move traceectl docs to separte section, refactor traceectl docs

docs/docs/traceectl/commands/event.md → docs/traceectl/commands/event.md

@@ -12,22 +12,16 @@ traceectl event [subcommand] [flags]
 
 ## Subcommands
 
-- **list**: Lists all available event definitions (built-in and plugin-defined), providing a brief summary of each.
+- **describe**: Retrieves detailed information about a specific **event** or **all the events**, including its fields, types, and other metadata.
 
   ```sh
-  traceectl event list --format [json|table|template]
-  ```
-
-  - **`--format`** (`-f`): Specifies the output format (default is `table`). Supported formats are `json`, `table`, and `template`.
-
-- **describe**: Retrieves detailed information about a specific event, including its fields, types, and other metadata.
-
-  ```sh
-  traceectl event describe <event_name> --format [json|table|template]
+  traceectl event describe <event_name>
   ```
 
   - **`<event_name>`**: The name of the event to describe.
-  - **`--format`** (`-f`): Specifies the output format (default is `table`).
+  - **`--format`**: Specifies the format (default is `table`).
+  - **`--server`**: Specifies the server unix socket path (default is `/var/run/tracee.sock`)
+  - **`--output`**: Specifies the output (default is `stdout`)
 
 - **enable**: Enables capturing of a specific event type in Tracee.
 
@@ -36,6 +30,8 @@ traceectl event [subcommand] [flags]
   ```
 
   - **`<event_name>`**: The name of the event to enable.
+  - **`--server`**: Specifies the server unix socket path (default is `/var/run/tracee.sock`)
+  - **`--output`**: Specifies the output (default is `stdout`)
 
 - **disable**: Disables capturing of a specific event type in Tracee.
 
@@ -44,26 +40,21 @@ traceectl event [subcommand] [flags]
   ```
 
   - **`<event_name>`**: The name of the event to disable.
-
-## Flags
-
-- **`--format`** (`-f`): Available with the `list` and `describe` subcommands. It specifies the format for the output. Supported values are:
-  - `json`: Outputs event details in JSON format.
-  - `table`: Outputs event details in a tabular view.
-  - `template`: Uses a custom template for formatting the output.
+  - **`--server`**: Specifies the server unix socket path (default is `/var/run/tracee.sock`)
+  - **`--output`**: Specifies the output (default is `stdout`)
 
 ## Examples
 
 - **List All Events in JSON Format**
 
   ```sh
-  traceectl event list --format json
+  traceectl event describe --format json
   ```
 
 - **Describe an Event**
 
   ```sh
-  traceectl event describe execve --format table
+  traceectl event describe execve
   ```
 
 - **Enable an Event**
@@ -80,4 +71,4 @@ traceectl event [subcommand] [flags]
 
 ## Summary
 
-The `event` command in traceectl is a powerful tool for managing Tracee's event capabilities. Use the `list`, `describe`, `enable`, and `disable` subcommands to gain detailed insight and control over the events Tracee monitors.
+The `event` command in traceectl is a powerful tool for managing Tracee's event capabilities. Use the, `describe`, `enable`, and `disable` subcommands to gain detailed insight and control over the events Tracee monitors.

docs/docs/traceectl/commands/metrics.md → docs/traceectl/commands/metrics.md

@@ -10,6 +10,8 @@ The `metrics` command is structured as follows:
 traceectl metrics 
 ```
 
+- **`--server`**: Specifies the server unix socket path (default is `/var/run/tracee.sock`)
+
 ## Examples
 
 - **Display Metrics in Table Format**

docs/docs/traceectl/commands/stream.md → docs/traceectl/commands/stream.md

@@ -7,14 +7,12 @@ The `stream` command in **traceectl** allows users to stream events directly fro
 The `stream` command is structured as follows:
 
 ```sh
-traceectl stream [policies...] [flags]
+traceectl stream [flags]
 ```
 
-## Flags
-
-- **`--format`** (`-f`): Specifies the format for the output. Supported values are:
-  - `json`: Outputs event details in JSON format.
-  - `table`: Outputs event details in a tabular view.
+- **`--format`**: Specifies the format (default is `table`).
+- **`--server`**: Specifies the server unix socket path (default is `/var/run/tracee.sock`)
+- **`--output`**: Specifies the output (default is `stdout`)
 
 ## Examples
 

docs/docs/traceectl/commands/version.md → docs/traceectl/commands/version.md

@@ -10,6 +10,8 @@ To display the version information, use the following command:
 traceectl version
 ```
 
+- **`--server`**: Specifies the server unix socket path (default is `/var/run/tracee.sock`)
+
 This command will output details such as:
 
 - **Version Number**: The current version of traceectl.
@@ -18,7 +20,7 @@ This command will output details such as:
 ### Example Output
 
 ``` bash
-v0.22.0-96-gaab269e885
+v0.22.0
 ```
 
 ### Summary

docs/docs/traceectl/flags/format.md → docs/traceectl/flags/format.md

@@ -1,13 +1,13 @@
 # `format` Flag
 
-The `--format` flag in **traceectl** is used to specify the output format for certain commands. Currently, this flag supports the following values for the `stream`, `event list`, and `event describe` commands:
+The `--format` flag in **traceectl** is used to specify the output format for certain commands. Currently, this flag supports the following values for the `stream` and `event describe` commands:
 
 - **`json`**: Outputs the data in JSON format, which is useful for automated processing or integration with other tools that consume JSON.
 
   Example:
 
   ```sh
-  traceectl event list --format json
+  traceectl stream --format json
   ```
 
   In this example, the command lists all available events and outputs them in JSON format.

docs/traceectl/flags/server.md

@@ -0,0 +1,14 @@
+# `server` Flag
+
+The `--server` flag in **traceectl** is used to specify the connection type that traceectl should use to communicate with the Tracee server. This connection type is **Unix socket** only.
+
+- **Unix Socket**: This type of connection is generally used for local inter-process communication. It provides a secure and efficient means to connect to Tracee when both client and server are on the same machine.
+
+  Example:
+
+  ```sh
+  traceectl --server /unix/socket/path.sock
+  ```
+
+  In this example, `/unix/socket/path.sock` is the Unix socket path where the Tracee server is listening. Using Unix sockets is beneficial for security and performance since it avoids the overhead associated with network communication.
+

docs/docs/traceectl/usage.md → docs/traceectl/usage.md

@@ -18,7 +18,7 @@ To use **traceectl**, you first need to compile and install the tool. Follow the
    Compile and install traceectl using the following commands:
 
    ``` bash
-   go build
+   make
    ```
 
 ## Configuring Tracee for traceectl
@@ -68,23 +68,10 @@ Once traceectl is installed and Tracee is running, you can use various commands
 For more info about the traceectl command please refer to the appoint command documentation
 
 ## Flags
-
-- server: Specifies the connection type, either unix or tcp.
 
-  ``` bash
-  traceectl --server unix:/unix/socket/path.sock
-  ```
-
-- output: Defines the output destination, such as stdout or a file.
-
-  ``` bash
-  traceectl stream --output file:/path/to/output.txt
-  ```
-
-For more info about the traceectl flags please refer to the appoint flag documentation
+For more info about the traceectl flags please refer to the appoint [flags documentation](./flags)
 
 ## Summary
 
 - **Install traceectl** by cloning the repository, building, and installing it with `make`.
-- **Configure Tracee** by running it with the appropriate gRPC Unix socket settings.
 - **Use traceectl** to interact with Tracee via commands like `stream`, `event`, `metrics`, and `version`.

mkdocs.yml

@@ -575,18 +575,6 @@ nav:
                 - Output Formats: docs/outputs/output-formats.md
                 - Output Options: docs/outputs/output-options.md
                 - Logging: docs/outputs/logging.md
-          - TraceeCTL: 
-                - Overview: docs/traceectl/index.md
-                - Installation: docs/traceectl/usage.md
-                - Commands:
-                      - event:  docs/traceectl/commands/event.md
-                      - metrics: docs/traceectl/commands/metrics.md
-                      - stream: docs/traceectl/commands/stream.md
-                      - verion: docs/traceectl/commands/verion.md
-                - Flags:
-                      - output: docs/traceectl/flags/output.md
-                      - format: docs/traceectl/flags/format.md
-                      - server: docs/traceectl/flags/server.md
           - Advanced:
                 - Caching Events: docs/advanced/caching-events.md
                 - Ordering Events: docs/advanced/ordering-events.md
@@ -614,6 +602,18 @@ nav:
                 - cache: docs/flags/cache.1.md
                 - capabilities: docs/flags/capabilities.1.md
                 - log: docs/flags/log.1.md
+    - Traceectl: 
+          - Overview: traceectl/index.md
+          - Installation:  traceectl/usage.md
+          - Commands:
+                - event:   traceectl/commands/event.md
+                - metrics:  traceectl/commands/metrics.md
+                - stream:  traceectl/commands/stream.md
+                - verion:  traceectl/commands/verion.md
+          - Flags:
+                - output:  traceectl/flags/output.md
+                - format:  traceectl/flags/format.md
+                - server:  traceectl/flags/server.md    
     - Tutorials:
           - Overview: tutorials/overview.md
           - Cosign - verify Tracee signature: tutorials/verify-tracee-signature.md