Examples

When running on a live interface, uee the following basic options: yaids -i <interface> -y <path/to/compiled/yara/rules>.

To process an exiisting PCAP file, use the following basic options: yaids -r <path/to/pcap/file> -y <path/to/compiled/yara/rules>.