YARA
Schema-driven detector documentation.
YARAactiveP17 params3 examples
Detector Metadata
Capability catalog entry from
all_detectors.json.Categories
THREATSECURITY
Supported Asset Types
TXTTABLEURLBINARY
Recommended Model
yara-pythonParameters
Configuration parameters for the YARA detector. Shared from `ThreatDetectorConfig`.
| Parameter | Type | Required | Description | Default | Constraints |
|---|---|---|---|---|---|
| enabled_patterns | array | No | YARA rule names to enable | — | — |
| enabled_patterns[] | string | No | — | — | — |
| severity_threshold | enum | null | No | Minimum severity to report | null | — |
| confidence_threshold | number | No | Minimum confidence to report (0-1) | 0.7 | min 0, max 1 |
| max_findings | integer | null | No | Maximum number of findings to return | null | — |
| rules_path | string | No | Path to custom YARA rules directory | — | — |
| timeout | integer | No | Timeout for YARA scanning in seconds | 60 | — |