Hi
I could need some help to get this Extended signature to work, first I’m trying to test it with the descriped procedure using the wscansw.exe, when I run the test it just dont give me any output nor any errors.
This is my signature to test:
<?xml version="1.0" encoding="UTF-8"?><?xml version="1.0" encoding="UTF-8"?>
<Signatures version="1.0" xmlns="http://www.ibm.com/Tivoli/Signatures" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.ibm.com/Tivoli/Signatures signatures.xsd">
<Signature guid="TESTGUID" type="OtherSignature">
<Instance>
<Variable name="IS_INSTALLED" export="true">
<Compare relation="ne" type="string">
<VectorToScalar>
<Vector filter="d:?apps?atlassian-confluence-7.2.0?bin">
<FindFilePathEx name="Tomcat9.exe"/>
</Vector>
</VectorToScalar>
<ValueOf value=""/>
</Compare>
</Variable>
<Condition withVariable="IS_INSTALLED">
<Action do="SKIP" onValue="false"/>
</Condition>
</Instance>
</Signature>
</Signatures>Wandy, there was a previous post on this, did you check the last update in that post?
Also, if it’s an EXE file, the discovered file information should already be available in Reports-> Scanned File Data and signature can be created from there