FireEye Check Types
FireEye compliance checks use one of three check types. The following is the general syntax for an audit:
description: "Specific user privs"
info: "Expect to fail on running config since not all username lines match"
regex: "username .+"
expect: "username egossell capability admin"