.\"Text automatically generated by txt2man
.TH YARAC "1"  "Jan 2014" "YARAC 2.0" "compile rules to yara"
.SH NAME
\fByarac \fP- compile rules to yara
.SH SYNOPSIS
.nf
.fam C
\fByarac\fP [OPTION]\.\.\. [RULE_FILE]\.\.\. \fIOUTPUT_FILE\fP
.fam T
.fi
.fam T
.fi
.SH DESCRIPTION
To invoke YARA you will need two things: a file with the rules you want to
use (either in source code or compiled form) and the target to be scanned.
The target can be a file, a folder, or a process.
.PP
Rule files can be passed directly in source code form, or can be previously
compiled with the \fByarac\fP tool. You may prefer to use your rules in compiled
form if you are going to invoke YARA multiple times with the same rules.
This way you’ll save time, because for YARA is faster to load compiled rules
than compiling the same rules over and over again.
.PP
The rules will be applied to the target specified as the last argument to YARA,
if it’s a path to a directory all the files contained in it will be scanned.
.SH OPTIONS
.TP
.B
\fB-d\fP <identifier>=<value>
define external variable.
.TP
.B \-w " --no-warnings"
Disable warnings.
.TP
.B "    --fail-on-warnings"
Treat warnings as errors. Has no effect if used with
.B --no-warnings.
.TP
.B \-v " --version"
Show version information.
.SH EXAMPLE
The \fB-d\fP is used to define external variables. For example:
.PP
\fB-d\fP flag=true
.PP
\fB-d\fP beast=666
.PP
\fB-d\fP name="James Bond"
.SH SEE ALSO
\fByara\fP(1)
.SH AUTHOR
\fByarac\fP was written by Victor M. Alvarez <vmalvarez@virustotal.com>.
This manual page was written by Joao Eriberto Mota Filho <eriberto@eriberto.pro.br> for the Debian project (but may be used by others).