Add an option to output results as logs (preferably in a structured format like json)

[jibanes]

Version

0.0.12

Linux Version

5.15.x

Is your feature request related to a problem? Please describe.

No response

Describe the solution you'd like

Much like Sysdig's Falco, it would be useful, for security instrumentation to format the output as json events, such as:
{"time":"2022-06-11T09:53:40.734542-0700","bpf":"opensnoop.o","event":"/proc/123/env"}
Then this output can be piped to fluentd or else.

Additionally, for instrumentation in general, event sampling (at the source) might also be valuable, i.e.:
define rate: -r 0.50 will drop every other log event.
this might be useful if you only want a sample of logs, i.e. if instrumenting TCP payloads, one could only care about the "ratio" of SYN packets over SYN+ACK.

Describe alternatives you've considered

No response

Additional Context

No response

[krisztianfekete]

Hey @jibanes,
Thanks for the PR, this is now on the Roadmap.
Issue #11 is basically about this, although this is hard to tell without further clarification. :)

[jerome-ibanes]

great thanks, looking forward to it, as you understand I'd like to run probes and send the output to fluentbit essentially.