如何使用 xmlstarlet select 多个同名元素?
How do I select multiple elements with the same name using xmlstarlet?
我有以下 xml:
<a>
<TICKET_LIST>
<TICKET>
<NUMBER>182820</NUMBER>
<DETECTION>
<IP network_id="173230">192.168.140.61</IP>
<DNSNAME><![CDATA[local]]></DNSNAME>
<PORT>80</PORT>
<SERVICE>CGI</SERVICE>
<PROTOCOL>tcp</PROTOCOL>
</DETECTION>
<VULNINFO>
<TITLE><![CDATA[HTTP TRACE / TRACK Methods Enabled]]></TITLE>
<TYPE>VULN</TYPE>
<QID>12680</QID>
<SEVERITY>3</SEVERITY>
<STANDARD_SEVERITY>3</STANDARD_SEVERITY>
<CVE_ID_LIST>
<CVE_ID><![CDATA[CVE-2004-2320]]></CVE_ID>
<CVE_ID><![CDATA[CVE-2010-0386]]></CVE_ID>
<CVE_ID><![CDATA[CVE-2003-1567]]></CVE_ID>
</CVE_ID_LIST>
</VULNINFO>
</TICKET>
<TICKET>
<NUMBER>182957</NUMBER>
<DETECTION>
<IP network_id="173230">192.168.200.46</IP>
<DNSNAME><![CDATA[local]]></DNSNAME>
<PORT>443</PORT>
<SERVICE>Web server</SERVICE>
<PROTOCOL>tcp</PROTOCOL>
</DETECTION>
<VULNINFO>
<TITLE><![CDATA[Web Server Uses Plain-Text Form Based Authentication]]></TITLE>
<TYPE>VULN</TYPE>
<QID>86728</QID>
<SEVERITY>3</SEVERITY>
<STANDARD_SEVERITY>3</STANDARD_SEVERITY>
</VULNINFO>
</TICKET>
</TICKET_LIST>
</a>
我想将一些数据导出为 csv 格式。
此代码 returns 一些数据符合预期:
xmlstarlet sel -T -t -m /a/TICKET_LIST/TICKET -v "concat(NUMBER,',',DETECTION/IP,',',DETECTION/DNSNAME,',',DETECTION/SERVICE,',',DETECTION/PORT,',',VULNINFO/TITLE,',',VULNINFO/QID)" -n file.xml
不过,我也对与其余数据位于同一行的所有 CVE_ID 数据感兴趣。
我现在得到的结果是:
182820,192.168.140.61,local,CGI,80,HTTP TRACE / TRACK Methods Enabled,12680
182957,192.168.200.46,local,Web server,443,Web Server Uses Plain-Text Form Based Authentication,86728
预期结果是:
182820,192.168.140.61,local,CGI,80,HTTP TRACE / TRACK Methods Enabled,12680,CVE-2004-2320 CVE-2010-0386 CVE-2003-1567
182957,192.168.200.46,local,Web server,443,Web Server Uses Plain-Text Form Based Authentication,86728
由于有多个 CVE_ID 元素,您需要添加另一个匹配项 (-m) 来匹配 VULNINFO/CVE_ID_LIST/CVE_ID。
此外,要使换行符 (-n) 正确输出,您必须打破嵌套 (-b)。
示例...
xmlstarlet sel -T -t -m /a/TICKET_LIST/TICKET -v "concat(NUMBER,',',DETECTION/IP,',',DETECTION/DNSNAME,',',DETECTION/SERVICE,',',DETECTION/PORT,',',VULNINFO/TITLE,',',VULNINFO/QID,',')" -m VULNINFO/CVE_ID_LIST/CVE_ID -v "concat(.,' ')" -b -n file.xml
输出...
182820,192.168.140.61,local,CGI,80,HTTP TRACE / TRACK Methods Enabled,12680,CVE-2004-2320 CVE-2010-0386 CVE-2003-1567
182957,192.168.200.46,local,Web server,443,Web Server Uses Plain-Text Form Based Authentication,86728,
如果您看到 xmlstarlet 内部使用的 XSLT (-C)...
,命令行可能更有意义
<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:exslt="http://exslt.org/common" version="1.0" extension-element-prefixes="exslt">
<xsl:output omit-xml-declaration="yes" indent="no" method="text"/>
<xsl:template match="/">
<xsl:for-each select="/a/TICKET_LIST/TICKET">
<xsl:call-template name="value-of-template">
<xsl:with-param name="select" select="concat(NUMBER,',',DETECTION/IP,',',DETECTION/DNSNAME,',',DETECTION/SERVICE,',',DETECTION/PORT,',',VULNINFO/TITLE,',',VULNINFO/QID,',')"/>
</xsl:call-template>
<xsl:for-each select="VULNINFO/CVE_ID_LIST/CVE_ID">
<xsl:call-template name="value-of-template">
<xsl:with-param name="select" select="concat(.,' ')"/>
</xsl:call-template>
</xsl:for-each>
<xsl:value-of select="' '"/>
</xsl:for-each>
</xsl:template>
<xsl:template name="value-of-template">
<xsl:param name="select"/>
<xsl:value-of select="$select"/>
<xsl:for-each select="exslt:node-set($select)[position()>1]">
<xsl:value-of select="' '"/>
<xsl:value-of select="."/>
</xsl:for-each>
</xsl:template>
</xsl:stylesheet>
请注意输出的第二行有尾随 ,。我认为这不是问题,因为 CSV 行都具有相同数量的列。
如果有问题,您可以使用 "if" (-i) 并在处理它们之前检查是否有任何 CVE_ID...
xmlstarlet sel -T -t -m /a/TICKET_LIST/TICKET -v "concat(NUMBER,',',DETECTION/IP,',',DETECTION/DNSNAME,',',DETECTION/SERVICE,',',DETECTION/PORT,',',VULNINFO/TITLE,',',VULNINFO/QID)" -i VULNINFO/CVE_ID_LIST/CVE_ID -o "," -m VULNINFO/CVE_ID_LIST/CVE_ID -v "concat(.,' ')" -b -n file.xml
除了尾部,不在第二行输出外,输出与上面相同...
182820,192.168.140.61,local,CGI,80,HTTP TRACE / TRACK Methods Enabled,12680,CVE-2004-2320 CVE-2010-0386 CVE-2003-1567
182957,192.168.200.46,local,Web server,443,Web Server Uses Plain-Text Form Based Authentication,86728
我有以下 xml:
<a>
<TICKET_LIST>
<TICKET>
<NUMBER>182820</NUMBER>
<DETECTION>
<IP network_id="173230">192.168.140.61</IP>
<DNSNAME><![CDATA[local]]></DNSNAME>
<PORT>80</PORT>
<SERVICE>CGI</SERVICE>
<PROTOCOL>tcp</PROTOCOL>
</DETECTION>
<VULNINFO>
<TITLE><![CDATA[HTTP TRACE / TRACK Methods Enabled]]></TITLE>
<TYPE>VULN</TYPE>
<QID>12680</QID>
<SEVERITY>3</SEVERITY>
<STANDARD_SEVERITY>3</STANDARD_SEVERITY>
<CVE_ID_LIST>
<CVE_ID><![CDATA[CVE-2004-2320]]></CVE_ID>
<CVE_ID><![CDATA[CVE-2010-0386]]></CVE_ID>
<CVE_ID><![CDATA[CVE-2003-1567]]></CVE_ID>
</CVE_ID_LIST>
</VULNINFO>
</TICKET>
<TICKET>
<NUMBER>182957</NUMBER>
<DETECTION>
<IP network_id="173230">192.168.200.46</IP>
<DNSNAME><![CDATA[local]]></DNSNAME>
<PORT>443</PORT>
<SERVICE>Web server</SERVICE>
<PROTOCOL>tcp</PROTOCOL>
</DETECTION>
<VULNINFO>
<TITLE><![CDATA[Web Server Uses Plain-Text Form Based Authentication]]></TITLE>
<TYPE>VULN</TYPE>
<QID>86728</QID>
<SEVERITY>3</SEVERITY>
<STANDARD_SEVERITY>3</STANDARD_SEVERITY>
</VULNINFO>
</TICKET>
</TICKET_LIST>
</a>
我想将一些数据导出为 csv 格式。
此代码 returns 一些数据符合预期:
xmlstarlet sel -T -t -m /a/TICKET_LIST/TICKET -v "concat(NUMBER,',',DETECTION/IP,',',DETECTION/DNSNAME,',',DETECTION/SERVICE,',',DETECTION/PORT,',',VULNINFO/TITLE,',',VULNINFO/QID)" -n file.xml
不过,我也对与其余数据位于同一行的所有 CVE_ID 数据感兴趣。
我现在得到的结果是:
182820,192.168.140.61,local,CGI,80,HTTP TRACE / TRACK Methods Enabled,12680
182957,192.168.200.46,local,Web server,443,Web Server Uses Plain-Text Form Based Authentication,86728
预期结果是:
182820,192.168.140.61,local,CGI,80,HTTP TRACE / TRACK Methods Enabled,12680,CVE-2004-2320 CVE-2010-0386 CVE-2003-1567
182957,192.168.200.46,local,Web server,443,Web Server Uses Plain-Text Form Based Authentication,86728
由于有多个 CVE_ID 元素,您需要添加另一个匹配项 (-m) 来匹配 VULNINFO/CVE_ID_LIST/CVE_ID。
此外,要使换行符 (-n) 正确输出,您必须打破嵌套 (-b)。
示例...
xmlstarlet sel -T -t -m /a/TICKET_LIST/TICKET -v "concat(NUMBER,',',DETECTION/IP,',',DETECTION/DNSNAME,',',DETECTION/SERVICE,',',DETECTION/PORT,',',VULNINFO/TITLE,',',VULNINFO/QID,',')" -m VULNINFO/CVE_ID_LIST/CVE_ID -v "concat(.,' ')" -b -n file.xml
输出...
182820,192.168.140.61,local,CGI,80,HTTP TRACE / TRACK Methods Enabled,12680,CVE-2004-2320 CVE-2010-0386 CVE-2003-1567
182957,192.168.200.46,local,Web server,443,Web Server Uses Plain-Text Form Based Authentication,86728,
如果您看到 xmlstarlet 内部使用的 XSLT (-C)...
<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:exslt="http://exslt.org/common" version="1.0" extension-element-prefixes="exslt">
<xsl:output omit-xml-declaration="yes" indent="no" method="text"/>
<xsl:template match="/">
<xsl:for-each select="/a/TICKET_LIST/TICKET">
<xsl:call-template name="value-of-template">
<xsl:with-param name="select" select="concat(NUMBER,',',DETECTION/IP,',',DETECTION/DNSNAME,',',DETECTION/SERVICE,',',DETECTION/PORT,',',VULNINFO/TITLE,',',VULNINFO/QID,',')"/>
</xsl:call-template>
<xsl:for-each select="VULNINFO/CVE_ID_LIST/CVE_ID">
<xsl:call-template name="value-of-template">
<xsl:with-param name="select" select="concat(.,' ')"/>
</xsl:call-template>
</xsl:for-each>
<xsl:value-of select="' '"/>
</xsl:for-each>
</xsl:template>
<xsl:template name="value-of-template">
<xsl:param name="select"/>
<xsl:value-of select="$select"/>
<xsl:for-each select="exslt:node-set($select)[position()>1]">
<xsl:value-of select="' '"/>
<xsl:value-of select="."/>
</xsl:for-each>
</xsl:template>
</xsl:stylesheet>
请注意输出的第二行有尾随 ,。我认为这不是问题,因为 CSV 行都具有相同数量的列。
如果有问题,您可以使用 "if" (-i) 并在处理它们之前检查是否有任何 CVE_ID...
xmlstarlet sel -T -t -m /a/TICKET_LIST/TICKET -v "concat(NUMBER,',',DETECTION/IP,',',DETECTION/DNSNAME,',',DETECTION/SERVICE,',',DETECTION/PORT,',',VULNINFO/TITLE,',',VULNINFO/QID)" -i VULNINFO/CVE_ID_LIST/CVE_ID -o "," -m VULNINFO/CVE_ID_LIST/CVE_ID -v "concat(.,' ')" -b -n file.xml
除了尾部,不在第二行输出外,输出与上面相同...
182820,192.168.140.61,local,CGI,80,HTTP TRACE / TRACK Methods Enabled,12680,CVE-2004-2320 CVE-2010-0386 CVE-2003-1567
182957,192.168.200.46,local,Web server,443,Web Server Uses Plain-Text Form Based Authentication,86728