github.com/zhangdapeng520/zdpgo_json@v0.1.5/examples/query1/main.go

github.com/zhangdapeng520/zdpgo_json@v0.1.5/examples/query1/main.go (about)

     1  package main
     2  
     3  import (
     4  	"encoding/json"
     5  	"fmt"
     6  	"reflect"
     7  
     8  	"github.com/zhangdapeng520/zdpgo_json"
     9  )
    10  
    11  func main() {
    12  	/*
    13  	   EndpointRule的内容大概如下
    14  	   rule:
    15  	     windows:
    16  	       psh:
    17  	         command: Get-WmiObject -class win32_operatingsystem | select -property *;
    18  
    19  	     vul_tag: [["系统信息"],["win32_operatingsystem"]]
    20  	*/
    21  	data := make(map[string]interface{})
    22  	windows := make(map[string]interface{})
    23  	psh := make(map[string]string)
    24  	psh["command"] = "Get-WmiObject -class win32_operatingsystem | select -property *;"
    25  	windows["psh"] = psh
    26  	data["windows"] = windows
    27  
    28  	var vulTag [][]string
    29  	vulTag = append(vulTag, []string{"系统信息"})
    30  	vulTag = append(vulTag, []string{"win32_operatingsystem"})
    31  	data["vul_tag"] = vulTag
    32  
    33  	// 解析为JSON
    34  	jsonData, err := json.Marshal(data)
    35  	if err != nil {
    36  		panic(err)
    37  	}
    38  	fmt.Println("this json string : ", string(jsonData))
    39  
    40  	// 重新解析为map
    41  	var dataMap map[string]interface{}
    42  	json.Unmarshal(jsonData, &dataMap)
    43  	fmt.Println("read data map successful", dataMap)
    44  
    45  	// 逐层提取
    46  	for k, v := range dataMap {
    47  		switch argValue := v.(type) {
    48  		case map[string]interface{}: // get command
    49  			fmt.Println("command", argValue)
    50  			// 得到shell类型和命令
    51  			for k1, v1 := range argValue {
    52  				fmt.Println("===========", k, k1, v1)
    53  				for k2, v2 := range v1.(map[string]interface{}) {
    54  					fmt.Println("xxxxxxxxxxxxxxxx", k, k1, k2, v2)
    55  				}
    56  			}
    57  		case []interface{}: // get vul tag
    58  			var vulTag1 [][]string
    59  			for _, v := range argValue {
    60  				var t []string
    61  				for _, vv := range v.([]interface{}) {
    62  					t = append(t, vv.(string))
    63  				}
    64  				vulTag1 = append(vulTag1, t)
    65  			}
    66  			fmt.Println("vul tag", vulTag1)
    67  		default:
    68  			fmt.Println("unknown type")
    69  		}
    70  	}
    71  
    72  	// 直接json提取
    73  	jsonStr := `{"vul_tag":[["系统信息"],["win32_operatingsystem"]],"windows":{"psh":{"command":"Get-WmiObject -class win32_operatingsystem | select -property *;"}}}`
    74  	j := zdpgo_json.New()
    75  	vulTag2 := j.Query.Get(jsonStr, "vul_tag")
    76  	fmt.Println("vul tag 2 = ", vulTag2, reflect.TypeOf(vulTag2))
    77  	fmt.Println(vulTag2.Raw, reflect.TypeOf(vulTag2.Raw))
    78  	var vulTag3 [][]string
    79  	j.Loads(vulTag2.Raw, &vulTag3)
    80  	fmt.Println("vul tag 3 = ", vulTag3, reflect.TypeOf(vulTag3), vulTag3[0][0])
    81  
    82  	// 提取commoand
    83  	command := j.Query.Get(jsonStr, "windows.psh.command")
    84  	fmt.Println(command.Raw)
    85  
    86  	// 提取vultag
    87  	fmt.Println("=============提取vul tag=======================")
    88  	vulTagArray := j.Query.Get(jsonStr, "vul_tag").Array()
    89  	fmt.Println(vulTagArray)
    90  }