So, you have already captured some network traffic to PCAPs and want to test your created rules against it? Fine.
rm eve.json suricata -S my-rules.rules -c /etc/suricata/suricata.yaml -l . -v -k none -r sample.pcap cat eve.json | jq
Or as one-liner:
rm eve.json ; suricata -S my-rules.rules -c /etc/suricata/suricata.yaml -l . -v -k none -r sample.pcap ; cat eve.json | jq
What does that mean?
rm eve.jsonwill remove the eve.json file from your current working directory
-c <path to your normal suricata config>
-l <path to your Logging directory>here the working directory
-vuse verbose cli output (you can add more)