<!-- 检查使用公司外部打印机打印的行为 --> <group name="天擎"> <rule id="100020" level="5"> <decoded_as>json</decoded_as> <description>TianQing</description> <field name="version" type="pcre2">(*UTF)天擎*</field> <field name="log_name" type="pcre2">(*UTF)打印审计</field> <field name="content.printer" type="pcre2">^(?!.*BEI001|PDF|HP LaserJet Pro MFP M435 PCL 6|Generic C405-0iSeriesPCL|Zenpert 4T530)</field> </rule> </group>