Skip to content
This repository has been archived by the owner on Sep 23, 2022. It is now read-only.

Question: Logging Matched String From Yara Rule Matched #18

Open
dfirence opened this issue Jul 14, 2020 · 1 comment
Open

Question: Logging Matched String From Yara Rule Matched #18

dfirence opened this issue Jul 14, 2020 · 1 comment

Comments

@dfirence
Copy link

dfirence commented Jul 14, 2020
edited
Loading

Greetings and Thank You For This AWESOME Tool!

Is it possible to obtain from the Windows Event Log Entry:

  1. the actual string that matched from the Yara Rule that is written?

In the screenshot below, I successfully am matching, but I would like to know how can the matched string be provided in the details.

Writing the Test Yara Rule

image


Successfully Matching in Windows Log

image
@dfirence
Copy link
Author

dfirence commented Aug 4, 2020

Any update, please?

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@dfirence