Advent of Code is back! Unwrap daily challenges to sharpen your Alteryx skills and earn badges along the way! Learn more now.
Community is experiencing an influx of spam. As we work toward a solution, please use the 'Notify Moderator' option on the ellipsis menu to flag inappropriate posts.
community Alteryx IO Mission Control
alteryx Community
Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Close
Free Trial

Alteryx Designer Desktop Discussions

Find answers, ask questions, and share expertise about Alteryx Designer Desktop and Intelligence Suite.
SOLVED

Parsing nested JSON

Alex-Andronic
6 - Meteoroid
‎10-11-2017 08:18 AM

Hi, 

 

I've been trying to parse some nested JSON but I cannot get my head around it. I can do it if it's only one level (nodes?) but if there are multiple levels I cannot do it.

 

The desired output is like this, where name, start_time and end_time are unique

namestart_timeend_timeinoutabandon
StoreEntrance.Door1.Left2017-10-10T00:00:00.000+01:002017-10-10T00:04:59.999+01:00100
StoreEntrance.Door1.Left2017-10-10T00:05:00.000+01:002017-10-10T00:09:59.999+01:00010
StoreEntrance.Door1.Right2017-10-10T00:00:00.000+01:002017-10-10T00:04:59.999+01:00030
StoreEntrance.Door1.Right2017-10-10T00:05:00.000+01:002017-10-10T00:09:59.999+01:00200

 

I attached the JSON file that I try to parse this way (I had to rename it as .txt because .json is not a supported attachment file type)

 

Any help would be appreciated.

Alex

Preview file
38 KB
Labels:
Reply
0 Likes

Accepted SolutionSolved! Go to Solution.

5 REPLIES 5
jdunkerley79
ACE Emeritus
ACE Emeritus
‎10-11-2017 10:54 AM

Try the attached.

 

I think should be close enough to get you started.

 

2017-10-11_18-54-22.jpg

 Basically uses Regex and join to get records into the needed format

json_test.json.yxmd
json_test.json.yxmd
Reply
Alex-Andronic
6 - Meteoroid
‎10-13-2017 02:25 AM

Elegant solution with the Regex, thank you very much for your help!

Reply
0 Likes
jrdepriest
7 - Meteor
‎03-06-2018 08:12 AM

Hello,

 

I'm trying to parse a complicated JSON file that contains information about computer vulnerabilities from the National Vulnerability Database operated by NIST. The main page for the files is here https://nvd.nist.gov/vuln/data-feeds.

The smallest file they have is still almost 3 MB when unzipped. The 2002 file is the one giving me the most trouble and the smallest one with which I can demonstrate my issues. Download it here https://static.nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-2002.json.zip.

2018-03-06_9-51-52.png

The Workflow is pretty much the same as the one provided, just a few tweaks due to the naming conventions.

The problem comes with the nested fields "vendor_name".

You can see how they appear in this excerpt. This isn't the entire section, just a snippet.

 

    "cve" : {
      "data_type" : "CVE",
      "data_format" : "MITRE",
      "data_version" : "4.0",
      "CVE_data_meta" : {
        "ID" : "CVE-1999-0590",
        "ASSIGNER" : "cve@mitre.org"
      },
      "affects" : {
        "vendor" : {
          "vendor_data" : [ {
            "vendor_name" : "apple",
            "product" : {
              "product_data" : [ {
                "product_name" : "mac_os",
                "version" : {
                  "version_data" : [ {
                    "version_value" : "*"
                  } ]
                }
              } ]
            }
          }, {
            "vendor_name" : "linux",
            "product" : {
              "product_data" : [ {
                "product_name" : "linux_kernel",
                "version" : {
                  "version_data" : [ {
                    "version_value" : "2.6.20.1"
                  } ]
                }
              } ]

Each vendor_name has its own associated product_name.

 

But this is how it looks in the final report.

 

Record_Name	publishedDate_Fixed	lastModifiedDate_Fixed	cvssV2_baseScore	cvssV3_baseScore	vendor_name	product_name	value	versionEndIncluding	version_value
CVE-1999-0590	2000-01-01 04:00:00	2008-01-09 12:35:00	10		apple,linux,microsoft	mac_os,linux_kernel,windows_2000,windows_95,windows_98,windows_nt	NVD-CWE-Other,A system does not present an appropriate legal message or warning to a user who is accessing it.		*,2.6.20.1,*,*,*,3.5.1,4.0

The vendor names are concatenated in a single field and the product names and version_value are concatenated in their respective fields.

 

I'd rather break it down like this.

 

Record_Name	publishedDate_Fixed	lastModifiedDate_Fixed	cvssV2_baseScore	cvssV3_baseScore	vendor_name	product_name	value	versionEndIncluding	version_value
CVE-1999-0590	1/1/2000 4:00	1/9/2008 12:35	10		apple	mac_os	NVD-CWE-Other,A system does not present an appropriate legal message or warning to a user who is accessing it.		*
CVE-1999-0590	1/1/2000 4:00	1/9/2008 12:35	10		linux	linux_kernel	NVD-CWE-Other,A system does not present an appropriate legal message or warning to a user who is accessing it.		2.6.20.1
CVE-1999-0590	1/1/2000 4:00	1/9/2008 12:35	10		microsoft	windows_2000	NVD-CWE-Other,A system does not present an appropriate legal message or warning to a user who is accessing it.		*
CVE-1999-0590	1/1/2000 4:00	1/9/2008 12:35	10		microsoft	windows_95	NVD-CWE-Other,A system does not present an appropriate legal message or warning to a user who is accessing it.		*
CVE-1999-0590	1/1/2000 4:00	1/9/2008 12:35	10		microsoft	windows_98	NVD-CWE-Other,A system does not present an appropriate legal message or warning to a user who is accessing it.		*
CVE-1999-0590	1/1/2000 4:00	1/9/2008 12:35	10		microsoft	windows_nt	NVD-CWE-Other,A system does not present an appropriate legal message or warning to a user who is accessing it.		3.5.1
CVE-1999-0590	1/1/2000 4:00	1/9/2008 12:35	10		microsoft	windows_nt	NVD-CWE-Other,A system does not present an appropriate legal message or warning to a user who is accessing it.		4.0

Grouped by Vendor, then Product, then Version.

But the parsing is beyond my skill level.

 

test parser for nvd cve json.yxmd
Reply
0 Likes
jrdepriest
7 - Meteor
‎03-07-2018 08:28 AM

I created a demo data set based on the excerpt I posted earlier. This set is representative of the whole.

 

I feel like this is going to take a SubSubField and a SubSubSubField and that is getting too complicated for my brain to parse.

Preview file
6 KB
Reply
0 Likes
jrdepriest
7 - Meteor
‎03-14-2018 09:39 AM

I have a Workflow that should do exactly what I want. It produces the desired results with the sample data. But, on real data, the files that range from 5 MB to 200 MB, I've let it run for 72 hours on one of the smaller files and it still didn't finish. I tried breaking it into smaller workflows and dumping incremental results into Altertyx data files. The file created by step 2 of 4 was 6 GB.

Any advice would be great. See attached monstrosity.

I attached the wrong version the first time. Sorry.

This is what the attached one produces with the demo data.

CVE	published_Date	lastmodified_Date	cvssV2_baseScore	Vendor_Name	Product_Name	Version_Value
CVE-1999-0590	2000-01-01 04:00:00	2008-01-09 12:35:00	10	apple	mac_os	*
CVE-1999-0590	2000-01-01 04:00:00	2008-01-09 12:35:00	10	linux	linux_kernel	2.6.20.1
CVE-1999-0590	2000-01-01 04:00:00	2008-01-09 12:35:00	10	microsoft	windows_2000	*
CVE-1999-0590	2000-01-01 04:00:00	2008-01-09 12:35:00	10	microsoft	windows_95	*
CVE-1999-0590	2000-01-01 04:00:00	2008-01-09 12:35:00	10	microsoft	windows_98	*
CVE-1999-0590	2000-01-01 04:00:00	2008-01-09 12:35:00	10	microsoft	windows_nt	3.5.1
CVE-1999-0590	2000-01-01 04:00:00	2008-01-09 12:35:00	10	microsoft	windows_nt	4.0
test parser for nvd cve json.yxmd
Reply
0 Likes
connect with mentors
designer new user guide
Labels
Top Solution Authors
View All