NewRegex creates a new regex function.

IndexAny.

BaseFn represents the BASE function.

Bool represents the boolean argument type.

CIDRContainsFn identifies the CIDR_CONTAINS function.

ConcatFn represents the CONCAT function.

DirFn represents the DIR function.

EntropyFn represents the ENTROPY function.

ExtFn represents the EXT function.

Field represents the argument type that is derived from the field literal.

Index.

Func represents the argument type that is derived from the function return value.

GetRegValueFn represents the GET_REG_VALUE function.

GlobFn represents the GLOB function.

IndexOfFn represents the INDEXOF function.

IP represents the IP argument type.

IsAbsFn represents the IS_ABS function.

IsMinidumpFn represents the ISMINIDUMP function.

LastIndexAny.

LastIndex.

LengthFn represents the LENGTH function.

LowerFn represents the LOWER function.

LtrimFn represents the LTRIM function.

MD5Fn represents the MD5 function.

Number represents the scalar argument type.

RegexFn represents the REGEX function.

ReplaceFn represents the REPLACE function.

RtrimFn represents the RTRIM function.

Shannon computes the string entropy by employing the Shannon algorithm.

Slice represents the string slice argument type.

SplitFn represents the SPLIT function.

String represents the string argument type.

SubstrFn represents the SUBSTR function.

SymlinkFn represents the SYMLINK function.

Unknown is the unknown argument type.

UpperFn represents the UPPER function.

VolumeFn represents the VOLUME function.

YaraFn represents the YARA function.

Base returns the last element of the path.

CIDRContains determines if the specified IP is contained within the block referenced by the given CIDR mask.

Concat returns a concatenated string of all input arguments.

Dir returns all but the last element of the path, typically the path's directory.

Entropy measures the string entropy.

Ext returns the file name extension used by the path.

FunctionArgDesc described each function argument.

FunctionDesc contains the function signature that particular filter function has to satisfy.

GetRegValue retrieves the content of the registry value.

Glob returns the names of all files matching the pattern or an empty list if there is no matching file.

IndexOf returns the index of the instance of substring in a given string depending on the provided search order.

IsAbs reports whether the path is absolute.

IsMinidump determines if the specified file contains the minidump signature.

Length returns the number of characters (runes) for string arguments and the size of the slice for slice arguments.

Lower converts the string with all Unicode letters mapped to their lower case.

Ltrim trims the specified prefix from a string.

MD5 computes the MD5 hash of the given value.

Regex applies single/multiple regular expressions on the provided string arguments.

Replace replaces occurrences in the string as given by arbitrary old/new replacement pairs.

Rtrim trims the specified suffix from a string.

Split produces a slice of substrings separated by the given delimiter.

Substr creates a substring of a given string.

Symlink returns the path name after the evaluation of any symbolic links.

Upper converts the string with all Unicode letters mapped to their upper case.

Volume returns leading volume name.

Yara unsupported function.

ArgsValidation is a function for the custom argument validation logic.

ArgType is the type alias for the argument value type.

Fn is the type alias for function definitions.

IndexPosition is the type alias for the string position search order.