List of Operators

Last updated
Save as PDF

The Rule Builder allows you to create rules for your Client policy. A Client policy rule includes an operator as one of its elements.

The Value rule element, referred to as the comparative value in the table below, is evaluated against the value of the criteria. This comparison is determined by the specified operator.

For example, in the rule above, the comparative value is a list of domains. The list is named AI-ML Domains. The value of the Domains criteria is also a list of domains. Both lists are compared to see if they overlap.

The following table lists and describes the operators that are available in alphabetical order.

Operator	Description
contains	The value of the criteria is a list of items, and the comparative value, which is a single item or a list, is also an item of the criteria list. Example 1: A list of social media sites contains facebook.com A rule with elements configured like this applies if the social media sites list includes facebook.com as an item. Example 2: A list of domains (AI-ML_Domains_List) contains dalle.openai.com, chatgpt.openai.com A rule with elements configured like this applies if the AI-ML_Domains_list includes dalle.openai.com and chatgpt.openai.com items. The opposite of the contains operator is contains not.
contains not	The value of the criteria is a list of items, and the comparative value, which is a single item or a list, is not an item of the criteria list. Example 1: A list of social media sites contains not facebook.com A rule with elements configured like this applies if the social media sites list does not include facebook.com as an item. Example 2: A list of domains (AI-ML_Domains_List) contains not dalle.openai.com, chatgpt.openai.com A rule with elements configured like this applies if the AI-ML_Domains_list does not include dalle.openai.com, chatgpt.openai.com items. The opposite of the contains not operator is contains.
matches	The value of the criteria matches the regex term that is the comparative value. Examples: *URL matches ..skyhighsecurity.com** and Url Path matches .v2. Rules with elements configured like this apply, for example, if the value of URL is https://auth.ui.skyhighsecurity,com or if the value of Url Path is /v2/test. The opposite of the matches operator is does not match.
does not match	The value of the criteria does not match the regex term that is the comparative value. Example: *URL does not match ..skyhighsecurity.com** A rule with elements configured like this applies, for example, if the value of URL is https://trellix.com. The opposite of the does not match operator is matches.
is	The value of the criteria is the same as the comparative value. Example 1: Private Application is true. A rule with elements configured like this applies if the value of Private Application is true. Example 2: Destination Domain is Google.com A rule with elements configured like this applies if the value of Destination Domain is Photos.google.com The opposite of the is operator is is not.
is not	The value of the criteria is not the same as the comparative value. Example: Private Application is not true. A rule with elements configured like this configured applies if the value of the Private Application criteria is false. The opposite of the is not operator is is.
overlaps	The value of the criteria and the comparative value are both lists of items, and at least one item is included in both lists. Example: Domains overlaps AI-ML Domains A rule with elements configured like this applies if at least one of the items in the Domains list is also included in the AI-ML Domains list. The opposite of the overlaps operator is is disjoined.
is disjoined	The value of the criteria and the comparative value are both lists of items, and no item is included in both lists. Example: Domains is disjoined AI-ML Domains A rule with elements configured like this applies if none of the items in the Domains list is included in the AI-ML Domains list. The opposite of the is disjoined operator is overlaps.
is in	The value of the criteria is a single item, and it is included in the list of items that is the comparative value. Example: User Name is in Global Blocked User Names A rule with elements configured like this applies if the value of User Name is, for example, John Doe, and this name is an item in the Global Blocked User Names list. The opposite of the is in operator is is not in.
is not in	The value of the criteria is a single item, and it is not included in the list of items that is the comparative value. Example: User Name is not in Global Blocked User Names A rule with elements configured like this applies if the value of User Name is, for example, John Doe, and this name is not an item in the Global Blocked User Names list. The opposite of the is not in operator is is in.
is subset	The value of the criteria and the comparative value are both lists of items, and all items of the criteria list are included in the list of the comparative value. Example: Domains is subset AI-ML Domains A rule with elements configured like this applies if all items in the Domains list are included in the AI-ML Domains list. The opposite of the is subset operator is is not subset.
is subset	NOTE: For Domains criteria, it is recommended to use the overlap operator, as not all items in the criteria list may match the comparative value.
is not subset	The value of the criteria and the comparative value are both lists of items, and at least one of the items in the criteria list is not included in the list of the comparative value. Example: Domains is not subset AI-ML Domains A rule with elements configured like this applies if at least one item in the Domains list is not included in the AI-ML Domains list. The opposite of the is not subset operator is is subset.