diff --git a/tcpdump-schedule/README.md b/tcpdump-schedule/README.md
index e6a9649..d70c301 100644
--- a/tcpdump-schedule/README.md
+++ b/tcpdump-schedule/README.md
@@ -1,7 +1,12 @@
 # tcpdump scripts
 
-tcpdump_getdata.sh: Capture network traffic, stop with Ctrl-C
+- tcpdump_getdata.sh: Capture network traffic, stop with Ctrl-C
+- tcpdump_stop.sh: Stop the tcpdump command (e.g. when using crontab)
+- tcpdump.yml: Ansible Playbook which takes a tcpdump on the remote side(s) and copy it automatically to your server
 
-tcpdump_stop.sh: Stop the tcpdump command (e.g. when using crontab)
+# crontab
 
-tcpdump.yml: Ansible Playbook which takes a tcpdump on the remote side(s) and copy it automatically to your server
\ No newline at end of file
+This is the crontab for an example tcpdump which starts at 02:00am and stops at 02:05am.
+
+0 2 * * * bash /tmp/tcpdump_getdata.sh
+5 2 * * * bash /tmp/tcpdump_stop.sh
\ No newline at end of file