-
Notifications
You must be signed in to change notification settings - Fork 24
WriteDiscoveredService
A mechanism for the script to return service discovery information to the client.
This should be called for each service discovered on the remote host. A constraint filter must be configured to filter the required services that will be reported to the client (ie Safeguard). A constraint filter must be configured in the 'ServiceDiscovery' operation parameter, but can be overridden in the FilterQuery property of the 'WriteDiscoveredService' command. The filter can match on any or all of the following: service name, service type, account name.
| Parameter Name | Description | Type | Resolved Type | Required |
|---|---|---|---|---|
| ServiceName | The name of the service | Value | String | Yes |
| DisplayName | The display name of the service (if different from the name) | Value | String | No |
| Account | The account that the service runs as | Value | String | No |
| ServiceType |
|
Value | String | Yes |
| Enabled | Whether the service is enabled | Value | Boolean | No |
| LocalAccount | Set to true if the account is local; set to false if the account is a directory account. Added in V7.2 | Value | Boolean | No |
| FilterQuery | The filtering rules to filter the discovered services, see below | Object | Object | Yes |
A query is required to filter the results that will be reported to Safeguard. The query can alternatively be configured as an operation parameter called "ServiceDiscoveryQuery".
| Parameter Name | Description | Type | Resolved Type | Required |
|---|---|---|---|---|
| Rules | An optional array of rules to apply, see below. If no rules are configured, all services will match the filter. | Array | Array | No |
Each rule provides a filter to apply to the discovered list of services.
| Parameter Name | Description | Type | Resolved Type | Required |
|---|---|---|---|---|
| Name | A string to identify the rule | String | String | Yes |
| Type | The filter type. This must be set to 'Constraints' | String | String | Yes |
| Filters | The constraint filters to apply, see below. If no constraints are configured, all services will match the filter. | Object | Object | Yes |
A set of properties that can be used to filter a discovered service.
| Parameter Name | Description | Type | Resolved Type | Required |
|---|---|---|---|---|
| Account | The string to match the discovered Account; null or empty string will match all | String | String | No |
| ServiceName | The string to match the discovered ServiceName; null or empty string will match all | String | String | No |
| ServiceType | An array of service types to matchl valid values are Valid values are:WinService, WinTask, WinIisPool, WinDCom, WinComPlus, [] for all | Array | Array | No |
This command was introduced in Safeguard V2.11
Example 1: Filter on any account name beginning with 'admin', overriding the 'ServiceDiscovery' operation parameter passed in to the operation:
{
"WriteDiscoveredService": {
"ServiceName": "win service 1",
"Account": "admin1",
"ServiceType":"WinService",
"Enabled": true,
"FilterQuery": {
"Rules": [
{
"Name": "any UserId > 100",
"Type": "Constraints",
"Filters": {
"Account": "admin.*"
}
}
]
}
}
},
**Example two: Assuming the ServiceName, Runas, Enabled, ServiceType string variables have been retrieved. Include all services, overriding the 'ServiceDiscovery' operation parameter passed in to the operation: **
{
"WriteDiscoveredService": {
"ServiceName": "%{ ServiceName }%",
"Account": "%{ Runas }%",
"ServiceType":"%{ ServiceType }%",
"Enabled": "%{ Enabled }%",
"FilterQuery": {
"Rules": [
{
"Name": "all services",
"Type": "Constraints",
"Filters": {
}
}
]
}
}
},
**Example three: use the 'ServiceDiscoveryQuery' operation parameter passed in to the operation to filter: **
{
"WriteDiscoveredService": {
"ServiceName": "%{ ServiceName }%",
"Account": "%{ Runas }%",
"ServiceType":"%{ ServiceType }%",
"Enabled": "%{ Enabled }%"
}
},