1YARAC(1)                     compile rules to yara                    YARAC(1)
2
3
4

NAME

6       yarac - compile rules to yara
7

SYNOPSIS

9       yarac [OPTION]... [RULE_FILE]... OUTPUT_FILE
10

DESCRIPTION

12       To invoke YARA you will need two things: a file with the rules you want
13       to use (either in source code or compiled form) and the  target  to  be
14       scanned.  The target can be a file, a folder, or a process.
15
16       Rule files can be passed directly in source code form, or can be previ‐
17       ously compiled with the yarac tool. You may prefer to use your rules in
18       compiled  form  if you are going to invoke YARA multiple times with the
19       same rules.  This way you’ll save time, because for YARA is  faster  to
20       load compiled rules than compiling the same rules over and over again.
21
22       The  rules will be applied to the target specified as the last argument
23       to YARA, if it’s a path to a directory all the files  contained  in  it
24       will be scanned.
25

OPTIONS

27       -d <identifier>=<value>
28              define external variable.
29
30       -w  --no-warnings
31              Disable warnings.
32
33           --fail-on-warnings
34              Treat  warnings as errors. Has no effect if used with --no-warn‐
35              ings.
36
37       -v  --version
38              Show version information.
39

EXAMPLE

41       The -d is used to define external variables. For example:
42
43       -d flag=true
44
45       -d beast=666
46
47       -d name="James Bond"
48

SEE ALSO

50       yara(1)
51

AUTHOR

53       yarac was written  by  Victor  M.  Alvarez  <vmalvarez@virustotal.com>.
54       This  manual  page  was  written  by  Joao  Eriberto  Mota Filho <erib‐
55       erto@eriberto.pro.br> for the Debian project (but may be used  by  oth‐
56       ers).
57
58
59
60YARAC 2.0                          Jan 2014                           YARAC(1)