yara_scan
Description:
[ CCode ( array_length = false , array_null_terminated = true ) ]
[ Version ( since = "1.37.13" ) ]
public YaraDetection[] yara_scan (string path, Cancellable? cancellable = null) throws Error
[ Version ( since = "1.37.13" ) ]
public YaraDetection[] yara_scan (string path, Cancellable? cancellable = null) throws Error
scan a file with the loaded yara rules
Scan a file with the previously loaded Yara rules.
For each matching rule, a yara_detection structure is returned.
The yara_detection structure contains the following fields.
yara_name Path of the file matching a Yara rule.
yara_rule Identifier of the Yara rule which matched against the given file.
This function depends on the feature "libyara". See also feature_available.
Parameters:
| this |
A GuestfsSession object |
| cancellable |
A GCancellable object |
Returns:
|
an array of YaraDetection objects, or NULL on error |