Help Center/ Log Tank Service/ Best Practices/ Log Jobs (Beta)/ Parsing Text/ Parsing and Updating JSON Data

Updated on 2025-12-04 GMT+08:00

View PDF

Parsing and Updating JSON Data

This section describes how to use the data processing feature to parse and update logs that contain JSON objects.

Scenario 1: Expanding and Extracting JSON Objects

You can use the e_json function to expand and extract JSON objects contained in logs.

Example: Extract the value of a JSON object by specifying the field name. In this example, the first-level key-value pair in the data field is expanded.

Raw log

{
    "data": {"k1": "v1", "k2": {"k3": "v3", "k4": "v4"}}
}

Processing rule
```
e_json("data", depth=1)
```

Processing result

{
	"data": {
		"k1": "v1",
		"k2": {
			"k3": "v3",
			"k4": "v4"
		}
	},
	"k1": "v1",
	"k2": {
		"k3": "v3",
		"k4": "v4"
	}
}

Scenario 2: Extracting JSON Object Values

You can use the dct_get function to extract values of JSON object contained in logs.

For example, extract the key-value pair "k1":"v1" from JSON objects and change the key name to key1.

Raw log
```
{
    "data": {"k1":"v1","k2":"v2"}
}
```
Processing rule
```
e_set("key1", dct_get(v("data"), "k1"))
```

Processing result

{
	"key1": "v1",
	"data": {
		"k1": "v1",
		"k2": "v2"
	}
}

Scenario 3: Updating JSON Object Values

You can use the dct_update function to update values of JSON objects contained in logs.

For example, change the value of k1 in JSON objects.

Raw log

{
	"data": {
		"k1": "k1",
		"k2": "v2"
	}
}

Processing rule

e_set("data", dct_update(v("data"), {"k1": "new_k1"}))

Processing result

{
	"data": {
		"k1": "new_k1",
		"k2": "v2"
	}
}

Scenario 4: Deleting JSON Object Values

You can use the dct_delete function to delete JSON object values from logs.

For example, delete the key-value pairs "k1":"v1" and "k2":"v2" from JSON objects.

Raw logs

{
    "data": {"k1":"v1","k2":"v2", "k3": "v3"}
}

Processing rule

e_set("data", dct_delete(v("data"), "k1", "k2"))

Processing result
```
data:{"k3": "v3"}
```

Scenario 5: Parsing a Value as a JSON Object

You can use the json_parse function to parse a string into a JSON object.

For example, if the value of the data field is a string, you can convert it into a JSON object.

Raw log

{
    "data": "pre{ \"k1\": \"v1\", \"k2\": \"v2\"}"
}

Processing rule

e_set("json_object", json_parse(op_slice(v("data"), 3, 28)))

Processing result

{
	"data": "pre{ \"k1\": \"v1\", \"k2\": \"v2\"}",
	"json_object": {
		"k1": "v1",
		"k2": "v2"
	}
}

Parent topic: Parsing Text

Previous topic: Processing Complex JSON Data

Next topic: Enriching Data

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.

Chatbot