From fa1d91273eeea7fc7ea683065e8d5f556aaeec5c Mon Sep 17 00:00:00 2001
From: Sam Oehlert <(none)>
Date: Thu, 8 Mar 2018 16:34:21 -0600
Subject: [PATCH] add config section example for nfdump netflow

---
 example_config.json | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/example_config.json b/example_config.json
index dae99c2..be896c7 100644
--- a/example_config.json
+++ b/example_config.json
@@ -32,6 +32,16 @@
             "filename_to_time_regex": "logs/(?P<year>\\d\\d\\d\\d)-(?P<month>\\d\\d)-(?P<day>\\d\\d)/\\w+\\.(?P<hour>\\d\\d):(?P<minute>\\d\\d)",
             "database_root": "/bro/index/notice/",
             "database_path": "$year.db"
+        },
+        {
+            "name": "flows",
+            "backend": "nfdump",
+            "file_glob": "/netflow/data/*/*/*/*/nfcapd.*",
+            "recent_file_glob": "/netflow/data/*/%Y/%m/%d/nfcapd.*",
+            "filename_to_database_regex": "nfcapd.(?P<year>\\d\\d\\d\\d)(?P<month>\\d\\d)(?P<day>\\d\\d)(?P<hour>\\d\\d)(?P<minute>\\d\\d)",
+            "filename_to_time_regex": "nfcapd.(?P<year>\\d\\d\\d\\d)(?P<month>\\d\\d)(?P<day>\\d\\d)(?P<hour>\\d\\d)(?P<minute>\\d\\d)",
+            "database_root": "/opt/flow-indexer/flows/",
+            "database_path": "$year$month$day.db"
         }
     ]
 }