'How to extract nested variables in kwrgs?
I have a function which is supposed to grab a query from a remote server and run it on OsQuery. I have been able to configure it so that the data is sent from the remote server and is received in the kwargs data structure.
When I run print(kwargs) it shows a long dict, in it I have a field called 'osquery_query' which I'd like to extract and print out .
The output looks like this:
'object_type': 4, 'principal': {'display_name': 'XXXX', 'id': 1, 'name': 'XXXX', 'type': 'user'}, 'properties': {**'osquery_query': 'select * from logged_on_users'**}, 'row': None, 'task': None, 'type_info': {'artifact': {'fields': {'relating_incidents': {'id': 121, 'values': {}}, 'summary': {'id': 122, 'values': {}}
I have attempted to extract the data using kwargs.get like so:
def _osquery_handler_function(self, event, *args, **kwargs):
query = kwargs.get('osquery_query')
print("Query Is: %s", query)
but that doesn't really catch anything (just shows me that it's empty) how could I extract the data from the dictionary and print it out?
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|