Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

🪄 jq trick > group and count by severity 📊 #8

Closed
adriens opened this issue Jul 23, 2022 · 14 comments
Closed

🪄 jq trick > group and count by severity 📊 #8

adriens opened this issue Jul 23, 2022 · 14 comments
Assignees
@mbarre
Labels
BUILD Toute activité liée à la création de nouvelles fonctionnalités enhancement New feature or request help wanted Extra attention is needed
Milestone
🚀 Better templates 🤼

Comments

@adriens
Copy link
Member

adriens commented Jul 23, 2022
edited
Loading

Provide the jq query that takes in input a grype -o json command and returns

"Negligible",0
"Low",4
"High",10

see Group vulnerabilities by severity

🐦 Tweet
:
image
@adriens adriens added the enhancement New feature or request label Jul 23, 2022
@adriens adriens changed the title Implement jq trick to group and count by sevrity 🪄 Implement jq trick to group and count by sevrity Jul 23, 2022
@adriens adriens pinned this issue Jul 23, 2022
adriens added a commit that referenced this issue Jul 23, 2022
@adriens
Update JQ_TRICKS.md
a000a4f 
cf #8
adriens added a commit that referenced this issue Jul 23, 2022
@adriens
Update JQ_TRICKS.md
5f4fc18 
cf #8
adriens added a commit that referenced this issue Jul 23, 2022
@adriens
Update JQ_TRICKS.md
caedf70 
cf #8
@adriens adriens changed the title 🪄 Implement jq trick to group and count by sevrity 🪄 Implement jq trick to group and count by severity Jul 23, 2022
@adriens adriens added the help wanted Extra attention is needed label Jul 23, 2022
@adriens
Copy link
Member Author

adriens commented Jul 27, 2022

@mbarre 😺
If you can submit the PR before September 🙏

@adriens adriens added the BUILD Toute activité liée à la création de nouvelles fonctionnalités label Jul 27, 2022
@adriens adriens added this to the Better templates milestone Jul 27, 2022
@adriens adriens mentioned this issue Jul 27, 2022
Closed
5 tasks
@adriens adriens changed the title 🪄 Implement jq trick to group and count by severity 🪄 jq trick > to group and count by severity Jul 27, 2022
@mbarre
Copy link
Contributor

mbarre commented Aug 2, 2022 

grype nginx:latest -o json --file grype.json 
cat grype.json | jq  '.matches[].vulnerability.severity' | sort | uniq -c
     7 "Critical"
     23 "High"
     10 "Low"
     22 "Medium"
     82 "Negligible"
      9 "Unknown"

c pas du json, mais ca permet de decouvrir uniq

@adriens
Copy link
Member Author

adriens commented Aug 2, 2022
edited
Loading

💡 even shorter, and without temporary file :

grype nginx:latest -o json | \
    jq  '.matches[].vulnerability.severity' \
    | sort \
    | uniq -c

👇

❯ grype nginx:latest -o json | \
    jq  '.matches[].vulnerability.severity' \
    | sort \
    | uniq -c
 ✔ Vulnerability DB        [updated]
 ✔ Loaded image            
 ✔ Parsed image            
 ✔ Cataloged packages      [143 packages]
 ✔ Scanned image           [155 vulnerabilities]
      7 "Critical"
     23 "High"
     10 "Low"
     22 "Medium"
     82 "Negligible"
      9 "Unknown"

@adriens adriens changed the title 🪄 jq trick > to group and count by severity 🪄 jq trick > to group and count by severity 📊 Aug 2, 2022
@adriens adriens changed the title 🪄 jq trick > to group and count by severity 📊 🪄 jq trick > group and count by severity 📊 Aug 2, 2022
@adriens
Copy link
Member Author

adriens commented Aug 2, 2022

cf https://twitter.com/rastadidi/status/1554570454764883968

image

grype jq tricks #8(1)

@adriens adriens mentioned this issue Aug 15, 2022
Closed
@mbarre
Copy link
Contributor

mbarre commented Aug 15, 2022 

 jq '[.matches[].vulnerability | {severity : .severity} ]| group_by(.severity)[] |.[0] + { count: length } ' 
{
  "severity": "Critical",
  "count": 8
}
{
  "severity": "High",
  "count": 26
}
{
  "severity": "Low",
  "count": 10
}
{
  "severity": "Medium",
  "count": 24
}
{
  "severity": "Negligible",
  "count": 82
}
{
  "severity": "Unknown",
  "count": 4
}

@adriens
Copy link
Member Author

adriens commented Aug 15, 2022

je teste ça !

@adriens
Copy link
Member Author

adriens commented Aug 15, 2022 

grype -o json nginx:latest \
    | jq '[.matches[].vulnerability | {severity : .severity} ]| group_by(.severity)[] |.[0] + { count: length } '

👌

Can you also please provide (pure js) :

  • piping for a tabular output
  • piping for a csv input

@adriens
Copy link
Member Author

adriens commented Aug 15, 2022

I think the next step will be to make a PR to feed JQ_TRICKS.md 👏 🏅 @mbarre

@mbarre
Copy link
Contributor

mbarre commented Aug 30, 2022 

❯ cat grype.json | jq -r '[[.matches[].vulnerability | {severity : .severity}] | group_by(.severity)[] | .[0] + {count: length}] '
[
  {
    "severity": "Critical",
    "count": 8
  },
  {
    "severity": "High",
    "count": 26
  },
  {
    "severity": "Low",
    "count": 10
  },
  {
    "severity": "Medium",
    "count": 24
  },
  {
    "severity": "Negligible",
    "count": 82
  },
  {
    "severity": "Unknown",
    "count": 4
  }
]

@adriens
Copy link
Member Author

adriens commented Aug 30, 2022

🤑 you git it ! Just drop PRs on the tricks now 🚀 🙏

@mbarre
Copy link
Contributor

mbarre commented Sep 13, 2022 

cat grype.json | jq -r '[.matches[].vulnerability | {severity}] | group_by(.severity) | [.[] | {severity: .[0].severity, count: . | length}]| to_entries as $row |  ( ( map(keys_unsorted ) | add | unique ) as $cols | ( [$cols] | flatten) ,  ( $row | .[] as $onerow | $onerow |( [ ( $cols |   map ($onerow.value[.] as $v | $v )  ) ]| flatten ) ) ) | @csv '
"count","severity"
8,"Critical"
26,"High"
10,"Low"
24,"Medium"
82,"Negligible"
4,"Unknown"

cat grype.json | jq -r '[.matches[].vulnerability | {severity}] | group_by(.severity) | [.[] | {severity: .[0].severity, count: . | length}]| to_entries as $row |  ( ( map(keys_unsorted ) | add | unique ) as $cols | ( [$cols] | flatten) ,  ( $row | .[] as $onerow | $onerow |( [ ( $cols |   map ($onerow.value[.] as $v | $v )  ) ]| flatten ) ) ) | @tsv '
count	severity
8	Critical
26	High
10	Low
24	Medium
82	Negligible
4	Unknown

@mbarre mbarre closed this as completed Sep 13, 2022
@adriens adriens reopened this Sep 23, 2022
@adriens
Copy link
Member Author

adriens commented Sep 23, 2022

Afert some integration tests, it appears that it would be much more optimal to get the output like following :

"severity", "count"
"Critical",9
"High",29
"Low",10
"Medium",28
"Negligible",86
"Unknown",2

👉 Can you please put columns in the following order :

  1. severity
  2. count

@mbarre
Copy link
Contributor

mbarre commented Oct 13, 2022 

cat grype.json | jq -r '[.matches[].vulnerability | {severity}] | group_by(.severity) | [.[] | {severity: .[0].severity, count: . | length}]|(.[0] | keys_unsorted) as $keys | ([$keys] + map([.[ $keys[] ]])) [] | @csv'
"severity","count"
"Critical",8
"High",26
"Low",10
"Medium",24
"Negligible",82
"Unknown",4

@mbarre mbarre closed this as completed Oct 13, 2022
mbarre added a commit that referenced this issue Oct 13, 2022
@mbarre
docs: reorder column
2b0186a 
ref: #8
@mbarre mbarre mentioned this issue Oct 13, 2022
Merged
@adriens
Copy link
Member Author

adriens commented Oct 14, 2022

image

@adriens adriens mentioned this issue Oct 14, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mbarre mbarre

Labels
BUILD Toute activité liée à la création de nouvelles fonctionnalités enhancement New feature or request help wanted Extra attention is needed
Projects
None yet
Milestone
🚀 Better templates 🤼
Development

No branches or pull requests
2 participants
@mbarre @adriens