Dynamic Node Groups
Traditional node groups within UpGuard have been static in nature - without manual intervention, they would remain exactly as they were created until they were removed. While this is suitable for a number of use cases, they fail to effectively reflect the ever-changing state of many enterprises. To overcome this, we have introduced dynamic node groups: node groups whose members are defined by a pattern, rather than statically assigned. This brings many of the advantages of static node groups, in addition to allowing node groups to grow or shrink as the composition of the enterprise changes.
Creating a Dynamic Node Group
Dynamic node group creation follows the same method as static node group creation, with a single additional step. To begin, hit the “Add Node Group” button from the “Nodes” page.
You will then be presented with the standard node group creation page. To create a dynamic node group, simply enter any valid search query into the “Dynamic Group Query” field. This will cause any nodes that would be returned by that query to be automatically added to the group. Conversely, any nodes that fail to satisfy that query will be removed from the node group.
This can be especially useful in situations such as vulnerability tracking, whereby a rule can be created that matches the vulnerable software version and automatically adds the node initially and removes them when they are patched.
Creating a Node Group with Node Rules
Another option for automatically populating a node group is to use regular expressions. From the node group creation page, open the “Node Rules” field.
In this field, you can input regular expressions, one per line, to match against the names of individual nodes.
For example, to match all nodes that include the string ‘test’ in their names, use the following regular expression:
To only match node names that begin with the string ‘windows’, use the following expression:
To match node names that end with a two-digit number, use the following expression:
Regular expressions are a powerful tool. A complete tutorial is beyond the scope of this documentation, but many resources are available on the Internet.