Previous Topic: Enable or Disable Scan for a DefinitionNext Topic: Key Attributes and Nesting

Configuring Asset ManagementHow to Create a Custom Software SignatureSoftware Signature XML Reference Information

Software Signature XML Reference Information

A software signature helps to identify the installed software on the agents that are registered with IT Client Automation server. A signature is an XML template which includes general system information, file contents, properties, and registry contents (on Windows) or package information (on UNIX) of installed software.

This appendix helps to understand the following conceptual information about Signature XML tags, Key Attributes, and Sample Signatures:

Signature XML Tags

A Software Signature uses the following XML tags to collect signature data in XML format:

Registry Tag:

Provides the ability to parse the Windows Registry Key/Values. For example,

<group type=”and”> 
<registry name="HKEY_LOCAL_MACHINE\SOFTWARE\ComputerAssociates\eTrustAntivirus\CurrentVersion\Version" match=” 7.1” />
<registry name="HKEY_LOCAL_MACHINE\SOFTWARE\ComputerAssociates\eTrustAntivirus\CurrentVersion\Build" match=”501” /> </group>
File Tag

Provides ability to parse the file name, version, size, modified date, path and also to scan the contents of the file.

path

Checks the presence of a file using the values such as %systemroot% and %windir% on Windows. Wild card * searches the entire file system. For example:

<file name="named.conf" path="*" />

Checks entire file system.

<file name="Reader\acrord32.exe" path="*"/>

Checks acrord32.exe file at the partial path reader:

<file name="openssl" path="/bin:/usr/bin:/usr/local/bin"/>

Checks the path taking the absolute value.

match

Parses the contents of the file. Returns true, if the file contains the same data as defined in the match criteria. Example: <file name="Ouactrl.ocx" match="2\.0\.0\.0" path="*" />

minversion and maxversion

Checks the file version information only on Windows. Always returns false on UNIX.

If the file version number is greater than or equal to the value specified, the minversion attribute returns true.

if the file version number is less than or equal to the value specified, the maxversion attribute returns true.

Note: The version number is of the form W.X.Y.Z where W, X, Y, and Z are 16-bit numeric values. Combining minversion and maxversion can provide a great deal of flexibility in checking for version ranges. For example,

<file name="QuickTimePlayer.exe" minversion="5.0.2.15" maxversion="5.0.2.15" path="*"/>

<file name="InoRT.exe" minversion=" 7.1.192.0" maxversion=" 7.1.500.0" path="*" />

minmodified and maxmodified

Checks the modified date of file. For example: <file name="ErwDSM.exe" minmodified="2004-10-28T00:00:00Z" maxmodified="2004-10-28T 23:59:59Z" path="*"/>

minfilesize and maxfilesize

Check the size of the file. For example: <file name="BPSyncER.exe" minfilesize="151603" maxfilesize="151603" path="*"/>

Sysinfo Tag

Provide the ability to parse the following Operating System information:

osname

For UNIX, the name derived from the output of uname -s.

For Windows versions, the osname is always Windows.

Example: <sysinfo osname=”HP-UX”/>

osversion

For UNIX, the information to be matched is the equivalent of the output from uname -v.

For Windows, this information is the Microsoft supplied service pack string (for example Service Pack 3).

Example: <sysinfo osversion=”.*Version 6\.3.*”/>

osrelease

For UNIX, this information is the equivalent of the output from uname -r

For Windows, this information is “NT 4.0”, “2000” or “XP”

Example: <sysinfo osrelease=”2\.4\.*/>

platform

For UNIX, the information to be matched is the equivalent of the output from uname -m.

For Windows, the string to match is always “x86”.

Example: <sysinfo platform=”sun4.*”/>

processor

For Solaris, the information to be matched is the equivalent of the output from uname -p.

For HP-UX, the processor is identified as pa-riscX.Y or unknown, where X. Y is one of 1.0, 1.1, 1.2, or 2.0.

For Windows, the string to match is always unknown.

For AIX, the processor is identified as one of RS1, RSC, RS2, 601, 603, 604, 620, 630, A35, RS64II, RS64III, POWER4, mpc7450, POWER5 or unknown.

Linux always lists the processor as unknown.

Example: <sysinfo processor=”sparc”/>

Package Tag

Allows to query the package information from the installed program database.

Windows

This information is available in the following uninstall registry section:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall

Note: Display Name is the value of name in Package tag and Display Version is the value of version in Package tag.

Linux

This information is available in the RPM database.

  • rpm –qa lists the packages installed on the computer. You can use the package name rpm –qi to list the details of the package on SuSe.
HP-UX

This information is available in the system package database.

  • swlist lists the packages installed on the computer.
IBM AIX

This information is available in the system package database.

lslpp -l lists the packages installed on the computer.

Sun Solaris

This information is available in the system package database.

pkginfo –l lists the packages installed on the computer. For example: 

<package name="ca-unicenter-servicedesk"/> <package name="ca-unicenter-servicedesk" version="11.2.0.0"/>

When version and release are specified, both must match.