Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var (
ErrMatchedCondition = errors.New("matched exit criteria")
)
Functions ¶
func CachedRules ¶ added in v1.5.0
func Diff ¶
func Diff(ctx context.Context, c malcontent.Config) (*malcontent.Report, error)
func Scan ¶
func Scan(ctx context.Context, c malcontent.Config) (*malcontent.Report, error)
Scan YARA scans a data source, applying output filters if necessary.
Types ¶
type FileReportError ¶ added in v1.8.5
type FileReportError struct {
// contains filtered or unexported fields
}
FileReportError is a custom error type to hold the error, path, and vanity reason.
func NewFileReportError ¶ added in v1.8.5
func NewFileReportError(err error, path string, reason ErrorType) *FileReportError
NewFileReportError returns a new FileReportError.
func (*FileReportError) Error ¶ added in v1.8.5
func (e *FileReportError) Error() string
func (*FileReportError) Is ¶ added in v1.8.5
func (e *FileReportError) Is(target error) bool
func (*FileReportError) Path ¶ added in v1.8.5
func (e *FileReportError) Path() string
func (*FileReportError) Type ¶ added in v1.8.5
func (e *FileReportError) Type() ErrorType
func (*FileReportError) Unwrap ¶ added in v1.8.5
func (e *FileReportError) Unwrap() error
type ProcessInfo ¶ added in v1.2.0
type ProcessInfo struct {
PID int32
PPID int32
Name string
ScanPath string
AdvertisedPath string
CmdLine []string
}
func ActiveProcesses ¶ added in v1.2.0
func ActiveProcesses(ctx context.Context) ([]*ProcessInfo, error)
ActiveProcesses is an exported function that a list of active processes.
Source Files
Click to show internal directories.
Click to hide internal directories.