yara

package
v1.4.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 25, 2021 License: Apache-2.0 Imports: 4 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Scanner 

type Scanner interface {
	// ScanProc scans process memory.
	ScanProc(pid uint32, kevt *kevent.Kevent) error
	// ScanFile scans the specified file in the file system.
	ScanFile(filename string, kevt *kevent.Kevent) error
	// Close disposes any resources allocated by scanner.
	Close()
}

Scanner watches for certain kernel events such as process creation or image loading and triggers the scanning either of the target process or image file. If matches occur, an alert is emitted via specified alert sender.

func NewScanner 

func NewScanner(psnap ps.Snapshotter, config config.Config) (Scanner, error)

NewScanner returns unsupported scanner error.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.