Group computers dynamically with smart folders

This feature is coming soon in Deep Security 10.

A smart folder is a dynamic group of computers that you define with a saved search query. It finds matching computers each time you click on the group. For example, if you want to view your computers grouped by attributes such as operating system or AWS project tags, you can do this using smart folders.

You create smart folders by defining the following:

  • What to search through (1 - property)
  • How to search (2 - operator)
  • What to search for (3 - value)
Smart folder query

Create a smart folder

  1. Go to Computers > Smart Folders.
  2. Click Create a Smart Folder.

    A default query group is ready for you to edit.

  3. Enter a name for your smart folder.
  4. Select the property from the list.
  5. You can view property descriptions and examples in Properties.
  6. Select the operator that describes how you want to search.
  7. Not all operators are available for every property.
    Operator Description Example usage
    EQUALS The search query will only find computers that are an exact match. A search query for 'Windows' in the Operating System property will not find computers with 'Windows 7' or 'Microsoft Windows'.
    DOES NOT EQUAL The search query will find any computers that are not an exact match. A search query for 'Amazon Linux (64 bit)' in the Operating System property will find all computers other than Amazon Linux 64-bit machines.
    CONTAINS The search query will find any computers that contain the search term. A search query for '203.0.113.' in the IP Address property will find any computers on the 203.0.113.xxx subnet.
    DOES NOT CONTAIN The search query will find any computers that do not contain the search term. A search query for 'Windows' in the Operating System property would find any computers that do not have 'Windows' in their operating system name.
    ANY VALUE The search query will find all computers with the selected property. A search query in the Group Name property would find all computers in that group.
  8. Enter the value that you want matched. If you enter multiple terms in a search query, they will be treated as a single string.
  9. Wildcard characters are not supported for smart folder search queries.
  10. Click Add Rule and repeat steps 4-6 to add rules to the query group as you need.
  11. When you are finished adding rules, click the AND/OR switch for the query group to select whether the conditions of all rules (AND) or of any rules (OR) must be met.
  12. To add a query group, click Add Group and repeat steps 4-6 as you need.

    Adding query groups can help you keep track of computers spanning multiple environments or configurations. For example, you may have Linux computers deployed both on-premises and across various cloud accounts such as AWS, Azure, or vCloud. You can add a query group for local and cloud environments (as shown below) and have them all appear in a single smart folder.

    smart folder hybrid
  13. When you have finished adding groups, click the query group AND/OR switch to select whether the conditions of rules from all query groups (AND) or from any query groups (OR) must be met.
  14. Click Save at the bottom of the page.
The following tips can help you work with your smart folders more effectively:
  • After creating your smart folder, you might realize that you want to edit your search queries to add or remove computers. You can edit your smart folder by double-clicking it.
  • If you find your smart folder’s search query growing in complexity, you can reorder its rules and groups. To do so, move your cursor onto a rule or group until it changes to a 4 way arrow, then drag the rule or group to your desired position.
  • You can use a copy of an existing smart folder as a template for a new smart folder. To do so, right-click on it and select Copy Smart Folder.
If the role associated with your account does not have the required permissions, certain computers may not appear in your Smart Folder or not allow you to edit their properties. For more information, see Roles.

Focus your search using child smart folders

Child smart folders can help refine the view of the computers in your smart folders. A child smart folder effectively functions as a filter, applying a search query to the search results of the parent folder. Child folders can be nested up to two levels deep (parent > child > child).

Perhaps you already have a smart folder for all your Windows computers, but want to look at those running either the 32-bit or 64-bit versions of Windows 7. You can do this by creating a child smart folder for the parent Windows folder that filters for Windows 7, and then creating two child smart folders for the new Windows 7 child folder that filter for 32-bit and 64-bit computers respectively.

child smart folders

Create a child smart folder

  1. Right-click on a smart folder and select Create Child Smart Folder.
  2. Edit your child smart folder's query groups or rules and click Save at the bottom of the page.

Sort your smart folder into subfolders

Applies to AWS computers only.

Using AWS tag keys, smart folders can be further branched into subfolders according to each of the tag key’s values.

AWS tag-based subfolders will replace any existing child folders under the parent folder.
  1. Select the Automatically create sub-folders for each value of a specific AWS tag key: check box located below the smart folder groups.
  2. Enter the AWS tag key whose values you want to build your subfolders from.
  3. Click Save at the bottom of the page.

For more information on AWS tags, see Amazon's guide on Tagging Your Amazon EC2 Resources.

AWS tag values that are no longer used might still show up as empty subfolders in your smart folder. To remove them, right-click on the smart folder and select Synchronize Smart Folder.

Properties

The following tables describe the properties you can use to match computers, along with usage notes and examples where applicable:

General

Property Match by Notes and examples
Hostname The computer's hostname
Computer Display Name The computer's optional Deep Security display name
Group Name The Deep Security Computers group that a computer belongs to
Operating System The operating system of the computer
IP Address The IP address of the computer You can match either a single IP address or a range of IP addresses.
Policy The Deep Security policy assigned to the computer

 

Activated Whether the computer has been activated by the Deep Security Manager

AWS

Property Match by Notes and examples
Tag The AWS tag assigned to a computer
  • Requires a tag key and a tag value.
  • Tag key is case-sensitive.
Security Group Name The name of the Security Group the computer belongs to
AMI ID The Amazon Machine Image ID of the computer Example: "ami-23c44a56"
Account ID

The 12-digit AWS Account ID associated with the computer

Example: "123456789012"
Account Name The AWS Account Alias associated with the computer
Region ID The AWS region the computer is in Example: "us-east-1"
Region Name The AWS region name a computer is in Example: "US East (Ohio)"
VPC ID The Virtual Private Cloud ID of the computer Example: "vpc-3005e48a"
Subnet ID The Virtual Private Cloud subnet ID of the computer Example: "subnet-b1c2e468"

Azure

Property Match by Notes and examples
Subscription Name The name of the Azure subscription the computer belongs to
Resource Group The name of the Azure resource group the computer belongs to

vCenter

Property Match by Notes and examples
Name The name of the vCenter the computer belongs to
Datacenter The vCenter Datacenter object that the computer belongs to
Folder The vCenter folder that the computer belongs to
Parent ESX Hostname The host name of a computer's parent ESX
Custom Attribute The vCenter custom attribute assigned to the computer Requires an attribute name and attribute value.

vCloud

Property Match by Notes and examples
Name The name of the vCloud the computer belongs to
Datacenter The vCloud Datacenter object that a computer belongs to
vApp The vCloud vApp that the computer belongs to

Folder

Property Match by Notes and examples
Name The name of the Microsoft Active Directory or LDAP directory the computer is in
Folder The Microsoft Active Directory or LDAP folder that the computer is in