homepage
Menu
Open menu

JSON and jq Quick Start Guide

This guide is a supplement to SANS FOR572: Advanced Network Forensics and Analysis. It covers the basics of JSON and some of the fundamentals of the jq utility. The jq utility filters, parses, formats, and restructures JSON—think of it as sed, awk, and grep, but for JSON. Given the trend toward logs being generated in JSON, easily accessing and molding that data is increasingly important for the forensicator. This document is not intended to replace jq’s extensive documentation. It is only a quick reference resource.

May 25, 2021
Download
470x382_Q-S-Guide_DFIR_JSON-jq.jpg

Related Content

Blog
ransomware 25 340x340.png
Digital Forensics, Incident Response & Threat Hunting, Cyber Defense, Offensive Operations, Pen Testing, and Red Teaming
Visual Summary of SANS Ransomware Summit 2025
Check out these graphic recordings created in real-time throughout the event for SANS Ransomware Summit 2025
No Headshot Available
Alison Kim
read more
Blog
Blog Teaser: Shoplifting2.0 340x340.jpg
Digital Forensics, Incident Response & Threat Hunting
Shoplifting 2.0: When it’s Data the Thieves Steal
Identify steps organisations can implement to protect against Scattered Spider and DragonForce
Adam Harrison
Adam Harrison
read more
Blog
Quest_to_Summit_340x340.png
Industrial Control Systems Security, Digital Forensics, Incident Response & Threat Hunting
The Quest to Summit | SANS ICS Security Summit 2025
Register for the ICS Security Summit to be able to participate in The Quest to Summit and win big prizes.
370x370_Tim-Conway.jpg
Tim Conway
read more