Support DFIQ

[berggren]

Support the upcoming DFIQ format to create Investigative Scenarios.

[thinrope]

A paragraph explaining how to import/setup https://github.com/google/dfiq/ into /etc/timesketch properly will be great here! Is simply copying data/* into /etc/timesketch/dfiq/ enough?

[jaegeral]

That will come soon (think weeks) with plenty of documentation, what it is, how to use it etc etc.