From 97e2d2c8aaaa2c869dd15fb14d7e28e29e0fde22 Mon Sep 17 00:00:00 2001
From: Koen Van Impe <koen.vanimpe@cudeso.be>
Date: Fri, 16 Jul 2021 16:25:03 +0200
Subject: [PATCH] Update README.md

---
 README.md | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/README.md b/README.md
index c7f006c..726c538 100644
--- a/README.md
+++ b/README.md
@@ -25,6 +25,22 @@ If you don't want to run your own local server, you can use and test [hashlookup
 
 CIRCL hashlookup service only gives details about known files appearing in specific database(s). This gives you context and information about file hashes which can be discovered during investigation or digital forensic analysis.
 
+# Installation
+
+- Make sure kvrocks is installed
+- Download the [NSRL files](https://www.nist.gov/itl/ssd/software-quality-group/national-software-reference-library-nsrl/nsrl-download/current-rds)
+- In **bin/run.sh** point to where kvrocks is installed
+- - For example "/home/ubuntu/kvrocks/src/kvrocks -c /home/ubuntu/hashlookup-server/etc/kvrocks.conf"
+- In **kvrocks.conf** change
+- - **dir** to where you want to store the database
+- - update **pidfile** **backup-dir** and **log-dir**
+- in **import.py** : point to where you stored the NSRL downloaded files
+- statistics are kept in stat:NSRLAndroid
+- do a test run, in import.py change maxvalue to 2, run import.py and then query the results
+- - redis-cli -p 6666
+- - HGETALL "h:000000F694CA9BF73836D67DEB5E2724338B422D"
+
+
 # API Usage
 
 ## Get information about the hash lookup database (via ReST)