Skip to main content
Question

Why shannon entropy string function is not visible to me

  • September 22, 2025
  • 2 replies
  • 71 views
AfvanJaffer
Forum|alt.badge.img+5

Hey team!

I have been trying to find a way to check the entropy of the domains through the yara-l rule, I found this strings function - https://cloud.google.com/chronicle/docs/preview/detection-engine/yara-l-2-0-functions/strings-shannon_entropy

 



but it seems I cannot use it in my environment, any idea what is the reason ?

 

2 replies

James_E
Staff
Forum|alt.badge.img+8
  • James_E
  • Staff
  • September 23, 2025

This is an experimental function behind a feature flag. Please reach out to support or your Google Cloud Security representative to get this turned on.

kentphelps
vaskenh
AbdElHafez
vaskenh
Staff
Forum|alt.badge.img+13
  • vaskenh
  • Staff
  • September 23, 2025

Hi ​@AfvanJaffer .  I believe the exact function you reference and describe is actually still in Preview and this might explain why it’s not usable yet, but I am making a bit of an assumption here and would defer to someone who can say definitively.

Edit:  See the guidance from James above!

James_E
AfvanJaffer
AbdElHafez
Terms & ConditionsCookie settingsAccessibility statement
Privacy Policy Terms of Service Gen AI Policy Community Guidelines Cookie Settings

© 2025 Google. All rights reserved.