From b41794f6a9c8597f4359f02ed4c3a55e75e204c0 Mon Sep 17 00:00:00 2001 From: Henri DF Date: Sun, 21 Feb 2016 20:31:33 -0800 Subject: [PATCH] Update README.md --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 0a01215e..47440219 100644 --- a/README.md +++ b/README.md @@ -52,6 +52,8 @@ interactive: proc.pname = bash or proc.pname = sshd write and interactive and fd.name contains sysdig write and interactive and fd.name contains .txt ``` +(Note: compared to the syntax in the page referenced above, this is missing the output spec (`.. | `). This part is not implemented yet. Stay tuned...) + Let's assume you called that file rules.txt. Now you can run digwatch like so: