Search for	Example	Results
A single word	`cat`	Topics that contain the word "cat". You will also find its grammatical variations, such as "cats".
A phrase. You can specify that the search results contain a specific phrase.	`"cat food"` (quotation marks)	Topics that contain the literal phrase "cat food" and all its grammatical variations. Without the quotation marks, the query is equivalent to specifying an OR operator, which finds topics with one of the individual words instead of the phrase.

Search for	Operator	Example
Two or more words in the same topic	`AND` `and` `+` (plus symbol) `&` (ampersand)	`cat AND dog` `"cat food"+milk` `"cat food"&"dog food"`
Either word in a topic	`OR` `or` `\|` (pipe)	`cat OR dog` `cat \| dog`
Topics that do not contain a specific word or phrase	`NOT` `not` `!` (exclamation point)	`NOT cat` `! dog`
Topics that contain one string and do not contain another	`^` (caret)	`cat ^ mouse`
A combination of search types	`( )` parentheses	`cat + (dog \| mouse)` `cat \| dog + (! mouse)`

Universal CMDB11.0

Use > Inventory Tools > SAI Editor Overview > Application Teaching Overview > Rule-Based Application Teaching > Example of a Recognition Rule Using Version Data

Example of a Recognition Rule Using Version Data

The following procedure shows you how to set up a recognition rule that matches a regular expression against embedded version data in a Windows executable file.

To set up a Recognition Rule using version data:

Open the Viewer and the SAI Editor.

To create a rule for a specific application, you want to see the current data in the Viewer. This enables you to build an appropriate rule so that Universal Discovery can immediately recognize future versions of that application.

In the Viewer, open the scan file that contains the application for which you want to create a recognition rule. You can add rules only to a User SAI.
Also in the Viewer, locate the file that you want to teach using the Directories and Files tab. In this example, we will use the WinRAR.exe file.
Open the SAI Editor.
In the User SAI file, locate the application for which you want to create a rule.

If the application is not yet present in the file, you will need to add it.

In the SAI Editor, create a placeholder Release (for example, “X”) and placeholder Version (for example, “XX”) for the application. If the application has not previously been taught, it is also necessary to add the main file to the application. You can do this by dragging the main file from Windows Explorer to the SAI Editor.
Find the application to teach (in this example, WinRAR Archiver), and right-click it.
Select Edit Application Rules. The Application Rules Editor opens.
If the rule that you want to work with already exists, select it and click Edit. Otherwise, click Add.

The Application Rule Wizard window opens

Select File version data rule (Windows), and click Next.
Follow these steps to specify the file name, operating system, and language:

Specify a Filename for a new rule or change the Filename as desired for an existing rule. In this example, we use WinRAR.exe.
Specify the Operating System on which the application runs.
Specify the Language for the application.
Specify the Commercial license type for the application.

Click Next to proceed to the next page
To specify how the release name will be obtained, follow these steps:

In the Field box, specify the Version Data Field from which the release name will be extracted.
In the Regular expression box, specify the regular expression to use. If the same field will be used to extract both the Release and the Version, the regular expression needs to be generic enough to provide groups that can match both names. For example, if the value is 3.80 in the File Version field, the Release is 3, and the Version is 3.80

The regular expression we will use for this example is as follows:

(([0-9]+)\.[0-9]+)

This expression represents two groups of digits separated by a period (dot). For additional information about and examples of regular expressions, see the section about Regular Expressions in the Analysis Workbench section of this guide.

Examples of Regular Expression Constructions

RegEx	Description
([0-9]+)\.([0-9]+)	This will recognize a variety of version numbers with two digits divided by a dot. For example, 2.4, 5.6, etc.
([0-9]+)\.([0-9]+)\.([0-9]+)\.([0-9]+)	Similar to the one above, this will recognize a version number with four digits, such as 1.2.2.3, 3.4.4.4, etc.
^([A-Za-z])( )([A-Za-z])	This will recognize any text that may appear, in upper or lower-case letters.

In the Format field, specify how the extracted field will be formatted. You can enter a combination of text and any of the following macros.

Examples of Macros

Macro	Description
${fieldvalue}	Covers whatever text appears in the field. Cannot be used for Application Name, Publisher Name, or Release.
${appname}	Application Name (returns the complete value of the Application Name, including all formatting).
${pubname}	Publisher Name (returns the complete value of the Publisher Name, including all formatting).
${rlsname}	Release (returns the complete value of the Release, including all formatting).
${group<n>}	Returns the regex group referred to by its index <n>, where <n> is an integer number. For example, ${group1} refers to the regex group 1.

For the Regex Group Index, select the group from which the release will be taken—or the entire field if the entire version field value is required.

When the Regex Group Index is N, it points to the group (sub-expression) delimited by the Nth left parenthesis in the regular expression.

In this regular expression, for example, there are five choices: 1, 2, 3, 4 or Entire field:

Here, both 1 and Entire field specify the whole regular expression. An index of 2 matches the leading digits to the left of the first period. An index of 3 matches the digits between the first and second periods.

In our WinRAR.exe example, the Regex Group Index for the release will be 2 (the leading digits before the period).

The Regex Group Index for the Version will be 1 (leading digits, then period, then digits).

For Mapping, you can enter some extra rules that will help identify applications. For example, you can enter the following to recognize different marketing names for the applications:

5.1=Windows XP

5.2=Windows Server 2003

6.0=Windows Vista

In our example, we do not use this capability, as the Release is a numeric value that does not require a mapping.

Click Next to go to the next page

To specify how the main file is defined, follow these steps:

Select The first file belonging to the package is the Main if you want the first file selected as the main file. The list is sorted alphabetically. Then, click Next to move to the next screen.

Select Specify the Rule for the Main File if you want to create custom rules to define which file and which file type is defined as the main file.

On the Include Rule tab, type the file name and file directory for the file that you want to include in the rule.

In the File Name field, type the name of the file that you want to include in the rule. You can also type a wildcard to include all files.

In the File Directory field, type the directory path where the file is located.

To select the file types to use to define the main file, select one of the following options:

Any (including non-executables)- Includes all file types that are contained in the package.

Any executable- Includes all file types that are contained in the package.

Any executable selected- Includes the file types that you select.

Any executable not selected- Includes the file types that are not selected.

Select the number of occurrences to set the number of occurrences of the main file in a single installation of the application. This setting is useful when multiple instances of the same application version are installed.

Note If the main file occurs twice in the same installation, set this value to two. If Report Multiple Installations of the Same Version setting of the SAI recognition options is enabled, it will cause only one installation of the application to be reported for every two occurrences of the main file.
On the Exclude Rule tab, type the name of the file that you want to exclude from the rule. You can also type a wildcard to exclude all files.

In the File Name field, type the name of the file that you want to exclude from the rule. You can also type a wildcard to include all files.

In the File Directory field, type the directory path where the file is located.

Click Next to move to the next screen, or click Back to return to a previous screen.

Follow the same procedure to specify how the version will be obtained.

The Regular expression box is only enabled if the version data field specified in the Field box is different from the one used to determine the release. If it is the same and you need to amend the regular expression, click Back and edit it on the previous screen.

When you are finished, click Next to proceed to the next page.

On this page the Finish button becomes enabled. When no further matches are required, leave the radio button in the No further matches state, and click Finish to complete the wizard. Normally, however, it is necessary to specify extra conditions to ensure that the file comes from the expected publisher.

In our example, we want to make sure that the CompanyName field refers to Alexander Roshal, which is the company we expect. If WinRAR.exe happens to be used in another unconnected application for which the CompanyName is different, the rule will not be triggered. Another useful option is to match is the ProductName field.

Note that the Field drop-down list only includes fields that have not previously been used either for Release, Version, or extra matches.

Click Finish to complete the rule configuration or Next to add another extra match.

Your new rule is now ready to be used for recognition. See View Your New Rule on page 366 to determine whether it successfully detected the application. The Version Data Rules tab shows all of the available version data rules in the current SAI.

Send Help Center feedback