Chatta subito con l'assistenza
Chat con il supporto

KACE Systems Management Appliance 14.1 Common Documents - Administration Guide

About the KACE Systems Management Appliance Getting started
Configuring the appliance
Requirements and specifications Power-on the appliance and log in to the Administrator Console Access the Command Line Console Tracking configuration changes Configuring System-level and Admin-level General Settings Configure appliance date and time settings Managing user notifications Enable Two-Factor Authentication for all users Verifying port settings, NTP service, and website access Configuring network and security settings Configuring session timeout and auto-refresh settings Configuring locale settings Configuring the default theme Configure data sharing preferences About DIACAP compliance requirements Configuring Mobile Device Access Enable fast switching for organizations and linked appliances Linking Quest KACE appliances Configuring history settings Configuring Content Security Policy
Setting up and using labels to manage groups of items Configuring user accounts, LDAP authentication, and SSO Deploying the KACE Agent to managed devices Using Replication Shares Managing credentials Configuring assets
About the Asset Management component Using the Asset Management Dashboard About managing assets Adding and customizing Asset Types and maintaining asset information Managing Software assets Managing physical and logical assets Maintaining and using manual asset information Managing locations Managing contracts Managing licenses Managing purchase records
Setting up License Compliance Managing License Compliance Setting up Service Desk Configure the Cache Lifetime for Service Desk widgets Creating and managing organizations Importing and exporting appliance resources
Managing inventory
Using the Inventory Dashboard Using Device Discovery Managing device inventory
About managing devices Features available for each device management method About inventory information Tracking changes to inventory settings Managing inventory information Finding and managing devices Registering KACE Agent with the appliance Provisioning the KACE Agent Manually deploying the KACE Agent Using Agentless management Adding devices manually in the Administrator Console or by using the API Forcing inventory updates About Remote Control Managing MIA devices Obtaining Dell warranty information
Managing applications on the Software page Managing Software Catalog inventory
About the Software Catalog Viewing Software Catalog information Adding applications to the Software Catalog Managing License assets for Software Catalog applications Associate Managed Installations with Cataloged Software Using software metering Using Application Control Update or reinstall the Software Catalog
Managing process, startup program, and service inventory Writing custom inventory rules
Deploying packages to managed devices
Distributing software and using Wake-on-LAN Broadcasting alerts to managed devices Running scripts on managed devices Using Task Chains
Patching devices and maintaining security
Using the Security Dashboard About patch management Subscribing to and downloading patches Creating and managing patch schedules Managing patch inventory Managing Windows Feature Updates Managing Dell devices and updates Managing Linux package upgrades Manage quarantined file attachments
Using reports and scheduling notifications Monitoring devices
Getting started with monitoring Working with monitoring profiles Managing monitoring for devices Working with alerts
Using the Service Desk
Configuring Service Desk Using the Service Desk Dashboard Managing Service Desk tickets, processes, and reports
Overview of Service Desk ticket lifecycle Creating tickets from the Administrator Console and User Console Creating and managing tickets by email Viewing tickets and managing comments, work, and attachments Merging tickets Using the ticket escalation process Using Service Desk processes Using Ticket Rules Run Service Desk reports Archiving, restoring, and deleting tickets Managing ticket deletion
Managing Service Desk ticket queues About User Downloads and Knowledge Base articles Customizing Service Desk ticket settings Configuring SMTP email servers
Maintenance and troubleshooting
Maintaining the appliance Troubleshooting the appliance
Appendixes Glossary About us Legal notices

Types of Custom Inventory rules

Types of Custom Inventory rules

Custom Inventory rules test, or obtain the values of, registry keys and entries, program, files, scripts, environment variables, system properties, and the output of commands.

There are two types of Custom Inventory rules:

Conditional rules: These rules test whether conditions exist on devices. When a rule returns true, the KACE Agent reports the item as an Installed Program. When the rule returns false, the item does not appear as an Installed Program.
Value Return rules: These rules obtain data from devices. If the value exists, the KACE Agent reports the item as an Installed Program and sets a corresponding Custom Inventory Field.

Create Custom Inventory rules

Create Custom Inventory rules

You can create custom applications, and Custom Inventory rules for those applications, so that information about the applications is gathered from managed devices.

1.
Go to the Software Detail page:
a.
Log in to the appliance Administrator Console, https://appliance_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information.
b.
On the left navigation bar, click Inventory, then click Custom Inventory.
c.
Select Choose Action > New.
2.
Provide general information: Name, Version, Publisher.

Option

Description

Restrict To Label

(Optional) The label associated with the item.

Notes

Any additional information you want to provide.

Supported Operating Systems

The operating systems on which the application runs. Applications are deployed only to devices with the selected operating systems.

Custom Inventory Rule

(Optional) The custom inventory rules to apply to the application. Custom inventory rules enable you to detect applications and other items on a device and capture details for reporting.

For example, the appliance first verifies whether an application is present on a device before deploying that application. In some instances, however, installed programs do not register in Add/Remove Programs or in standard areas of the registry. In such cases, the appliance might not be able to detect the presence of the application without additional information from the administrator. Therefore, the appliance might repeat the installation each time the device connects. Custom Inventory rules can prevent this repetition.

The following rule verifies that the version of the Network Associates VirusScan installed on a device is newer than a given version before deploying it:

4.
Next to Upload and Associate File, click Choose File to locate a file, then click Open or Choose.
5.
To prevent the file from being copied to Replication Shares, select Don’t Replicate Associated File. This setting is useful for large files that you do not want users to install from Replication Shares, such as software suites.
6.
Optional: Select a Category and Threat Level for the software.
7.
Click Save.

How Custom Inventory rules are implemented

How Custom Inventory rules are implemented

The KACE Agent receives new Custom Inventory rules during the first device inventory after the rules are created. During that first inventory, the Agent runs the new rules and reports the findings to the appliance.

The Agent runs all rules as well as any other processes scheduled for that session. Therefore, after a device is inventoried, it could take several minutes to run all the rules and other processes before the Agent reports the results.

After the Agent reports the results, the device’s detail page shows the results under Software in Installed Programs and Custom Inventory Fields.

NOTE: The applications with Value Return rules that set a Custom Inventory Field also appear as Installed Programs.

If results are not what you expect, verify that the device has been inventoried recently. The inventory time is shown in the Last Inventory field of the device detail page.

Syntax for Custom Inventory rules

Syntax for Custom Inventory rules

Use the correct syntax for function names and arguments in Custom Inventory rules.

Conditional and Value Return rules use the following syntax:

For specific information on functions and their arguments see:

Function syntax

Enter the functionName followed by an opening parenthesis, enclose the arguments with a closing parenthesis. No spaces are allowed between the name of the function and the opening parenthesis.

Argument syntax

Enter argument syntax for all rules except command and regex (regular expression) as follows:

For example, the following syntaxes are the same:

Commas and parentheses as values in a rule

If comma, open parenthesis, or close parenthesis are to be used as values in a rule, they must be escaped as {{comma}}. {{op}}, and {{cp}}, respectively.

For example, if the user want to test against the registry value in which the value name is "test,value", the user would need to escape the comma in this case because registry value name is not the last argument in the Custom Inventory (CI) function.

If the user wants to test against the registry value where the value itself contains a comma, then there is no need to escape, because value is the last argument in the Custom Inventory function. The following Custom Inventory tests registy value HKLM\SOFTWARE\TestSoft\test1 and looks to see if the value is equal to 2,4.

If the Custom Inventory function contains only one parameter, it takes everything between the parentheses as the value for the argument. Commas in this case do not need to be escaped and will be part of the argument to the Custom Inventory function.

ShellCommandTextReturn(wmic MEMORYCHIP get BankLabel,Capacity,description,manufacturer)
An unmatched literal open parenthesis needs to be escaped as {{op}}. When the parser is tokenizing the arguments for the function, it counts the number of open and close parentheses to determine the end of the function and argument. Therefore, an unmatched literal open parenthesis would throw off the count, and cause the argument value to be parsed incorrectly. If a literal open parenthesis is needed as part of the argument value, it should be represented with {{op}}.

For example, if the user wants to echo the string "Hello ( World", then the CI should look like the following:

ShellCommandTextReturn(echo Hello {{op}} World)

While the parser is tokenizing the arguments for the function, it counts the number of open and close parentheses in order to determine the end of the function when it encounter the last matched close parentheses. However, if the argument value itself contains a close parenthesis that is not matched, the parenthesis tricks the parser to believe that is the end of the function and the argument value will be truncated prematurely.

If a literal close parentheses is needed as part of the argument value, it must be represented with {{cp}}.

For example, if the user wants to echo the string "Hello ) World", then the CI should look like the following:

ShellCommandTextReturn(echo Hello {{cp}} World)
Related Documents

The document was helpful.

Seleziona valutazione

I easily found the information I needed.

Seleziona valutazione