Note the formatters are pre-configured, these can be left as-is. If you want to make optional tweaks or where additional functionality is exposed, it is recommended you copy the section and give it a new alias.
Note its recommended to use JSON, can only send flat-data. some pollers can generate multi-dimesion data (such as Tags or Content checks), the CSV generated by this could be incomplete or corupt - Try CSV if you wish, but be aware of this and test it before putting into production.
Connector: lib.formatters.csv.QCSVFormatter
Usage: Takes data generated from Poller, and reformats into into a CSV
Parameters:
| Section | Attribute | Value | Details |
|---|---|---|---|
| <alias>: | Unique name for this formatter, should be relevant such i.e. "CSV_For_UPS" | ||
| alias: | string | Must be the same as the<alias> above, this will appear in the logs and output | |
| connector_class: | lib.formatters.csv.QCSVFormatter | This is the connector-plugin that gets loaded for this poller, it must be as shown | |
| prefix_timestamp: | String | Format of the timestamp that will be prefixed to the entry, this uses Python standards, recommended value is "%Y/%m/%d %H:%M:%S.%f %z" |
Connector: lib.formatters.json.QJSONFormatter
Usage: Takes data generated from Poller, and reformats into a JSON object
Parameters:
| Section | Attribute | Value | Details |
|---|---|---|---|
| <alias>: | Unique name for this formatter, should be relevant such i.e. "JSON_for_FIREWALL" | ||
| alias: | string | Must be the same as the<alias> above, this will appear in the logs and output | |
| connector_class: | lib.formatters.json.QJSONFormatter | This is the connector-plugin that gets loaded for this poller, it must be as shown | |
| prefix_timestamp: | String | Format of the timestamp that will be prefixed to the entry, this uses Python standards, recommended value is "%Y/%m/%d %H:%M:%S.%f %z", setting to False disable it |
Connector: lib.formatters.dict.QDictFormatter (Use only with QOpenSearchSender)
Usage: Takes data generated from Poller, and reformats into a Python DICT object
Parameters:
| Section | Attribute | Value | Details |
|---|---|---|---|
| <alias>: | Unique name for this formatter, should be relevant such i.e. "DICT_for_FIREWALL" | ||
| alias: | string | Must be the same as the<alias> above, this will appear in the logs and output | |
| connector_class: | lib.formatters.dict.QDictFormatter | This is the connector-plugin that gets loaded for this poller, it must be as shown | |
| prefix_timestamp: | String | Format of the timestamp that will be prefixed to the entry, this uses Python standards, recommended value is "%Y/%m/%d %H:%M:%S.%f %z", setting to False disable it |