Message Image

Skip main navigation (Press Enter).

Data Loss Prevention

View Only

Back to discussions

Expand all | Collapse all

Using Custom Script Validators in Data Identifiers

Migration UserOct 19, 2012 03:04 PM

If you are not getting the results you expect when using a Custom Script Validator in a Data Identifier ...

Migration UserOct 22, 2012 03:03 PM

Bob, We have a problem on endpoint with regex expressions not working quite right and are using some ...

1. Using Custom Script Validators in Data Identifiers

0 Recommend
Migration User
Posted Oct 19, 2012 03:04 PM

Reply Reply Privately
If you are not getting the results you expect when using a Custom Script Validator in a Data Identifier (e.g. checking a prefix before a match) don't forget to try a different function.

LOOK for the value "FALSE:" before a match - and do NOT create an incident:

$PreValue = getAsciiStringAt($matchPrefix, 0x4, 6);

$TestValue = 'FALSE:';

AssertFalse($PreValue == $TestValue);

The following does NOT work for me...

LOOK for the value "FALSE:" before a match - and do NOT create an incident:

$PreValue = getStringValueAt($matchPrefix, 0x4, 6);

$TestValue = 'FALSE:';

AssertFalse($PreValue == $TestValue);

Don't confuse the functions getStringValueAt() and getAsciiStringAt() like I did... save yourself some time.

Bob.
2. RE: Using Custom Script Validators in Data Identifiers

0 Recommend
Migration User
Posted Oct 22, 2012 03:03 PM

Reply Reply Privately
Bob,

We have a problem on endpoint with regex expressions not working quite right and are using some scripts like this. Is that the same reason you are doing this? The reason I ask is that we may be able to get some more attention paid to endpoint regex engine if you are having the same problem.

Copyright 2019. All rights reserved.

Powered by Higher Logic