Skip to main content

Has anyone been able to use "filter" function within the JSON result pop-up?

  • September 3, 2023
  • 6 replies
  • 26 views
K
Forum|alt.badge.img+4

Has anyone been able to use "filter" function within the JSON result pop-up? I've tried multiple times but I'm getting error saying invalid key, not found. Any working examples would be much appreciated! Thanks!

    6 replies

    Dmitry_Sarakeev
    Staff
    Forum|alt.badge.img+9

    hi @krunalm , can you please elaborate what you refer to? do you mean expression builder? i added example here what should get me a value for the case name

    View files in slack

    K
    Forum|alt.badge.img+4
    • krunalm
    • Author
    • New Member
    • September 3, 2023

    Yup exactly this but using the filter function from the right-side menu

    Dmitry_Sarakeev
    Staff
    Forum|alt.badge.img+9

    ok, to me this filter returns all of the jsons from the list of jsons that have priority P4:
    filter("priority", "=", "P4")]

    K
    Forum|alt.badge.img+4
    • krunalm
    • Author
    • New Member
    • September 11, 2023

    Can it return a specific field based on the value of a different field? So in your example case, it could be returning all case.Name where priority=P4?

    Dmitry_Sarakeev
    Staff
    Forum|alt.badge.img+9

    it returns full json "node" if priorirty =P4

    K
    Forum|alt.badge.img+4
    • krunalm
    • Author
    • New Member
    • September 11, 2023

    Can it have a placeholder from alert data? For example, return JSON node where "entity" = "source IP" (from alert data)

    Terms & ConditionsCookie settingsAccessibility statement
    Privacy Policy Terms of Service Gen AI Policy Community Guidelines Cookie Settings

    © 2025 Google. All rights reserved.