New flow event: 'analysis'.

 * The goal was to provide a separate event for extracted feature that are not required
   and only useful for a few (e.g. someone who wants do ML).
 * Increased network buffer size to 32kB (8192 * 4).
 * Switched timestamp precision from ms to us for *ALL* timestamps.

Signed-off-by: Toni Uhlig <matzeton@googlemail.com>

1 files changed, 5 insertions, 4 deletions

diff --git a/README.md b/README.md
index c546a4eb3..2187a0f24 100644
--- a/README.md
+++ b/README.md
@@ -109,10 +109,11 @@ Flow Events: all events related to a flow
  2. end: a TCP connections terminates
  3. idle: a flow timed out, because there was no packet on the wire for a certain amount of time
  4. update: inform nDPIsrvd or other apps about a long-lasting flow, whose detection was finished a long time ago but is still active
- 5. guessed: `libnDPI` was not able to reliable detect a layer7 protocol and falls back to IP/Port based detection
- 6. detected: `libnDPI` sucessfully detected a layer7 protocol
- 7. detection-update: `libnDPI` dissected more layer7 protocol data (after detection already done)
- 8. not-detected: neither detected nor guessed
+ 5. analyse: provide some information about extracted features of a flow (disabled per default, enabled with `-A`)
+ 6. guessed: `libnDPI` was not able to reliable detect a layer7 protocol and falls back to IP/Port based detection
+ 7. detected: `libnDPI` sucessfully detected a layer7 protocol
+ 8. detection-update: `libnDPI` dissected more layer7 protocol data (after detection already done)
+ 9. not-detected: neither detected nor guessed
 
 
 # Flow States