Add support for json-formatted output

digwatch.yaml

@@ -1,4 +1,5 @@
 rules_file: /etc/digwatch_rules.conf
+json_output: true
 
 syslog_output:
   enabled: false

userspace/digwatch/configuration.cpp

@@ -19,6 +19,7 @@ void digwatch_configuration::init(string conf_filename)
 	m_config = new yaml_configuration(m_config_file);
 
 	m_rules_filename = m_config->get_scalar<string>("rules_file", "/etc/digwatch_rules.conf");
+	m_json_output = m_config->get_scalar<bool>("json_output", false);
 
 	output_config file_output;
 	file_output.name = "file";

userspace/digwatch/configuration.h

@@ -95,6 +95,7 @@ class digwatch_configuration
 	void init(std::string conf_filename);
 	void init();
 	std::string m_rules_filename;
+	bool m_json_output;
 	std::vector<output_config> m_outputs;
  private:
 	yaml_configuration* m_config;

userspace/digwatch/digwatch.cpp

@@ -200,7 +200,7 @@ int digwatch_init(int argc, char **argv)
 	sinsp* inspector = NULL;
 	digwatch_rules* rules = NULL;
 	int op;
-	sinsp_evt::param_fmt event_buffer_format = sinsp_evt::PF_NORMAL;
+	sinsp_evt::param_fmt event_buffer_format;
 	int long_index = 0;
 	string lua_main_filename;
 	string output_name = "stdout";
@@ -259,8 +259,6 @@ int digwatch_init(int argc, char **argv)
 
 		}
 
-		inspector->set_buffer_format(event_buffer_format);
-
 
 		ifstream* conf_stream;
 		if (conf_filename.size())
@@ -359,6 +357,16 @@ int digwatch_init(int argc, char **argv)
 
 		inspector->set_hostname_and_port_resolution_mode(false);
 
+		if (config.m_json_output)
+		{
+			event_buffer_format = sinsp_evt::PF_JSON;
+		}
+		else
+		{
+			event_buffer_format = sinsp_evt::PF_NORMAL;
+		}
+		inspector->set_buffer_format(event_buffer_format);
+
 		for(std::vector<output_config>::iterator it = config.m_outputs.begin(); it != config.m_outputs.end(); ++it)
 		{
 			add_output(ls, *it);