Use sysdig's formatter cache.

Use the sinsp_evt_formatter_cache added in
draios/sysdig#771 instead of a local cache. This
simplifies the lua side quite a bit, as it only needs to call
format_output(), and clean up everything via free_formatters() in
output_cleanup().

On the C side, use a sinsp_evt_formatter object and use it in
format_event().

userspace/engine/formats.cpp

@@ -24,12 +24,14 @@ along with falco.  If not, see <http://www.gnu.org/licenses/>.
 
 
 sinsp* falco_formats::s_inspector = NULL;
-bool s_json_output = false;
+bool falco_formats::s_json_output = false;
+sinsp_evt_formatter_cache *falco_formats::s_formatters = NULL;
 
 const static struct luaL_reg ll_falco [] =
 {
 	{"formatter", &falco_formats::formatter},
 	{"free_formatter", &falco_formats::free_formatter},
+	{"free_formatters", &falco_formats::free_formatters},
 	{"format_event", &falco_formats::format_event},
 	{NULL,NULL}
 };
@@ -38,6 +40,10 @@ void falco_formats::init(sinsp* inspector, lua_State *ls, bool json_output)
 {
 	s_inspector = inspector;
 	s_json_output = json_output;
+	if(!s_formatters)
+	{
+		s_formatters = new sinsp_evt_formatter_cache(s_inspector);
+	}
 
 	luaL_openlib(ls, "formats", ll_falco, 0);
 }
@@ -73,11 +79,21 @@ int falco_formats::free_formatter(lua_State *ls)
 	return 0;
 }
 
+int falco_formats::free_formatters(lua_State *ls)
+{
+	if(s_formatters)
+	{
+		delete(s_formatters);
+		s_formatters = NULL;
+	}
+	return 0;
+}
+
 int falco_formats::format_event (lua_State *ls)
 {
 	string line;
 
-	if (!lua_islightuserdata(ls, -1) ||
+	if (!lua_isstring(ls, -1) ||
 	    !lua_isstring(ls, -2) ||
 	    !lua_isstring(ls, -3) ||
 	    !lua_islightuserdata(ls, -4)) {
@@ -87,9 +103,19 @@ int falco_formats::format_event (lua_State *ls)
 	sinsp_evt* evt = (sinsp_evt*)lua_topointer(ls, 1);
 	const char *rule = (char *) lua_tostring(ls, 2);
 	const char *level = (char *) lua_tostring(ls, 3);
-	sinsp_evt_formatter* formatter = (sinsp_evt_formatter*)lua_topointer(ls, 4);
+	const char *format = (char *) lua_tostring(ls, 4);
+
+	string sformat = format;
 
-	formatter->tostring(evt, &line);
+	try {
+		s_formatters->tostring(evt, sformat, &line);
+	}
+	catch (sinsp_exception& e)
+	{
+		string err = "Invalid output format '" + sformat + "': '" + string(e.what()) + "'";
+		lua_pushstring(ls, err.c_str());
+		lua_error(ls);
+	}
 
 	// For JSON output, the formatter returned just the output
 	// string containing the format text and values. Use this to

userspace/engine/formats.h

@@ -39,8 +39,13 @@ class falco_formats
 	// falco.free_formatter(formatter)
 	static int free_formatter(lua_State *ls);
 
+	// falco.free_formatters()
+	static int free_formatters(lua_State *ls);
+
 	// formatted_string = falco.format_event(evt, formatter)
 	static int format_event(lua_State *ls);
 
 	static sinsp* s_inspector;
+	static sinsp_evt_formatter_cache *s_formatters;
+	static bool s_json_output;
 };

userspace/falco/lua/output.lua

@@ -24,8 +24,6 @@ mod.levels = levels
 
 local outputs = {}
 
-local formatters = {}
-
 function mod.stdout(level, msg)
    print (msg)
 end
@@ -84,26 +82,16 @@ function output_event(event, rule, priority, format)
    end
 
    format = "*%evt.time: "..levels[level+1].." "..format
-   if formatters[rule] == nil then
-      formatter = formats.formatter(format)
-      formatters[rule] = formatter
-   else
-      formatter = formatters[rule]
-   end
 
-   msg = formats.format_event(event, rule, levels[level+1], formatter)
+   msg = formats.format_event(event, rule, levels[level+1], format)
 
    for index,o in ipairs(outputs) do
       o.output(level, msg, o.config)
    end
 end
 
 function output_cleanup()
-   for rule, formatter in pairs(formatters) do
-      formats.free_formatter(formatter)
-   end
-
-   formatters = {}
+   formats.free_formatters()
 end
 
 function add_output(output_name, config)