< seph> Hi Do you know if it s possible to bind yara table t osquery #general

<@U7QP20JQH> Hi. Do you know if it's possible to b...

slevchenko

01/28/2022, 3:45 PM

@seph Hi. Do you know if it's possible to bind yara table to

bpf_process_events

instead of a

file_events

? Idea is to scan

path

of a process if such process has valid path

seph

01/31/2022, 2:13 AM

Not sure, I don’t use yara much

2 Views