README - Add instructions to show live stream use cases

[sandman137]

Show how to live stream traffic into various tools for detection purposes.

I.e. sensor --> receiver --> live stream | TOOL where TOOL = { Zeek, Suricata, Tshark, Moloch etc}

1. Suricata
2. Zeek
3. Tshark
4. Moloch

[ManofWax]

I'm interested about the best way to send stream live to suricata and zeek

[sandman137]

The README closes the Suricata use case, I think we should use FIFO instead of regular files to 'truly live steam' and remove need for file rotation/disk usage concerns etc.

Another option is to use STDOUT | STDIN piping. Sometimes this can lead to buffering issues etc but nothing that cant be solved quickly.

[sandman137]

I think we should keep this one open till we address 2, 3 and 4 above.