Users often need to target specific groups of computers for policy deployment based on their network location. While standard filters exist, they frequently lack the precision required for complex environments that rely on both IP subnets and Active Directory (AD) domain membership. This guide demonstrates how to create a SQL-based filter to group managed computers within specific subnet ranges.

ITMS (Symantec Management Platform) 8.x

The requirement for custom filters usually arises because standard "out-of-the-box" filters do not allow for complex JOIN operations between different inventory tables, such as combining vSubnet data with Inv_AeX_AC_Identification (Domain info).

This article provides a technical walkthrough for creating a custom resource filter in ITMS 8.7.x and 8.8.x. By utilizing a Raw SQL query, we bypass the limitations of the standard Filter Builder to correlate computer identity data, TCP/IP inventory, and defined subnets. This ensures that only managed machines within the specified network segments are targeted.

Creating a custom Filter with "Raw SQL" query mode.

Using some of our default reports that are based on IP addresses and Subnets, you can narrow down some of the related tables:

• Use Inv_AeX_AC_Identification to validate machine domain membership.

• Combine vComputer with Inv_AeX_AC_TCPIP and vSubnet for precise targeting.

Construct the Refined Filter Query

1. • Combine vComputer with Inv_AeX_AC_TCPIP and vSubnet for precise targeting.
   • We use a specific set of joins to ensure data integrity. The query below validates that the machine is managed and resides within our specific target subnets.
     
     
     SELECT DISTINCT 
    vc.Guid, 
    vc.Name, 
    vc.[IP Address], 
    ide.Domain,
    sn.Subnet, 
    sn.[Subnet Mask]
FROM vComputer vc
JOIN Inv_AeX_AC_Identification ide ON ide._ResourceGuid = vc.Guid
JOIN Inv_AeX_AC_TCPIP tcp ON vc.Guid = tcp._ResourceGuid
JOIN vSubnet sn ON sn.Subnet = tcp.Subnet AND sn.[Subnet Mask] = tcp.[Subnet Mask]
WHERE sn.Subnet IN (
--Add desires subnets here:
    '10.6.95.0', 
    '10.6.95.128', 
    '10.6.95.144', 
    '10.6.95.160', 
    '10.6.95.176', 
    '10.6.95.192', 
    '10.6.95.200', 
    '10.6.95.208', 
    '10.6.95.224'
)
AND vc.IsManaged = 1

Create the Filter in SMP Console

1. Go to Manage > Filters.

2. Create a New Filter.

3. Set the Filter Definition dropdown specifically to Query Mode: Raw SQL.

   

4. Paste the SQL query into the text area under "Filter Definition section > Parameterized Query" tab.

5. Click Save changes at the top right of the filter page.

6. Click Update membership to execute the query and populate the list.

7. Note: The columns displayed in the Filter Membership section (Name, Domain, OS, etc.) are hardcoded by the console. Even though our SQL selects sn.Subnet, it will not appear as a column in this view.

NOTE:
You can take a look at the "Subnets with Affiliated Sites" report for an idea of all known subnets by the SMP Server and double-click on one of those Subnets to see what computers are falling on it.

1. Pre-Validation: Review Known Subnets

Before building the filter, check what the SMP server actually "sees" in your environment.

1. Navigate to Reports > Notification Server Management > Server > Subnets and Sites Info.

2. Run the report Subnets with Affiliated Sites.

3. Use this to verify the Subnet and Subnet Mask strings you intend to use in your SQL.

2. Deep Dive Validation

1. In the report results, double-click a specific subnet (e.g., 10.0.95.0).

2. This opens the Computers in Specified Subnet report, showing exactly which machines are currently mapped to that range.