I’m trying to create an analysis of log4j files in the recycle bin, however, using regex in BigFix did not search the files.
What I’m doing is the following:
exists descendants whose (name of it as lowercase = regex “(.*jar)” ) of folders whose (name of it as lowercase contains “recycler” or name of it as lowercase contains “recycle.bin”) of folder "C:"
it will return True if I have files in the recycle bin with the extension .jar, however, what I need is to search files like log4j-1.2.16.jar and return true or false.
I already tried with a basic regex but it did not work in BigFix.
You should use the Logpresso Scan Utility to search everywhere for Log4j, and it will find Log4j in places other than just the JAR files that contain the name Log4j. If you are only looking for files with names containing Log4j then you are missing a lot of instances of it. You can find the bigfix task to automate this in the bes inventory and license site, or on my github. Read more here:Log4j CVE-2021-44228, CVE-2021-45046 Summary Page
Also, for the relevance, you would want (name of it as lowercase ends with ".jar"). You can do RegEx with BigFix but I don’t know that your syntax is correct.
Why are you interested in scanning ONLY the recycle bin?
If you do this, make sure you put it in an analysis property that only evaluates like once every 12 hours, otherwise it is a burden on your clients.
