I’m trying to create a relevance to determine if the current version of the mcafee AV dat is older than 5 days. I have two statements, that return the data I want, but I dont know how to compare them. My goal is to create a automatic group that contains these computers, and then create a report that is emailed every day, so they can be remediated.
The first statement looks in the registry, and grabs the dat date. The second determines the current date. In english, I want the relevance to = TRUE, if the dat date is older than today’s date, minus 5 days.
If there is a better way to do this, I’m open for suggestions. I cruised the forum and could not find the answer to this one. THanks in advance for any help you can provide.
Q: if (exists key “HKEY_LOCAL_MACHINE\SOFTWARE\Network Associates\TVD\VirusScan Enterprise\CurrentVersion” of registry) then (if (value whose (name of it = “szVirDefDate” OR name of it = “datDate”) of key “HKEY_LOCAL_MACHINE\SOFTWARE\Network Associates\TVD\VirusScan Enterprise\CurrentVersion” of registry as string) contains “.” then (following text of last “.” of (value whose (name of it = “szVirDefDate” OR name of it = “datDate”) of key “HKEY_LOCAL_MACHINE\SOFTWARE\Network Associates\TVD\VirusScan Enterprise\CurrentVersion” of registry as string)) else (value whose (name of it = “szVirDefDate” OR name of it = “datDate”) of key “HKEY_LOCAL_MACHINE\SOFTWARE\Network Associates\TVD\VirusScan Enterprise\CurrentVersion” of registry as string)) else if (exists key “HKEY_LOCAL_MACHINE\Software\McAfee\AVEngine” of registry) then (value “AVDatDate” of key “HKEY_LOCAL_MACHINE\Software\McAfee\AVEngine” of registry as string) else “No Virus Definition Version”
A: 2009/06/24
Q: year of date (local time zone) of now as string & “/” & (month of date (local time zone) of now) as two digits & “/” & day_of_month of date (local time zone) of now as two digits as string
Here is a modified version that handles your 5 day question plus takes the slashes into account:
current date - date (( last 2 of it & " " & first 3 of (month (last 2 of first 7 of it as integer) as string) & " " & first 4 of it) of “2009/06/24”) >= 5 * day
Now, let’s pull out the date so it can be replaced by your massive if/then/else query:
(current date - date (( last 2 of it & " " & first 3 of (month (last 2 of first 7 of it as integer) as string) & " " & first 4 of it) of it) >= 5 * day) of “2009/06/19”
You can then just replace “2009/06/19” with any expression that returns that result. However, you will have to add some error handling if you want to handle the “No Virus Definition Found” case.
Thanks a bunch, this worked great! Here is what I have now and it’s working (testing now!):
Q: (current date - date (( last 2 of it & " " & first 3 of (month (last 2 of first 7 of it as integer) as string) & " " & first 4 of it) of it) >= 5 * day) of (if (exists key “HKEY_LOCAL_MACHINE\SOFTWARE\Network Associates\TVD\VirusScan Enterprise\CurrentVersion” of registry) then (if (value whose (name of it = “szVirDefDate” OR name of it = “datDate”) of key “HKEY_LOCAL_MACHINE\SOFTWARE\Network Associates\TVD\VirusScan Enterprise\CurrentVersion” of registry as string) contains “.” then (following text of last “.” of (value whose (name of it = “szVirDefDate” OR name of it = “datDate”) of key “HKEY_LOCAL_MACHINE\SOFTWARE\Network Associates\TVD\VirusScan Enterprise\CurrentVersion” of registry as string)) else ((last 4 of it & “/” & first 2 of (month (first 3 of it as string) as two digits) & “/” & first 2 of last 7 of it) of (value “szVirDefDate” of key “HKEY_LOCAL_MACHINE\SOFTWARE\Network Associates\TVD\VirusScan Enterprise\CurrentVersion” of registry as string))) else if (exists key “HKEY_LOCAL_MACHINE\Software\McAfee\AVEngine” of registry) then (value “AVDatDate” of key “HKEY_LOCAL_MACHINE\Software\McAfee\AVEngine” of registry as string) else “No Virus Definition Version”)