Cloverleaf 20.1 – External commands on exec alert do not need full path

Is anyone familiar with how to configure an Alert using EXEC for v20.1?

The release notes imply that you no longer need the full path, but this is not working for me. I still have to use the full path like this (I’ve added PS to the Command Whitelist).

C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe “&{D:\Qdx_work\Custom_Scripts\CloverleafInterfaceRecycle.ps1}”

After reading the release notes, I’m thinking I don’t have to enter the full path of PowerShell; IE: D:\Qdx_work\Custom_Scripts\CloverleafInterfaceRecycle.ps1

I tried adding the PowerShell location to the environment PATH and rebooted, but I cannot enter the shortened EXEC in the alert. It will not fire. Am I misunderstanding the release notes, or missing a configuration?

Here are the Release Notes:

Changing each “exec” alert so that there is the full path is cumbersome when there are many alerts.

However, this is required for CIS 19.1 and newer, due to the Security Whitelist feature.

Global variables can now be added to the whitelist. This requires the user to update the command path

in one place instead of the previous scheme that required each entry to be updated.

The external command must first be added to the whitelist, and then it must be added to one of the

env PATH folder.

There is no more requirement to add a full path for external commands when configuring an alert.