Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Yara tag modification #6

Closed
WilliamSalusky opened this issue Aug 29, 2012 · 1 comment
Closed

Yara tag modification #6

WilliamSalusky opened this issue Aug 29, 2012 · 1 comment
Assignees
@awick
Labels
enhancement

Comments

@WilliamSalusky
Copy link
Collaborator

When a yara rule fires the rule name is stored as a standalone tag. Can it be modified to be stored as 'yara:${yara_rulename}', so that I can search for tags == "yara:*"

Additionally, yara rules support its own tags that would make groups of rules easier to search.

ex.
rule yara_rulename: TAG1 TAG2 TAG3
{
blah
}

Can you work with that?
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@awick awick

Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@WilliamSalusky @awick