Indexing samples automatically when added /samples folder

[cvdsouza]

Feature Category

• [ ] Correctness
• [ ] User Interface / User Experience
• [ ] Performance
• [ X] Other (please explain)

Describe the problem

I have a single instance of mquery stood up via docker compose. I am a bit confused with the documentation on indexing. I'm setting up an automation process wherein new suspicious samples get copied to the /samples directory on the server. I am not sure if they will get auto indexed or will I have to press the re-index button on the UI again ? I am also not sure if I press the re-index button again will it re-index all samples or just a few. Since I connected mquery to a large data set (~1M) samples, I'm was just wondering how I would add new samples to the collections and be able to run my yara rules on them ?

Describe the solution you'd like

I would just like to get some understanding on how I can best automate sample submissions into mquery so I can build it into a automated workflow and users can then have their yara rules run on an ever updating sample list.

Describe alternatives you've considered

I'm still exploring mquery , but would really like to get some best practices and suggestion for you all on how I should best deploy, and use with an ever growing sample set.

Thanks