feat(docs): explain how to use Go-FTW

lifeforms commented 2 years ago

Motivation

Currently we don’t have documented how to set up and run go-ftw for rule developers.

Proposed solution

Create a documentation page under development and explain:

links to installing and running docker & docker-compose
downloading go-ftw
for macOS, trusting the ftw binary one time with right click and Open
add template for .ftw.yaml
running ftw
running ftw on one rule only
running ftw on a subset (regexp)
remembering to docker-compose down & up after changing a rule

Btw, my .ftw.yaml (if it's not already doc'd somewhere) is:

---
logfile: 'tests/logs/modsec2-apache/error.log'
logtype:
  name: 'apache'
  timeregex:  '\[([A-Z][a-z]{2} [A-z][a-z]{2} \d{1,2} \d{1,2}\:\d{1,2}\:\d{1,2}\.\d+? \d{4})\]'
  timeformat: 'ddd MMM DD HH:mm:ss.S YYYY'

We should have Nginx/Coraza too, maybe in the future and do it in steps.

Alternatives

Explain it manually to people 30 times. 😉

Additional context

N/A

RedXanadu commented 2 years ago

Can we replace the legacy Python ftw instructions? That will mean no duplication. (https://coreruleset.org/docs/development/testing/)

lifeforms commented 2 years ago

That seems quite sensible to me!

coreruleset / documentation

feat(docs): explain how to use Go-FTW #74

Motivation

Proposed solution

Alternatives

Additional context