Update documentation

diff --git a/doc/markdown/modules/multimap.md b/doc/markdown/modules/multimap.md
index 2912b923d00037d08db21a2b34b648fbff339cc3..5d066d67f738576322b6b63c53581df6d0e567fb 100644 (file)
--- a/doc/markdown/modules/multimap.md
+++ b/doc/markdown/modules/multimap.md
@@ -90,6 +90,9 @@ URL maps allows another set of filters (by default, url maps are matched using h
 * `tld` - matches TLD (top level domain) part of urls
 * `full` - matches the complete URL not the hostname
 * `is_phished` - matches hostname but if and only if the URL is phished (e.g. pretended to be from another domain)
+* `regexp:/re/` - extracts generic information using the specified regular expression from the hostname
+* `tld:regexp:/re/` - extracts generic information using the specified regular expression from the TLD part
+* `full:regexp:/re/` - extracts generic information using the specified regular expression from the full URL text
 
 Here are some examples of pre-filter configurations:
 
@@ -114,4 +117,10 @@ url_map {
             map = "file:///tmp/url.map";
             symbol = "URL_MAP";
 }
+url_tld_re {
+            type = "url";
+            filter = "tld:regexp:/\.[^.]+$/"; # Extracts the last component of URL
+            map = "file:///tmp/url.map";
+            symbol = "URL_MAP_RE";
+}
 ~~~
\ No newline at end of file