Json jq:按属性分组和键
我有一个如下所示的对象列表:Json jq:按属性分组和键,json,key,grouping,jq,Json,Key,Grouping,Jq,我有一个如下所示的对象列表: [ { "ip": "1.1.1.1", "component": "name1" }, { "ip": "1.1.1.2", "component": "name1" }, { "ip": "1.1.1.3", "component": "name2" }, { "ip": "1.1.1.4", "component": "name2" } ] 现在,我想按组件对其进
[
{
"ip": "1.1.1.1",
"component": "name1"
},
{
"ip": "1.1.1.2",
"component": "name1"
},
{
"ip": "1.1.1.3",
"component": "name2"
},
{
"ip": "1.1.1.4",
"component": "name2"
}
]
现在,我想按组件对其进行分组并输入密钥,并为每个组件分配一个IP列表:
{
"name1": [
"1.1.1.1",
"1.1.1.2"
]
},{
"name2": [
"1.1.1.3",
"1.1.1.4"
]
}
我自己想出来的。我首先按
.component
进行分组,然后仅创建IP的新列表,这些列表由每个组的第一个对象的组件索引:
jq'group_by(.component)[]{([0].component):[[[]|.ip]}
在使用其他方法多次失败后,我最终构建了一个过滤器来压缩此Wazuh报告(为简洁起见节选):
下面是我用来提供对象数组的jq
过滤器,每个对象都由代理名称组成,后跟代理易受攻击包的名称数组:
jq ' .hits.hits |= unique_by(._source.agent.name, ._source.data.vulnerability.package.name) | .hits.hits | group_by(._source.agent.name)[] | { (.[0]._source.agent.name): [.[]._source.data.vulnerability.package | .name ]}'
以下是过滤器产生的输出的摘录:
{
"100360xx": [
"Mozilla Firefox 68.11.0 ESR (x64 en-US)",
"VLC media player",
"Windows 10"
]
}
{
"WIN-KD5C4xxx": [
"Windows Server 2019"
]
}
{
"fridxxx": [
"java-1.8.0-openjdk",
"kernel",
"kernel-headers",
"kernel-tools",
"kernel-tools-libs",
"python-perf"
]
}
{
"mcd-xxx-xxx": [
"dbus",
"fribidi",
"gnupg2",
"graphite2",
...
如果钥匙是数字型的呢?@branquito它不能。对象键始终是JSON中的字符串。如果您有类似于JSON的
{“0”:1}
,则可以使用“0”
获取“0”键。
{
"100360xx": [
"Mozilla Firefox 68.11.0 ESR (x64 en-US)",
"VLC media player",
"Windows 10"
]
}
{
"WIN-KD5C4xxx": [
"Windows Server 2019"
]
}
{
"fridxxx": [
"java-1.8.0-openjdk",
"kernel",
"kernel-headers",
"kernel-tools",
"kernel-tools-libs",
"python-perf"
]
}
{
"mcd-xxx-xxx": [
"dbus",
"fribidi",
"gnupg2",
"graphite2",
...