From 4e0095448554ed12f5a6be219e5cfd9691fddba2 Mon Sep 17 00:00:00 2001
From: Liz Rice <liz@lizrice.com>
Date: Wed, 15 Jul 2020 14:41:35 +0100
Subject: [PATCH] docs: add Troubleshooting (#638)

* docs: add Troubleshooting

Adding basic instructions for running with debug logs

* docs: remember --logtostderr

* docs: note about cfg requirement

Note that installing a binary release is not sufficient - you also need the config and test files
Fixes #613
---
 README.md | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 4e30952..e2d42ee 100644
--- a/README.md
+++ b/README.md
@@ -38,6 +38,7 @@ Table of Contents
 * [Running on OpenShift](#running-on-openshift)
 * [Output](#output)
 * [Configuration](#configuration)
+* [Troubleshooting](#troubleshooting)
 * [Test config YAML representation](#test-config-yaml-representation)
   * [Omitting checks](#omitting-checks)
 * [Roadmap](#roadmap)
@@ -68,7 +69,7 @@ By default, kube-bench will determine the test set to run based on the Kubernete
 You can choose to
 * run kube-bench from inside a container (sharing PID namespace with the host)
 * run a container that installs kube-bench on the host, and then run kube-bench directly on the host
-* install the latest binaries from the [Releases page](https://github.com/aquasecurity/kube-bench/releases),
+* install the latest binaries from the [Releases page](https://github.com/aquasecurity/kube-bench/releases), though please note that you also need to download the config and test files from the `cfg` directory
 * compile it from source.
 
 ## Running kube-bench
@@ -301,6 +302,12 @@ Any settings in the version-specific config file `cfg/<version>/config.yaml` tak
 
 You can read more about `kube-bench` configuration in our [documentation](docs/README.md#configuration-and-variables).
 
+## Troubleshooting
+
+Running `kube-bench` with the `-v 3 --logtostderr` parameters will generate debug logs that can be very helpful for debugging problems. 
+
+If you are using one of the example `job*.yaml` files, you will need to edit the `command` field, for example `["kube-bench", "-v", "3", "--logtostderr"]`. Once the job has run, the logs can be retrieved using `kubectl logs` on the job's pod.   
+
 ## Test config YAML representation
 
 The tests (or "controls") are represented as YAML documents (installed by default into `./cfg`). There are different versions of these test YAML files reflecting different versions of the CIS Kubernetes Benchmark. You will find more information about the test file YAML definitions in our [documentation](docs/README.md).