使用JQ或任何Linux工具删除或解析JSON文件中的数据

时间:2016-04-13 19:02:32

标签: json linux jq

我有这个JSON文件:

{
  "vulnerable_configuration_cpe_2_2": [
    "cpe:/o:apple:apple_tv:9.1",
    "cpe:/o:apple:watchos:2.1",
    "cpe:/o:apple:iphone_os:9.2",
    "cpe:/o:apple:mac_os_x:10.11.2"
  ],
  "vulnerable_configuration": [
    {
      "title": "cpe:2.3:o:apple:apple_tv:9.1",
      "id": "cpe:2.3:o:apple:apple_tv:9.1"
    },
    {
      "title": "cpe:2.3:o:apple:watchos:2.1",
      "id": "cpe:2.3:o:apple:watchos:2.1"
    },
    {
      "title": "cpe:2.3:o:apple:iphone_os:9.2",
      "id": "cpe:2.3:o:apple:iphone_os:9.2"
    },
    {
      "title": "cpe:2.3:o:apple:mac_os_x:10.11.2",
      "id": "cpe:2.3:o:apple:mac_os_x:10.11.2"
    }
  ],
  "summary": "The Disk Images component in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.",
  "references": [
    "https://support.apple.com/HT206168",
    "https://support.apple.com/HT205732",
    "https://support.apple.com/HT205731",
    "https://support.apple.com/HT205729",
    "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html",
    "http://lists.apple.com/archives/security-announce/2016/Jan/msg00005.html",
    "http://lists.apple.com/archives/security-announce/2016/Jan/msg00003.html",
    "http://lists.apple.com/archives/security-announce/2016/Jan/msg00002.html"
  ],
  "Modified": "2016-03-29T19:01:26.810-04:00",
  "Published": "2016-02-01T06:59:01.090-05:00",
  "access": {
    "vector": "LOCAL",
    "complexity": "LOW",
    "authentication": "NONE"
  },
  "cvss": 7.2,
  "cvss-time": "2016-03-29T09:43:55.537-04:00",
  "cwe": "CWE-119",
  "id": "CVE-2016-1717",
  "impact": {
    "integrity": "COMPLETE",
    "confidentiality": "COMPLETE",
    "availability": "COMPLETE"
  }

我想使用JQ或任何Linux工具删除以下数据

  • 访问(包括向量,复杂性,身份验证)

  • 引用:仅限第一个或第一个参考

  • CVSS时间

  • vulnerability_configuration_cpe_2_2(Incluide cpe:/ o:apple:apple_tv:9.1, 等)

结果,我希望它是这样的:

{
  "vulnerable_configuration": [
    {
      "title": "cpe:2.3:o:apple:apple_tv:9.1",
      "id": "cpe:2.3:o:apple:apple_tv:9.1"
    },
    {
      "title": "cpe:2.3:o:apple:watchos:2.1",
      "id": "cpe:2.3:o:apple:watchos:2.1"
    },
    {
      "title": "cpe:2.3:o:apple:iphone_os:9.2",
      "id": "cpe:2.3:o:apple:iphone_os:9.2"
    },
    {
      "title": "cpe:2.3:o:apple:mac_os_x:10.11.2",
      "id": "cpe:2.3:o:apple:mac_os_x:10.11.2"
    }
  ],
  "summary": "The Disk Images component in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.",
  "references": [
    "https://support.apple.com/HT206168",
   ],
  "Modified": "2016-03-29T19:01:26.810-04:00",
  "Published": "2016-02-01T06:59:01.090-05:00",
  "cvss": 7.2,
  "cwe": "CWE-119",
  "id": "CVE-2016-1717",
  "impact": {
    "integrity": "COMPLETE",
    "confidentiality": "COMPLETE",
    "availability": "COMPLETE"
  }

我试试

cat file.json | jq ('del(.cvss-time)' and 'access')

但没有工作

我必须使用什么命令JQ?或者我可以使用什么工具?

坦克!

1 个答案:

答案 0 :(得分:0)

以下jq> = 1.5的过滤器符合您的要求:

del(.access)
| .references |= [.[0]]
| del(."cvss-time")
| del(.vulnerable_configuration_cpe_2_2)

如果您使用的是jq 1.4,请使用del(.["cvss-time"])代替del(."cvss-time")

相关问题
最新问题