How to get the value using jq command? - jq

How to get the value of filecode in
"{"msg": "OK", "status": 200, "files": [ { "filecode":"am9kb3tw6hv1", "filename": "video.mp4", "status": "OK" } ]}"
The printed output will be
am9kb3tw6hv1


I supposed your file name is test.json
echo {\"msg\": \"OK\", \"status\": 200, \"files\": [ { \"filecode\":\"am9kb3tw6hv1\", \"filename\": \"video.mp4\", \"status\": \"OK\" } ]} > test.json
Run this
jq '.files[0].filecode' test.json
Output
"am9kb3tw6hv1"
If you don't want the quotes, then use -r
jq -r '.files[0].filecode' test.json
output
am9kb3tw6hv1
I found this page that explain how to use jq

Related

how to dynamically build jq command

given this input
{
"properties": {
"hello": [
"saysay"
],
"test": [
"1"
]
},
"uri": "uri"
}
I've managed to check whether hello exists using this command
curl url | jq 'has("hello")'
Now how to check if the value of hello equals to saysay when it is a string variable ?
if hardcoded, below command return true which is expected
curl url | jq -r '.properties.hello[]=="saysay"'
when i try this one, I've got the following error : (23) Failed writing body
curl url | jq -r '.properties.$variable[]=="saysay"'

You can use --arg to set a jq variable from the command line.
field=hello
curl url | jq --arg property "$field" '.properties[$property][] == "saysay"'

How to use jq when the response is not a list

My json response is like this.
{
"level": "info",
"timestamp": "2022-03-21T16:10:27.060Z",
"msg": "starting test",
}
{
"level": "warn",
"timestamp": "2022-03-21T16:10:27.060Z",
"msg": "message 2"
}
{
"level": "error",
"timestamp": "2022-03-21T16:10:27.060Z",
"msg": "message 3"
}
I want to extract.
Either 3rd message (or nth message) or the message associated with error
How can I do this with jq?

Use select to filter by condition
jq 'select(.level == "error")'
{
"level": "error",
"timestamp": "2022-03-21T16:10:27.060Z",
"msg": "message 3"
}
Demo
To extract the message, use the -r option
jq -r 'select(.level == "error").msg'
message 3
Demo
If you want to access the nth object, you may want to use a structure whose items you can count. Using the -s option would turn the input stream into an array. Using the --argjson option enables you using an external (JSON) value for reference:
jq -sr --argjson n 2 '.[$n].msg'
message 3
Demo
To directly address the nth element of a stream, use the nth function, in combination with inputs and the -n option to address the entire stream at once:
jq -nr --argjson n 2 'nth($n;inputs).msg'
message 3
Demo

jq syntax help for querying lists output

I need help in correcting jq test cases syntax. Following is output file & trying to test ID list with command below. Gives error index to string type.
[[ $(echo $output| jq -r '.output.value[] | select(.identity).id_list') == *"id2"* ]]
output = {
"resource_output": {
"value": {
"identity": [
{
"id_list": [
"/subscriptions/---/id1",
"/subscriptions/---/id2",
"/subscriptions/--/id3"
],
"principal_id": "",
"tenant_id": "",
"type": "managed"
}
]
}
}

Your query does not match the sample JSON, and you have not indicated what output you are expecting, but the following variation of your query illustrates how to use select and test with your data along the lines suggested by your attempt:
echo "$output" |
jq -r '.resource_output.identity[].id_list[] | select(test("id2"))'
Output:
/subscriptions/---/id2

Transforming json to table using JQ gives "Cannot index string error"

Output of the following command
jq '.data[] | select(.vulnerable_configuration_cpe_2_2 | contains(["2.4.38"]))' search1.json
gives me
{
"Modified": "2019-06-11T17:29:00.647000",
"Published": "2019-06-11T17:29:00.630000",
"cvss": "5.0",
"cwe": "CWE-399",
"id": "CVE-2019-0220",
"last-modified": "2019-06-25T06:15:10.627000",
"reason": "Text search",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html"
],
"summary": "A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a request URL contains multiple consecutive slashes ('/'), directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions while other aspects of the servers processing will implicitly collapse them.",
"vulnerable_configuration": [
"cpe:2.3:a:apache:http_server:2.4.0",
"cpe:2.3:a:apache:http_server:2.4.1",
"cpe:2.3:a:apache:http_server:2.4.2",
"cpe:2.3:a:apache:http_server:2.4.3",
"cpe:2.3:a:apache:http_server:2.4.4",
"cpe:2.3:a:apache:http_server:2.4.6",
"cpe:2.3:a:apache:http_server:2.4.7",
"cpe:2.3:a:apache:http_server:2.4.8",
"cpe:2.3:a:apache:http_server:2.4.9",
"cpe:2.3:a:apache:http_server:2.4.10",
"cpe:2.3:a:apache:http_server:2.4.12",
"cpe:2.3:a:apache:http_server:2.4.14",
"cpe:2.3:a:apache:http_server:2.4.16",
"cpe:2.3:a:apache:http_server:2.4.17",
"cpe:2.3:a:apache:http_server:2.4.18",
"cpe:2.3:a:apache:http_server:2.4.19",
"cpe:2.3:a:apache:http_server:2.4.20",
"cpe:2.3:a:apache:http_server:2.4.21",
"cpe:2.3:a:apache:http_server:2.4.22",
"cpe:2.3:a:apache:http_server:2.4.23",
"cpe:2.3:a:apache:http_server:2.4.24",
"cpe:2.3:a:apache:http_server:2.4.25",
"cpe:2.3:a:apache:http_server:2.4.26",
"cpe:2.3:a:apache:http_server:2.4.27",
"cpe:2.3:a:apache:http_server:2.4.28",
"cpe:2.3:a:apache:http_server:2.4.29",
"cpe:2.3:a:apache:http_server:2.4.30",
"cpe:2.3:a:apache:http_server:2.4.32",
"cpe:2.3:a:apache:http_server:2.4.33",
"cpe:2.3:a:apache:http_server:2.4.34",
"cpe:2.3:a:apache:http_server:2.4.35",
"cpe:2.3:a:apache:http_server:2.4.36",
"cpe:2.3:a:apache:http_server:2.4.37",
"cpe:2.3:a:apache:http_server:2.4.38",
"cpe:2.3:o:opensuse:leap:15.0",
"cpe:2.3:o:opensuse:leap:42.3",
"cpe:2.3:o:debian:debian_linux:8.0",
"cpe:2.3:o:debian:debian_linux:9.0",
"cpe:2.3:o:fedoraproject:fedora:28",
"cpe:2.3:o:fedoraproject:fedora:29",
"cpe:2.3:o:fedoraproject:fedora:30",
"cpe:2.3:o:canonical:ubuntu_linux:14.04:-:-:-:lts",
"cpe:2.3:o:canonical:ubuntu_linux:16.04:-:-:-:lts",
"cpe:2.3:o:canonical:ubuntu_linux:18.04:-:-:-:lts",
"cpe:2.3:o:canonical:ubuntu_linux:18.10"
],
"vulnerable_configuration_cpe_2_2": [
"cpe:/a:apache:http_server:2.4.0",
"cpe:/a:apache:http_server:2.4.1",
"cpe:/a:apache:http_server:2.4.2",
"cpe:/a:apache:http_server:2.4.3",
"cpe:/a:apache:http_server:2.4.4",
"cpe:/a:apache:http_server:2.4.6",
"cpe:/a:apache:http_server:2.4.7",
"cpe:/a:apache:http_server:2.4.8",
"cpe:/a:apache:http_server:2.4.9",
"cpe:/a:apache:http_server:2.4.10",
"cpe:/a:apache:http_server:2.4.12",
"cpe:/a:apache:http_server:2.4.14",
"cpe:/a:apache:http_server:2.4.16",
"cpe:/a:apache:http_server:2.4.17",
"cpe:/a:apache:http_server:2.4.18",
"cpe:/a:apache:http_server:2.4.19",
"cpe:/a:apache:http_server:2.4.20",
"cpe:/a:apache:http_server:2.4.21",
"cpe:/a:apache:http_server:2.4.22",
"cpe:/a:apache:http_server:2.4.23",
"cpe:/a:apache:http_server:2.4.24",
"cpe:/a:apache:http_server:2.4.25",
"cpe:/a:apache:http_server:2.4.26",
"cpe:/a:apache:http_server:2.4.27",
"cpe:/a:apache:http_server:2.4.28",
"cpe:/a:apache:http_server:2.4.29",
"cpe:/a:apache:http_server:2.4.30",
"cpe:/a:apache:http_server:2.4.32",
"cpe:/a:apache:http_server:2.4.33",
"cpe:/a:apache:http_server:2.4.34",
"cpe:/a:apache:http_server:2.4.35",
"cpe:/a:apache:http_server:2.4.36",
"cpe:/a:apache:http_server:2.4.37",
"cpe:/a:apache:http_server:2.4.38",
"cpe:/o:opensuse:leap:15.0",
"cpe:/o:opensuse:leap:42.3",
"cpe:/o:debian:debian_linux:8.0",
"cpe:/o:debian:debian_linux:9.0",
"cpe:/o:fedoraproject:fedora:28",
"cpe:/o:fedoraproject:fedora:29",
"cpe:/o:fedoraproject:fedora:30",
"cpe:/o:canonical:ubuntu_linux:14.04::~~lts~~~",
"cpe:/o:canonical:ubuntu_linux:16.04::~~lts~~~",
"cpe:/o:canonical:ubuntu_linux:18.04::~~lts~~~",
"cpe:/o:canonical:ubuntu_linux:18.10"
]
}
{
"Modified": "2019-04-08T17:29:00.860000",
"Published": "2019-04-08T17:29:00.843000",
"cvss": "6.0",
"cwe": "CWE-362",
"id": "CVE-2019-0217",
"last-modified": "2019-05-13T23:29:03.847000",
"reason": "Text search",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html"
],
"summary": "In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions.",
"vulnerable_configuration": [
"cpe:2.3:a:apache:http_server:2.4.38",
"cpe:2.3:o:debian:debian_linux:8.0",
"cpe:2.3:o:debian:debian_linux:9.0",
"cpe:2.3:o:fedoraproject:fedora:29",
"cpe:2.3:o:fedoraproject:fedora:30",
"cpe:2.3:o:canonical:ubuntu_linux:12.04:-:-:-:esm",
"cpe:2.3:o:canonical:ubuntu_linux:14.04:-:-:-:lts",
"cpe:2.3:o:canonical:ubuntu_linux:16.04:-:-:-:lts",
"cpe:2.3:o:canonical:ubuntu_linux:18.04:-:-:-:lts",
"cpe:2.3:o:canonical:ubuntu_linux:18.10",
"cpe:2.3:o:redhat:enterprise_linux:7.0",
"cpe:2.3:o:opensuse:leap:15.0",
"cpe:2.3:o:opensuse:leap:42.3"
],
"vulnerable_configuration_cpe_2_2": [
"cpe:/a:apache:http_server:2.4.38",
"cpe:/o:debian:debian_linux:8.0",
"cpe:/o:debian:debian_linux:9.0",
"cpe:/o:fedoraproject:fedora:29",
"cpe:/o:fedoraproject:fedora:30",
"cpe:/o:canonical:ubuntu_linux:12.04::~~esm~~~",
"cpe:/o:canonical:ubuntu_linux:14.04::~~lts~~~",
"cpe:/o:canonical:ubuntu_linux:16.04::~~lts~~~",
"cpe:/o:canonical:ubuntu_linux:18.04::~~lts~~~",
"cpe:/o:canonical:ubuntu_linux:18.10",
"cpe:/o:redhat:enterprise_linux:7.0",
"cpe:/o:opensuse:leap:15.0",
"cpe:/o:opensuse:leap:42.3"
]
}
I just want to display all the possible fields in a simple table on the command line but I am not able to achieve it.
I tried the following command
echo $(jq '.data[] | select(.vulnerable_configuration_cpe_2_2 | contains(["2.4.38"]))' search1.json) | jq -r '.[] | "\(.summary)"'
but it gives me error
jq: error (at <stdin>:1): Cannot index string with string "summary"
I already researched about this and tried modifying this command but it sometimes gives me compilation error. I am sure I am making very stupid mistake somewhere
Expected Output
ID CWE CVSS Summary
xyz xyz xyz xyzxyzxyz

I figured it out myself
The correct command is
echo $(jq '.data[] | select(.vulnerable_configuration_cpe_2_2 | contains(["2.4.38"]))' search1.json) | jq -r '. | "\(.summary)"'
After jq -r there should be a . and not .[]

jq - Extra space when outputting to CSV after jq filter

Facing an issue with a simple requirement.
Make a CURL request and store in a variable
Parse JSON from variable using JQ and output into CSV file.
When I try to do it, I am getting extra leading space in the file from the second line for some reason. Is there a way to configure jq to not do this ?
Code :
output=`curl -v -k -H 'Content-Type: application/json' '<<URL>>' -d '<<PARAMS>>'`
csvOutput=`echo $output | jq --raw-output '.result .items[]|[.name,.key,.created,.updated]|#csv'`
echo $csvOutput >> out.csv
The following code (all in one line) does not have the issue. But I need the curl output in a variable to perform some checks ,so this option does not help.
echo "$(curl -v -k -H 'Content-Type: application/json' '<<URL>>' -d '<<PARAMS>>" | jq -r '.result .items[]|[.name,.key,.created,.updated]|#csv' >> out.csv
Strangely, when I read the json output (taken from curl response) from a file and then apply jq filters, I don't see the issue.
cat response.json | jq -r '.result .items[]|[.name,.key,.created,.updated]|#csv' > out.csv
response.json (formatted) :
{
"result": {
"total_items": 22,
"total_pages": 1,
"items_per_page": 1000,
"current_page": 1,
"items": [
{
"key": "1",
"name": "Name 1",
"created": "2016-12-20T08:51:13Z",
"updated": "2016-12-20T09:29:08Z"
},
{
"key": "2",
"name": "Name 2",
"created": "2016-12-20T08:51:13Z",
"updated": "2016-12-20T09:29:08Z"
},
{
"key": "3",
"name": "Name 3",
"created": "2016-12-20T08:51:13Z",
"updated": "2016-12-20T09:29:08Z"
}
]
},
"id": 1
}

When you write your result to your csv file your are using echo $csvOutput >> out.csv instead of :
echo "$csvOutput" >> out.csv
The double quotes will preserve newlines, see this post

Resources