I have been wracking my brain trying to figure out how to include a could of JSON property that is outside of a nested JSON array that contains information that I need to include in a MS Teams response.
What I am doing:
I am using the Cisco Umbrella plugin to search Umbrella activity for users who may have visited a site/domain. Cisco returns a JSON object that contains an array of objects (see sample JSON below). I want to output a table that includes the properties datetime, domain, externalIp, internalIP, verdict, USER, system name. Both User and system name are in an array called identities.
Currently, I am looping through the identity array and outputting an array that contains only the two elements of username, computer name.
Problem: I am not finding a way to create a custom array that would include the two elements from the identities array and the properties outside of the identity array.
The end goal is to have a message presented like this (the fields to not align up yet):
Structure returned by Umbrella: JSON array of objects that contain arrays.
Sample of returned data:
“visited_domains”{
“$success”: true,
“domain_visits”: [
{
“datetime”: “2024-11-21T16:09:03”,
“domain”: “<URL/DOMAIN VISITED>”,
“externalIp”: “1.2.3.4”,
“identities”: [
{
“deleted”: false,
“id”: 1235400214,
“label”: “USER”
},
{
“deleted”: false,
“id”: 1235413385,
“label”: “system.name.org”
},
{
“deleted”: false,
“id”: 604265489,
“label”: “User LOCATION”
},
],
“internalIp”: “5.6.7.8”,
“queryType”: “A”,
“timestamp”: 1732205343000,
“verdict”: “allowed”
}
]
}