Update default falco config for plugins

The default config defines the cloudtrail/json plugins but does not
give them any actual config for init config/open params.

load_plugins is empty so neither plugin is actually loaded by default.

Signed-off-by: Mark Stemm <mark.stemm@gmail.com>

falco.yaml

@@ -15,12 +15,6 @@
 # limitations under the License.
 #
 
-input_plugin:
-  name: ""
-  path: ""
-  init_config: ""
-  open_params: ""
-
 # File(s) or Directories containing Falco rules, loaded at startup.
 # The name "rules_file" is only for backwards compatibility.
 # If the entry is a file, it will be read directly. If the entry is a directory,
@@ -39,6 +33,33 @@ rules_file:
   - /etc/falco/k8s_audit_rules.yaml
   - /etc/falco/rules.d
 
+
+#
+# Plugins that are available for use. These plugins are not loaded by
+# default, as they require explicit configuration to point to
+# cloudtrail log files.
+#
+
+# To learn more about the supported formats for
+# init_config/open_params for the cloudtrail plugin, see the README at
+# https://github.com/falcosecurity/plugins/blob/master/plugins/cloudtrail/README.md.
+plugins:
+  - name: cloudtrail
+    library_path: libcloudtrail.so
+    init_config: ""
+    open_params: ""
+  - name: json
+    library_path: libjson.so
+    init_config: ""
+    open_params: ""
+
+# Setting this list to empty ensures that the above plugins are *not*
+# loaded and enabled by default. If you want to use the above plugins,
+# set a meaningful init_config/open_params for the cloudtrail plugin
+# and then change this to:
+# load_plugins: [cloudtrail, json]
+load_plugins: []
+
 # If true, the times displayed in log messages and output messages
 # will be in ISO 8601. By default, times are displayed in the local
 # time zone, as governed by /etc/localtime.