From 1c19a3a9fe51b450e2d57dcf9dca29c6528b97fc Mon Sep 17 00:00:00 2001
From: Sebastian Garcia <eldraco@gmail.com>
Date: Wed, 24 Jul 2024 22:53:02 +0200
Subject: [PATCH] Update README.md

---
 README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/README.md b/README.md
index d9b24e2..3661fab 100644
--- a/README.md
+++ b/README.md
@@ -18,6 +18,7 @@ python zeek-term.py --foreground --directory . |less -RS
 
 - `--foreground` is to use foreground colors instead of background
 - `--directory` is to set where the Zeek logs are
+- `--filter-conn` is to filter all the conn.log lines which UID is in other Zeek file. Therefore, if a flow produced other log appart from the conn.log, then the conn.log one is ignored. This is good if you want to know which conn.log lines do not have a recognizable protocol and are interesting to see. 
 
 # How it looks like
 <img width="1908" alt="image" src="https://github.com/user-attachments/assets/706b266c-647d-45a4-98a0-d6c4c24320d4">