Hello group, I have a question that neither Google or read the docs can help me with;
I would like to use Yara to search thou in a log-file - e.g; (the content of the file) aka. cat testfile.txt #Time,IP,Command 20170909,1.2.2.2,special_command My yara rule will search for "special_command" (as a normal ascii_string) - my test output with the -s option would be something like; 0x6a3:$ascii_string: special_command However i would like to "see" the 'whole' matching log-line (aka 20170909,1.2.2.2,special_command) like something like; 0x6a3:$ascii_string:20170909,1.2.2.2,special_command Would this be possible with YARA? (currently I am using standard regex, but for preformance issues, would I much like to use YARA (if possible). NB; there can be 100's of matches in the same logfile. Many thanks for any hints/assistance in this matter, MIkael -- You received this message because you are subscribed to the Google Groups "YARA" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
