Documentation
¶
Overview ¶
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Index ¶
Constants ¶
const ( RuleFolderPathIsNotAbsMsg = "rules folder is not an absolute path" IndexFilePathIsNotAbsMsg = "rules index file is not an absolute path" IndexFilePathIsNotAbsEitherMsg = "rules index file is not an absolute path either" IndexOrRuleFolderPathRequiredMsg = "either rules folder or index file is required" WrongMetadataFieldMsg = "wrong metadata entry %s has no value" KeywordsNotMeetMsg = "metadata keyword %s not found while processing the rule" RulesManagerInitFailedMsg = "while initiating the rules manager got" IndexFileUsedMsg = "loading rules using index %s file" RulesFolderUsedMsg = "loading rules from directory %s" TimeElapsedLoadingRulesMsg = "loaded %d rules without errors in %fs" WhileLodingRulesByIndexMsg = "while loading rules from the index file got" WhileLodingRulesByFolderMsg = "while loading rules from the directory got" CleanUpRuleMsg = "while removing comments from loaded rules got" ReadRuleFileFailedMsg = "could not read the yara rule %s, because" ReadRulesFolderFailedMsg = "could not read rules directory, because" WhileReadingFileMsg = "while reading file got" )
Variables ¶
var ( ErrRuleFolderPathIsNotAbs = errors.New(RuleFolderPathIsNotAbsMsg) ErrIndexFilePathIsNotAbs = errors.New(IndexFilePathIsNotAbsMsg) ErrIndexOrRuleFolderPathRequired = errors.New(IndexOrRuleFolderPathRequiredMsg) )
Functions ¶
func GetRuleMetaInfo ¶
GetRuleMetaInfo returns the rule metadata
Types ¶
type Config ¶
type Config struct {
// RulesIndex path to a Yara rule index
RulesIndex string
// RulesFolder path to a directory with a set of Yara rules
RulesFolder string
// Vars vaiables used for overwriting values in the Yara rules meta section
Vars map[string]string
}
Config rules internal configuration
type Manager ¶
type Manager struct {
// Config manger's configuration most of its values come from the arguments
// or configuration file
Config *Config
// RawRules store all Yara rules
RawRules []string
}
Manager stores the rules and manages everything related with rules
func NewManager ¶
NewManager returns a new rules manager
func (*Manager) GetRawRules ¶
GetRawRules returns the loaded rules in raw format
Source Files