Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update the YARA docs to explain recent functionality changes #7110

Closed
directionless opened this issue May 17, 2021 · 2 comments · Fixed by #7172
Closed

Update the YARA docs to explain recent functionality changes #7110

directionless opened this issue May 17, 2021 · 2 comments · Fixed by #7172
Assignees
@mike-myers-tob
Labels
documentation good-first-issue Well defined easy issue. Good for the beginning contribution.

Comments

@directionless
Copy link
Member

The YARA docs at https://osquery.readthedocs.io/en/stable/deployment/yara are quite out of date.

  1. They reference pattern which has long since been replaced by LIKE on path
  2. They're missing sigrule
  3. They're missing sigurl
@directionless directionless added documentation good-first-issue Well defined easy issue. Good for the beginning contribution. labels May 17, 2021
@nmeocisco
Copy link
Contributor

nmeocisco commented Jun 17, 2021
edited
Loading

I just noticed that the yara table is available on Windows, but the documentation says it is only for MacOS and Linux.
https://osquery.io/schema/4.8.0/#yara

@directionless
Copy link
Member Author

I just noticed that the yara table is available on Windows, but the documentation says it is only for MacOS and Linux.
https://osquery.io/schema/4.8.0/#yara

This was fixed in a recent change to the website generation tools. The 4.9.0 release should reflect that

@mike-myers-tob mike-myers-tob changed the title YARA docs are out of date Update the YARA docs to explain recent functionality changes Jun 23, 2021
@mike-myers-tob mike-myers-tob self-assigned this Jun 23, 2021
@mike-myers-tob mike-myers-tob mentioned this issue Jun 23, 2021
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mike-myers-tob mike-myers-tob

Labels
documentation good-first-issue Well defined easy issue. Good for the beginning contribution.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Docs: bring the YARA wiki page up to date trailofbits/osquery
3 participants
@directionless @mike-myers-tob @nmeocisco