Contents
Contents
Filtering and searching YARA rules
To filter or search for YARA rules by required criteria:
- In the window of the program web interface, select the Custom rules section, YARA subsection.
This opens the YARA rule table.
- Depending on the filtering criterion, do the following:
- By creation time
- Click the Created link to open the filter settings window.
- Select one of the following options:
- Any time if you want the table to display rules created at any time.
- Last hour if you want the table to display rules that were created during the last hour.
- Last day if you want the table to display rules that were created during the last day.
- Custom range if you want the table to display templates that were created during the specified period.
- By rule name
- Click the Rule name link to open the filtering menu.
- In the drop-down list, select one of the following filtering operators:
- Contains
- Does not contain
- In the text box, type the name of the rule or a sequence of characters from the name of the rule.
- Click Apply.
- By file name
- Click the File name link to open the filtering menu.
- In the drop-down list, select one of the following filtering operators:
- Contains
- Does not contain
- In the entry field, type the name of the file or a sequence of characters from the name of the file.
- Click Apply.
- By the name of the user who uploaded the rules file
- Click the Created by link to open the filtering menu.
- In the drop-down list, select one of the following filtering operators:
- Contains
- Does not contain
- In the text box, type the user name or a sequence of characters from the user name.
- Click Apply.
- By rule state
- Click the Traffic scan link to expand the filter settings list.
- Select one of the following options:
- All
- Enabled
- Disabled
- By creation time
The table displays only rules that match the specified criteria.
You can use multiple filters at the same time.
|
See also Configuring YARA rule table display |