解析嵌套字典时出错:Platform和sha256

时间:2020-06-23 07:36:57

标签: python json key

在提取classificationquery hash值时获取平台和sha256键错误。有人可以识别我在这里做错了吗?除了这两个值之外,我还可以提取其他值。

我正在这样做:

artifact_item=dict()
artifact_item['classification']=artifacts.get('classification',{})
artifact_item['query_hash']=artifacts.get('query_hash',{})

工件:

artifacts={{
    "status": "SUSPICIOUS",
    "scanner_count": 48,
    "classification": {
        "platform": "Win32",
        "type": "Malware",
        "family_name": "Xls"
    },
    "scanner_match": 4,
    "threat_name": "Win32.Malware.Xls",
    "query_hash": {
        "sha256": "de5aae888888888c81bf2b6be27a3e68ef8db4bbeb378a9fff36601d112d435f"
    }
    
},
{
    "status": "UNKNOWN",
    "scanner_count": 0,
    "classification": {},
    "scanner_match": 0,
    "threat_name": "",
    "query_hash": {
        "sha256": "2fa54155787a9f070b6ae93ea267fc759b3261fd00000ca166c5c30a1f1bae12"
    }
},
{
    "status": "UNKNOWN",
    "scanner_count": 0,
    "classification": {},
    "scanner_match": 0,
    "threat_name": "",
    "query_hash": {
        "sha256": "a9fcd0c850d5d77160d58e0000760bcef221279d0f78c0460fbbb4269cb8c4a5"
    }
},
{
    "status": "KNOWN",
    "scanner_count": 40,
    "classification": {},
    "scanner_match": 0,
    "threat_name": "",
    "query_hash": {
        "sha256": "e3b0c44298fc1c149afbf4c0000fb92427ae41e4649b934ca495991b7852b855"
    }
    
}}

1 个答案:

答案 0 :(得分:0)

尝试复制您的错误后,我注意到工件对象(据我所知是JSON数据对象?)的格式不正确, 为了解决这个问题,我获取了工件json数据,并为每个字典指定了一个参数,如下所示:

{
    "Property1" : {
        "status": "SUSPICIOUS",
        "scanner_count": 48,
        "classification": {
            "platform": "Win32",
            "type": "Malware",
            "family_name": "Xls"
        },
        "scanner_match": 4,
        "threat_name": "Win32.Malware.Xls",
        "query_hash": {
            "sha256": "de5aae888888888c81bf2b6be27a3e68ef8db4bbeb378a9fff36601d112d435f"
        }
        
    },
    "Property2" :{
        "status": "UNKNOWN",
        "scanner_count": 0,
        "classification": {},
        "scanner_match": 0,
        "threat_name": "",
        "query_hash": {
            "sha256": "2fa54155787a9f070b6ae93ea267fc759b3261fd00000ca166c5c30a1f1bae12"
        }
    },
    "Property3" :{
        "status": "UNKNOWN",
        "scanner_count": 0,
        "classification": {},
        "scanner_match": 0,
        "threat_name": "",
        "query_hash": {
            "sha256": "a9fcd0c850d5d77160d58e0000760bcef221279d0f78c0460fbbb4269cb8c4a5"
        }
    },
    "Property4" :{
        "status": "KNOWN",
        "scanner_count": 40,
        "classification": {},
        "scanner_match": 0,
        "threat_name": "",
        "query_hash": {
            "sha256": "e3b0c44298fc1c149afbf4c0000fb92427ae41e4649b934ca495991b7852b855"
        }
        
    }
}

请注意,每个字典都带有"Property1"键值, 然后通过在python中导入JSON库,我们可以加载和解析数据并使用它来获取我们的数据:

已编辑:

import json 
  
# Opening JSON file 
with open('data.json') as json_file: 
    data = json.load(json_file) 
  
    # Print the type of data variable 
    artifact_item = dict(data['Property1'])
    classification = artifact_item.get('classification',{})
    if classification == {}:
        print('Classification is empty')
    else:
        plat = classification['platform']

我们可以迭代JSON中的每个Property键值来获取所有数据, 当然,我们可以使用artifact_item.get('classification',{})来获取所需的数据。

编辑:我们可以通过执行以下操作来获得相同的属性:

artifact_item2 = dict(data['Property1'])['classification']['platform']

请注意,我首先使用dict(data['Property1'])根据JSON数据创建一个字典,然后像常规字典一样访问数据。

我希望这对您有帮助!

相关问题
最新问题