User Groups (RSSO) - RADIUS Attribute Value. How to match on parts of the contents?

I'm using Aruba ClearPass to send accounting records to a FortiGate by sending the Roles of the authenticated user - this all works.  However, this information contains multiple entries:

FG800C-264 $ diag rsso query ip 172.27.0.12 Receive IPC query for vd 0:root.  Using vd server 0:root [size="1"]DB 0 find [ep='John' pg='Allowed-Device, School-Operations-Role, School-Programs-Role, [User Authenticated]' ip='172.27.0.12'] match[/size] Endpoint: John [size="1"]    RSSO Key: [style="background-color: #ffff00;"]Allowed-Device, School-Operations-Role, School-Programs-Role, [User Authenticated][/style][/size]     IP Addresses:         IP: 172.27.0.12, Time left (hh:mm:ss): 07:59:59 ** [size="1"]DB 0 find all [ep='John' pg='n/a' ip=''] match[/size] [size="1"]vd=0 Query reply ip[172.27.0.12] ep[] prof[][/size] Querying IP '172.27.0.12'

I need to create a User Group RSSO that will match on the RADIUS Attribute Value if it contains "School-Programs-Role".  I don't care about the other information.  If I just specify School-Programs-Role, it doesn't match - seems to be an exact match only.  Is there a way to do this?

Thanks!