文档建议反馈控制台
首页
学习
活动
专区
圈层
工具
MCP广场
文章/答案/技术大牛
发布
社区首页 >问答首页 >删除JSON事件之间的逗号

删除JSON事件之间的逗号
EN

Stack Overflow用户
提问于 2017-03-21 04:13:26
回答 2查看 79关注 0票数 0

我希望让Splunk将页面内容分解为事件,但它无法做到。我试着去掉事件之间的逗号,但并不顺利。这是json传入的一部分。

代码语言:javascript
复制
"last_updated":"2017-02-28T17:56:19Z"},{"id":588699,"name":null,...

这就是我正在尝试的sed行

代码语言:javascript
复制
sed -e "s/},{/}+{/" -e "s/}[^}]*$/}/" secunia.txt | tr "+" "\n"

我已经将它放在barmar帮助的脚本中的for循环之外,但它没有取出,。我遗漏了什么?

以下是一些数据:

代码语言:javascript
复制
{"id":588699,"name":null,"status":{"id":2963,"name":"Handled"},"priority":{"id":2873,"name":"Urgent"},"queue":{"id":2144,"name":"Default"},"description":null,"assigned_to":{"id":4120,"username":"user4@company.com"},"asset_list":{"id":4777,"name":"Info Security Threat_Splunk"},"advisory":{"id":199003,"advisory_identifier":"SA74447","title":"Blue Coat Security Analytics Multiple Vulnerabilities","released":"2016-12-21T15:24:53Z","modified_date":"2016-12-21T15:24:53Z","criticality":2,"criticality_description":"Highly critical","solution_status":4,"solution_status_description":"Partial Fix","where":1,"where_description":"From remote","cvss_score":10.0,"cvss_vector":"(AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:TF/RC:C)","type":0,"is_zero_day":false},"created":"2016-12-21T15:33:09Z","pretty_id":79,"custom_score":null,"last_updated":"2016-12-21T15:40:28Z"},{"id":584252,"name":null,"status":{"id":2963,"name":"Handled"},"priority":{"id":2873,"name":"Urgent"},"queue":{"id":2144,"name":"Default"},"description":null,"assigned_to":{"id":4118,"username":"user3@company.com"},"asset_list":{"id":4657,"name":"PSS Middleware Environment"},"advisory":{"id":195840,"advisory_identifier":"SA73221","title":"Oracle Solaris Multiple Third Party Components Multiple Vulnerabilities","released":"2016-10-19T14:20:02Z","modified_date":"2016-12-19T14:42:30Z","criticality":2,"criticality_description":"Highly critical","solution_status":2,"solution_status_description":"Vendor Patched","where":1,"where_description":"From remote","cvss_score":10.0,"cvss_vector":"(AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)","type":0,"is_zero_day":false},"created":"2016-12-20T13:43:24Z","pretty_id":76,"custom_score":null,"last_updated":"2017-01-11T19:47:09Z"}
json
bash
sed
EN

回答 2

Stack Overflow用户

发布于 2017-03-21 04:45:21

尝试此命令-

代码语言:javascript
复制
sed -e "s/,//g" -e "s/}{/}\n{/" -e "s/}[^}]*$/}/"  f
票数 0
EN

Stack Overflow用户

发布于 2017-04-25 23:14:22

替换事件分隔符在这里起作用,这假设它不会出现在输入中的其他地方。例如:

代码语言:javascript
复制
sed 's/},{/}\n{/' secunia.txt | jq -s .

或使用便携sed

代码语言:javascript
复制
sed 's/},{/}\
{/' secunia.txt | jq -s .

输出:

代码语言:javascript
复制
[
  {
    "id": 588699,
    "name": null,
    "status": {
      "id": 2963,
      "name": "Handled"
    },
    "priority": {
      "id": 2873,
      "name": "Urgent"
    },
    "queue": {
      "id": 2144,
      "name": "Default"
    },
    "description": null,
    "assigned_to": {
      "id": 4120,
      "username": "user4@company.com"
    },
    "asset_list": {
      "id": 4777,
      "name": "Info Security Threat_Splunk"
    },
    "advisory": {
      "id": 199003,
      "advisory_identifier": "SA74447",
      "title": "Blue Coat Security Analytics Multiple Vulnerabilities",
      "released": "2016-12-21T15:24:53Z",
      "modified_date": "2016-12-21T15:24:53Z",
      "criticality": 2,
      "criticality_description": "Highly critical",
      "solution_status": 4,
      "solution_status_description": "Partial Fix",
      "where": 1,
      "where_description": "From remote",
      "cvss_score": 10,
      "cvss_vector": "(AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:TF/RC:C)",
      "type": 0,
      "is_zero_day": false
    },
    "created": "2016-12-21T15:33:09Z",
    "pretty_id": 79,
    "custom_score": null,
    "last_updated": "2016-12-21T15:40:28Z"
  },
  {
    "id": 584252,
    "name": null,
    "status": {
      "id": 2963,
      "name": "Handled"
    },
    "priority": {
      "id": 2873,
      "name": "Urgent"
    },
    "queue": {
      "id": 2144,
      "name": "Default"
    },
    "description": null,
    "assigned_to": {
      "id": 4118,
      "username": "user3@company.com"
    },
    "asset_list": {
      "id": 4657,
      "name": "PSS Middleware Environment"
    },
    "advisory": {
      "id": 195840,
      "advisory_identifier": "SA73221",
      "title": "Oracle Solaris Multiple Third Party Components Multiple Vulnerabilities",
      "released": "2016-10-19T14:20:02Z",
      "modified_date": "2016-12-19T14:42:30Z",
      "criticality": 2,
      "criticality_description": "Highly critical",
      "solution_status": 2,
      "solution_status_description": "Vendor Patched",
      "where": 1,
      "where_description": "From remote",
      "cvss_score": 10,
      "cvss_vector": "(AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)",
      "type": 0,
      "is_zero_day": false
    },
    "created": "2016-12-20T13:43:24Z",
    "pretty_id": 76,
    "custom_score": null,
    "last_updated": "2017-01-11T19:47:09Z"
  }
]
票数 0
EN
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:

https://stackoverflow.com/questions/42913114

复制
相关文章

相似问题

领券

腾讯云开发者

扫码关注腾讯云开发者

扫码关注腾讯云开发者

领取腾讯云代金券

热门产品

热门推荐

更多推荐

Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有 

深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 粤公网安备44030502008569号

腾讯云计算(北京)有限责任公司 京ICP证150476号 |  京ICP备11018762号

问题归档专栏文章快讯文章归档关键词归档开发者手册归档开发者手册 Section 归档