, such as user name for last login, whether or not CTRL + ALT + DELETE is enabled, and so on.	Live
Windows .NET Framework Configuration	Real time information about Assembly Cache and Configured Assembly List, such as assembly name, version, locale, public key token, cache file (GAC or ZAP), processor architecture, custom, and file name. For every Configured Assembly List, you can use information such as assembly name, public key token, codebases, binding policy, file name, file data.	Live
Windows Registry	Select Windows Registry directories or registry key values to capture and compare.	Live
Windows Services	Select Windows services.	Live
Windows Users and Groups	Users and groups information on a Windows Unix servers.	Live

A Windows COM+ category (folder) that does not have any objects will not be included in a snapshot or audit, even though SA will display an empty COM+ folder in the Device Explorer.
SAAudit and Remediation does not support device files or sockets.

Important The SA Client cannot create a snapshot of the entire Windows Registry or a snapshot of all system keys. The volume of data is larger than the current design allows.

Send Help Center feedback