Giters

VirusTotal / yara-python

The Python interface for YARA

Home Page:http://virustotal.github.io/yara/

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

How to add the match file path name to the callback function argument?

YahuiWong opened this issue · comments

commented

Here is an example:

import yara

def mycallback(data):
  print(data)
  return yara.CALLBACK_CONTINUE

matches = rules.match('/foo/bar/my_file', callback=mycallback, which_callbacks=yara.CALLBACK_MATCHES)
The passed dictionary will be something like this:

{
  'tags': ['foo', 'bar'],
  'matches': True,
  'namespace': 'default',
  'rule': 'my_rule',
  'meta': {},
  'strings': [(81L, '$a', 'abc'), (141L, '$b', 'def')]
}

How to add the match file path name to the callback function argument?
The passed dictionary will be something like this:

{
  'file_path':'/foo/bar/my_file',
  'tags': ['foo', 'bar'],
  'matches': True,
  'namespace': 'default',
  'rule': 'my_rule',
  'meta': {},
  'strings': [(81L, '$a', 'abc'), (141L, '$b', 'def')]
}