From 3307f7a94e1ce8ec83e18aa6544839defd39a644 Mon Sep 17 00:00:00 2001
From: Richard Sailer <richard_siegfried@systemli.org>
Date: Fri, 16 Mar 2018 18:39:07 +0100
Subject: [PATCH] lua output doc: Add explaining introduction text

---
 doc/userguide/output/lua-output.rst | 20 ++++++++++++++------
 1 file changed, 14 insertions(+), 6 deletions(-)

diff --git a/doc/userguide/output/lua-output.rst b/doc/userguide/output/lua-output.rst
index bd844cdc3e..9688b68556 100644
--- a/doc/userguide/output/lua-output.rst
+++ b/doc/userguide/output/lua-output.rst
@@ -1,17 +1,25 @@
 Lua Output
 ==========
 
-Lua scripts can be used to generate output from Suricata.
+Suricata offers the possibility to get more detailed output on specific kinds of
+network traffic via pluggable lua scripts. You can write these scripts yourself and only need to
+define four hook functions.
+
+For lua output scripts suricata offers a wide range of lua functions.
+They all return information on specific engine internals and aspects of the network traffic.
+They are described in the following sections, grouped by the event/traffic type.
+But let's start with a example explaining the four hook functions, and how to make
+suricata load a lua output script.
 
 Script structure
 ----------------
 
-A script defines 4 functions: init, setup, log, deinit
+A lua output script needs to define 4 hook functions: init(), setup(), log(), deinit()
 
-* init -- registers where the script hooks into the output engine
-* setup -- does per output thread setup
-* log -- logging function
-* deinit -- clean up function
+* init() -- registers where the script hooks into the output engine
+* setup() -- does per output thread setup
+* log() -- logging function
+* deinit() -- clean up function
 
 Example: