Can one use wildcards in the REGEX string, so you can define a CLASS of devices instead of entering different IDs for every individual device?

All supported versions

In most cases, a wildcard configuration is required in order to monitor a class of Endpoint Devices (thumbdrives, external storage devices, etc).

Below is a DeviceID.exe result for a USB 3.0 device, showing both the ID as read, and the REGEX for that ID as suggested by the tool (To get the Device ID, run the DeviceID.exe tool from command prompt) :

Dev ID: USBSTOR\DISK&VEN_SANDISK&PROD_U3_CRUZER_MICRO&REV_2.18\0000060435096770&0

Regex:  USBSTOR\\DISK&VEN_SANDISK&PROD_U3_CRUZER_MICRO&REV_2\.18\\0000060435096770&0

And here is a REGEX string that shows wildcard for above device with the serial number removed from the REGEX - note that the wildcard format after the last pair of slashes is ".*"

Regex:  USBSTOR\\DISK&VEN_SANDISK&PROD_U3_CRUZER_MICRO&REV_2\.18\\.*

Note that in testing, the single backslash before the period seems to make no difference in the detection - the tool will "see" the DeviceID either way, with or without the single backslash (either "2.18" or "2\.18" to use the above example).

In testing, changes to the DeviceID configuration were updated on the Endpoint Server immediately, and did not require recycling of services to take effect.

For more information on configuring DeviceIDs, including details on how to verify whether the REGEX will match as configured, see this Help Center topic: Using the Windows Device ID utility (broadcom.com).