json 如何在使用jq提取数据时删除空值?

klh5stk1  于 2023-04-08  发布在  其他
关注(0)|答案(2)|浏览(94)

你好,我有一个kubernets审计日志文件。日志文件中有json记录的数据。我想解析过滤器的记录。
下面是文件中的一对记录的示例

{"kind":"Event","apiVersion":"audit.k8s.io/v1","level":"Metadata","auditID":"60cc3bf1-a04e-4db3-a343-98aaaea8c4a5","stage":"ResponseComplete","requestURI":"/api/v1/serviceaccounts?limit=500\u0026resourceVersion=0","verb":"list","user":{"username":"system:apiserver","uid":"7cded9c8-a35d-4e66-adf1-162ce37d5868","groups":["system:masters"]},"sourceIPs":["::1"],"userAgent":"kube-apiserver/v1.24.12 (linux/amd64) kubernetes/ef70d26","objectRef":{"resource":"serviceaccounts","apiVersion":"v1"},"responseStatus":{"metadata":{},"code":200},"requestReceivedTimestamp":"2023-04-06T15:10:46.594135Z","stageTimestamp":"2023-04-06T15:10:46.595016Z","annotations":{"authorization.k8s.io/decision":"allow","authorization.k8s.io/reason":""}}{"kind":"Event","apiVersion":"audit.k8s.io/v1","level":"Metadata","auditID":"1af73bde-3a0f-437d-a468-49da772d619d","stage":"ResponseComplete","requestURI":"/apis/batch/v1/namespaces/restricted-namespace/jobs?fieldManager=helm","verb":"create","user":{"username":"kubernetes-admin","groups":["system:masters","system:authenticated"]},"sourceIPs":["172.19.0.1"],"userAgent":"Go-http-client/2.0","objectRef":{"resource":"jobs","namespace":"restricted-namespace","name":"gateway-certgen","apiGroup":"batch","apiVersion":"v1"},"responseStatus":{"metadata":{},"code":201},"requestReceivedTimestamp":"2023-04-06T15:14:02.625749Z","stageTimestamp":"2023-04-06T15:14:02.632035Z","annotations":{"authorization.k8s.io/decision":"allow","authorization.k8s.io/reason":"","pod-security.kubernetes.io/audit-violations":"would violate PodSecurity \"restricted:v1.24\": allowPrivilegeEscalation != false (container \"certgen\" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container \"certgen\" must set securityContext.capabilities.drop=[\"ALL\"]), seccompProfile (pod or container \"certgen\" must set securityContext.seccompProfile.type to \"RuntimeDefault\" or \"Localhost\")"}}

我想筛选出这些记录,并从每个记录中打印以下字段的值。

.annotations.pod-security.kubernetes.io/audit-violations

我正在使用此命令,

cat kube-apiserver-audit.log | jq '.annotations."pod-security.kubernetes.io/audit-violations"'

但它给出以下输出

null
null
"would violate PodSecurity \"restricted:v1.24\": allowPrivilegeEscalation != false (container \"certgen\" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container \"certgen\" must set securityContext.capabilities.drop=[\"ALL\"]), seccompProfile (pod or container \"certgen\" must set securityContext.seccompProfile.type to \"RuntimeDefault\" or \"Localhost\")"
null
null
null
null

有什么办法可以从jq输出中删除空值吗?谢谢

JSON

2条答案

按热度按时间
cuxqih21

cuxqih211#

values过滤器(参见手册)正是这样做的,过滤掉null s,同时保留“值”:

.annotations."pod-security.kubernetes.io/audit-violations" | values
"would violate PodSecurity \"restricted:v1.24\": allowPrivilegeEscalation != false (container \"certgen\" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container \"certgen\" must set securityContext.capabilities.drop=[\"ALL\"]), seccompProfile (pod or container \"certgen\" must set securityContext.seccompProfile.type to \"RuntimeDefault\" or \"Localhost\")"

Demo

赞(0)分享  回复(0)举报  2023-04-08
uxhixvfz

uxhixvfz2#

您可以使用select进行筛选。

jq -r '.annotations."pod-security.kubernetes.io/audit-violations" | select(. != null)'
赞(0)分享  回复(0)举报  2023-04-08
我来回答

相关问题

    查看更多

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新问答

    更多
    • 蜀ICP备13028337号-1 大数据知识库 https://www.saoniuhuo.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com