The DataFormat component provides data processing capabilities, such as aggregating and concatenating associated data.
Features
Action | Description | Scenarios |
Joins multiple tables and outputs the specified fields. | Joins two or more tables based on a key. | |
Groups input data based on a key. | Groups an array. | |
Concatenates the values of input data in batches. You can add prefixes, suffixes, and separator strings. | Concatenates content in an array. | |
Performs a left join using the left node as the primary table and outputs the specified fields. | Keeps all data from the left node during a join and discards irrelevant data from the right node. | |
Converts a string to a JSON object. | Converts a string to a JSON object. | |
Combines multiple rows of data. This action combines multiple JSONObject objects to form a new JSONArray. | Combines multiple JSON objects into one JSONArray. | |
Transforms data and creates a new table. | Transforms data or aggregates data from multiple sources into one table. |
Component configuration examples
This topic provides configuration examples for each action of the DataFormat component. You can import these examples as test playbooks to use the visual orchestration editor. The editor helps you understand and test the configuration parameters for each action, which makes it easier to learn the component's features. For more information, see Import a playbook.
Note
Save the sample data as a JSON file before you start.
{
"cells": [
{
"position": {
"x": -510,
"y": 20
},
"size": {
"width": 36,
"height": 36
},
"attrs": {
"body": {
"fill": "white",
"strokeOpacity": 0.95,
"stroke": "#63ba4d",
"strokeWidth": 2
},
"label": {
"text": "",
"fontSize": 12,
"refX": 0.5,
"refY": "100%",
"refY2": 4,
"textAnchor": "middle",
"textVerticalAnchor": "top"
},
"path": {
"stroke": "#63ba4d"
}
},
"visible": true,
"shape": "circle",
"id": "StartEvent_1",
"zIndex": 1,
"data": {
"nodeType": "startEvent",
"appType": "basic",
"valueData": {
},
"icon": "icon-circle"
},
"markup": [
{
"tagName": "circle",
"selector": "body"
},
{
"tagName": "text",
"selector": "label"
}
],
"isNode": true
},
{
"position": {
"x": -110,
"y": 5
},
"size": {
"width": 137,
"height": 66
},
"view": "react-shape-view",
"shape": "activity",
"id": "8d42d64a-fb1a-41fe-aeeb-000849b57892",
"zIndex": 1,
"data": {
"nodeType": "action",
"appType": "component",
"nodeName": "leftJoin",
"valueData": {
"leftNode": "[{\"action\":\"11\",\"uuid\":[{\"uuid-key\":\"1\"}]},{\"action\":\"21\",\"uuid\":[{\"uuid-key\":\"2\"}]}]",
"rightNode": "[{\"uuid\":[{\"uuid-key\":\"1\"}],\"host\":\"196.1.*.*\"},{\"uuid\":[{\"uuid-key\":\"1\"}],\"host\":\"196.2.*.*\"}]",
"joinFields": "[{\"fieldName\":\"leftNode.uuid\",\"fieldValue\":\"rightNode.uuid\"}]",
"leftOutputFilelds": "[{\"fieldName\":\"*\",\"fieldValue\":\"action,uuid\"}]",
"rightOutputFields": "[{\"fieldName\":\"site\",\"fieldValue\":\"host\"}]"
},
"icon": "https://sophon-gen-v2.oss-cn-zhangjiakou.aliyuncs.com/componentUpload/1719222281702_DataFormat_logo.png?Expires=1745373374&OSSAccessKeyId=STS.NVCS************&Signature=NG4Wh%2F2zJrendn8IhShW74ymMSA%3D&security-token=CAIS2AJ1q6Ft5B2yfSjIr5X2GMPAo6xY7venWBWHjlgyQexrpZTB1Dz2IHhMenFpAegcv%2Fw%2BlGFZ6%2F8elrp6SJtIXleCZtF94oxN9h2gb4fb4xF6LjaJ0s%2FLI3OaLjKm9u2wCryLYbGwU%2FOpbE%2B%2B5U0X6LDmdDKkckW4OJmS8%2FBOZcgWWQ%2FKBlgvRq0hRG1YpdQdKGHaONu0LxfumRCwNkdzvRdmgm4NgsbWgO%2Fks0OP3AOrlrBN%2Bdiuf8T9NvMBZskvD42Hu8VtbbfE3SJq7BxHybx7lqQs%2B02c5onDWwAJu0%2FXa7uEo4wydVNjFbM9A65Dqufxn%2Fpgt%2Braj4X7xhhEIOVJSSPbSZBbSxJNvU1RXDxQVcEYWxylurjnXvF%2BA9Gz5Y%2FUGin%2B2svzhw6RGJ1dq8DgINtD0jokjPndRVbLXs84nxS7gbsGn76oY2zradH%2FdU501DLSMytAXxqAAYnrQLesLZ0VOxi7cg9LDO9w1brCl%2Fw1TxYuVpiYFJ11Kc5F2ues4ocueMk3q3AuAFpCyXW646Exz7L86%2Bp3aiLIps5ON%2FjCiP9oG8LAXI4ajG3woQPLdwm9bT20vHi4yEJYVlvntpkk5bLR5mOuE%2B6VPgmB2q2gHJTKgj13KEDwIAA%3D",
"description": "Left Join. Returns all rows from the left table (table_name1), even if there are no matching rows in the right table (table_name2).",
"advance": {
"inputParamMode": false,
"onError": "stop_cur_flow",
"rspStatusType": 3,
"rspStatusThreshold": 0
},
"componentName": "DataFormat",
"actionName": "leftJoin",
"cascaderValue": [],
"status": "success"
},
"isNode": true
},
{
"shape": "custom-edge",
"attrs": {
"line": {
"stroke": "#63ba4d",
"targetMarker": {
"stroke": "#63ba4d"
}
}
},
"zIndex": 1,
"id": "17bbdf75-e724-4c63-a055-e184bf946b87",
"data": {
"nodeType": "sequenceFlow",
"appType": "basic",
"icon": "icon-upper-right-arrow",
"isRequired": false
},
"isNode": false,
"source": {
"cell": "StartEvent_1"
},
"target": {
"cell": "8d42d64a-fb1a-41fe-aeeb-000849b57892"
}
},
{
"position": {
"x": 222.5,
"y": 10
},
"size": {
"width": 36,
"height": 36
},
"attrs": {
"body": {
"fill": "white",
"strokeOpacity": 0.95,
"stroke": "#63ba4d",
"strokeWidth": 2
},
"path": {
"r": 12,
"refX": "50%",
"refY": "50%",
"fill": "#63ba4d",
"strokeOpacity": 0.95,
"stroke": "#63ba4d",
"strokeWidth": 4
},
"label": {
"text": "End",
"fontSize": 12,
"refX": 0.5,
"refY": "100%",
"refY2": 4,
"textAnchor": "middle",
"textVerticalAnchor": "top"
}
},
"visible": true,
"shape": "circle",
"id": "957ea6d3-2562-4f0f-829e-f3613f9e1f16",
"zIndex": 1,
"data": {
"nodeType": "endEvent",
"appType": "basic",
"nodeName": "End",
"icon": "icon-radio-off-full",
"description": "Playbook end node"
},
"markup": [
{
"tagName": "circle",
"selector": "body"
},
{
"tagName": "circle",
"selector": "path"
},
{
"tagName": "text",
"selector": "label"
}
],
"isNode": true
},
{
"shape": "custom-edge",
"attrs": {
"line": {
"stroke": "#63ba4d",
"targetMarker": {
"stroke": "#63ba4d"
}
}
},
"zIndex": 1,
"id": "ada87a01-f8ff-4222-b33d-c42e3367ff47",
"data": {
"nodeType": "sequenceFlow",
"appType": "basic",
"icon": "icon-upper-right-arrow",
"isRequired": false
},
"isNode": false,
"source": {
"cell": "8d42d64a-fb1a-41fe-aeeb-000849b57892"
},
"target": {
"cell": "957ea6d3-2562-4f0f-829e-f3613f9e1f16"
},
"vertices": []
},
{
"position": {
"x": -310,
"y": 110
},
"size": {
"width": 137,
"height": 66
},
"view": "react-shape-view",
"shape": "activity",
"id": "7309e77a-0c93-4396-b28b-9b0c1672cd4e",
"zIndex": 1,
"data": {
"nodeType": "action",
"appType": "component",
"nodeName": "leftJSON",
"valueData": {
"inputData": "[{\"action\":\"11\",\"uuid\":[{\"uuid-key\":\"1\"}]},{\"action\":\"21\",\"uuid\":[{\"uuid-key\":\"2\"}]}]"
},
"icon": "https://sophon-gen-v2.oss-cn-zhangjiakou.aliyuncs.com/componentUpload/1719222281702_DataFormat_logo.png?Expires=1745373374&OSSAccessKeyId=STS.NVCS************&Signature=NG4Wh%2F2zJrendn8IhShW74ymMSA%3D&security-token=CAIS2AJ1q6Ft5B2yfSjIr5X2GMPAo6xY7venWBWHjlgyQexrpZTB1Dz2IHhMenFpAegcv%2Fw%2BlGFZ6%2F8elrp6SJtIXleCZtF94oxN9h2gb4fb4xF6LjaJ0s%2FLI3OaLjKm9u2wCryLYbGwU%2FOpbE%2B%2B5U0X6LDmdDKkckW4OJmS8%2FBOZcgWWQ%2FKBlgvRq0hRG1YpdQdKGHaONu0LxfumRCwNkdzvRdmgm4NgsbWgO%2Fks0OP3AOrlrBN%2Bdiuf8T9NvMBZskvD42Hu8VtbbfE3SJq7BxHybx7lqQs%2B02c5onDWwAJu0%2FXa7uEo4wydVNjFbM9A65Dqufxn%2Fpgt%2Braj4X7xhhEIOVJSSPbSZBbSxJNvU1RXDxQVcEYWxylurjnXvF%2BA9Gz5Y%2FUGin%2B2svzhw6RGJ1dq8DgINtD0jokjPndRVbLXs84nxS7gbsGn76oY2zradH%2FdU501DLSMytAXxqAAYnrQLesLZ0VOxi7cg9LDO9w1brCl%2Fw1TxYuVpiYFJ11Kc5F2ues4ocueMk3q3AuAFpCyXW646Exz7L86%2Bp3aiLIps5ON%2FjCiP9oG8LAXI4ajG3woQPLdwm9bT20vHi4yEJYVlvntpkk5bLR5mOuE%2B6VPgmB2q2gHJTKgj13KEDwIAA%3D",
"description": "Converts the input data to the JSON type. If the input is a JSONArray, all its elements are placed directly into the datalist. If the input is a JSONObject, it is treated as a single row in the datalist.",
"advance": {
"inputParamMode": false,
"onError": "stop_cur_flow",
"rspStatusType": 3,
"rspStatusThreshold": 0
},
"componentName": "DataFormat",
"actionName": "convertToJSON",
"status": "success"
},
"isNode": true
},
{
"position": {
"x": -68,
"y": 110
},
"size": {
"width": 137,
"height": 66
},
"view": "react-shape-view",
"shape": "activity",
"id": "e3134166-6d6c-4879-846b-a9b00ad6c4a6",
"zIndex": 1,
"data": {
"nodeType": "action",
"appType": "component",
"nodeName": "rightJSON",
"valueData": {
"inputData": "[{\"uuid\":[{\"uuid-key\":\"1\"}],\"host\":\"196.1.*.*\"},{\"uuid\":[{\"uuid-key\":\"1\"}],\"host\":\"196.2.*.*\"}]"
},
"icon": "https://sophon-gen-v2.oss-cn-zhangjiakou.aliyuncs.com/componentUpload/1719222281702_DataFormat_logo.png?Expires=1745373374&OSSAccessKeyId=STS.NVCS************&Signature=NG4Wh%2F2zJrendn8IhShW74ymMSA%3D&security-token=CAIS2AJ1q6Ft5B2yfSjIr5X2GMPAo6xY7venWBWHjlgyQexrpZTB1Dz2IHhMenFpAegcv%2Fw%2BlGFZ6%2F8elrp6SJtIXleCZtF94oxN9h2gb4fb4xF6LjaJ0s%2FLI3OaLjKm9u2wCryLYbGwU%2FOpbE%2B%2B5U0X6LDmdDKkckW4OJmS8%2FBOZcgWWQ%2FKBlgvRq0hRG1YpdQdKGHaONu0LxfumRCwNkdzvRdmgm4NgsbWgO%2Fks0OP3AOrlrBN%2Bdiuf8T9NvMBZskvD42Hu8VtbbfE3SJq7BxHybx7lqQs%2B02c5onDWwAJu0%2FXa7uEo4wydVNjFbM9A65Dqufxn%2Fpgt%2Braj4X7xhhEIOVJSSPbSZBbSxJNvU1RXDxQVcEYWxylurjnXvF%2BA9Gz5Y%2FUGin%2B2svzhw6RGJ1dq8DgINtD0jokjPndRVbLXs84nxS7gbsGn76oY2zradH%2FdU501DLSMytAXxqAAYnrQLesLZ0VOxi7cg9LDO9w1brCl%2Fw1TxYuVpiYFJ11Kc5F2ues4ocueMk3q3AuAFpCyXW646Exz7L86%2Bp3aiLIps5ON%2FjCiP9oG8LAXI4ajG3woQPLdwm9bT20vHi4yEJYVlvntpkk5bLR5mOuE%2B6VPgmB2q2gHJTKgj13KEDwIAA%3D",
"description": "Converts the input data to the JSON type. If the input is a JSONArray, all its elements are placed directly into the datalist. If the input is a JSONObject, it is treated as a single row in the datalist.",
"advance": {
"inputParamMode": false,
"onError": "stop_cur_flow",
"rspStatusType": 3,
"rspStatusThreshold": 0
},
"componentName": "DataFormat",
"actionName": "convertToJSON",
"cascaderValue": [
{
"label": "leftJSON",
"value": "${leftJSON}",
"children": [
{
"label": "leftJSON.total_data",
"name": "leftJSON.total_data",
"value": "${leftJSON.total_data}"
},
{
"label": "leftJSON.status",
"name": "leftJSON.status",
"value": "${leftJSON.status}"
},
{
"label": "leftJSON.total_exe",
"name": "leftJSON.total_exe",
"value": "${leftJSON.total_exe}"
},
{
"label": "leftJSON.datalist.*.uuid.*.uuid-key",
"name": "leftJSON.datalist.*.uuid.*.uuid-key",
"value": "${leftJSON.datalist.*.uuid.*.uuid-key}"
},
{
"label": "leftJSON.total_data_successful",
"name": "leftJSON.total_data_successful",
"value": "${leftJSON.total_data_successful}"
},
{
"label": "leftJSON.total_data_with_dup",
"name": "leftJSON.total_data_with_dup",
"value": "${leftJSON.total_data_with_dup}"
},
{
"label": "leftJSON.total_exe_successful",
"name": "leftJSON.total_exe_successful",
"value": "${leftJSON.total_exe_successful}"
},
{
"label": "leftJSON.datalist.*.action",
"name": "leftJSON.datalist.*.action",
"value": "${leftJSON.datalist.*.action}"
}
]
}
],
"status": "success"
},
"isNode": true
},
{
"position": {
"x": 172,
"y": 110
},
"size": {
"width": 137,
"height": 66
},
"view": "react-shape-view",
"shape": "activity",
"id": "0ac43fe1-2031-4b6e-a883-d788c603e944",
"zIndex": 1,
"data": {
"nodeType": "action",
"appType": "component",
"nodeName": "joindata",
"valueData": {
"inputNodes": "[{\"fieldName\":\"leftJSON\",\"fieldValue\":\"${JSONArray:leftJSON.datalist.*}\"},{\"fieldName\":\"rightJSON\",\"fieldValue\":\"${JSONArray:rightJSON.datalist.*}\"}]",
"joinFields": "[{\"fieldName\":\"leftJSON.uuid\",\"fieldValue\":\"rightJSON.uuid\"}]",
"outputFields": "[{\"fieldName\":\"myhost\",\"fieldValue\":\"rightJSON.host\"},{\"fieldName\":\"myaction\",\"fieldValue\":\"leftJSON.action\"},{\"fieldName\":\"uuid\",\"fieldValue\":\"leftJSON.uuid\"}]"
},
"icon": "https://sophon-gen-v2.oss-cn-zhangjiakou.aliyuncs.com/componentUpload/1719222281702_DataFormat_logo.png?Expires=1745373374&OSSAccessKeyId=STS.NVCS************&Signature=NG4Wh%2F2zJrendn8IhShW74ymMSA%3D&security-token=CAIS2AJ1q6Ft5B2yfSjIr5X2GMPAo6xY7venWBWHjlgyQexrpZTB1Dz2IHhMenFpAegcv%2Fw%2BlGFZ6%2F8elrp6SJtIXleCZtF94oxN9h2gb4fb4xF6LjaJ0s%2FLI3OaLjKm9u2wCryLYbGwU%2FOpbE%2B%2B5U0X6LDmdDKkckW4OJmS8%2FBOZcgWWQ%2FKBlgvRq0hRG1YpdQdKGHaONu0LxfumRCwNkdzvRdmgm4NgsbWgO%2Fks0OP3AOrlrBN%2Bdiuf8T9NvMBZskvD42Hu8VtbbfE3SJq7BxHybx7lqQs%2B02c5onDWwAJu0%2FXa7uEo4wydVNjFbM9A65Dqufxn%2Fpgt%2Braj4X7xhhEIOVJSSPbSZBbSxJNvU1RXDxQVcEYWxylurjnXvF%2BA9Gz5Y%2FUGin%2B2svzhw6RGJ1dq8DgINtD0jokjPndRVbLXs84nxS7gbsGn76oY2zradH%2FdU501DLSMytAXxqAAYnrQLesLZ0VOxi7cg9LDO9w1brCl%2Fw1TxYuVpiYFJ11Kc5F2ues4ocueMk3q3AuAFpCyXW646Exz7L86%2Bp3aiLIps5ON%2FjCiP9oG8LAXI4ajG3woQPLdwm9bT20vHi4yEJYVlvntpkk5bLR5mOuE%2B6VPgmB2q2gHJTKgj13KEDwIAA%3D",
"description": "Provides a syntax similar to a multi-table JOIN. It treats the datalist.* data from the processing nodes as a table with multiple rows and columns.",
"advance": {
"inputParamMode": false,
"onError": "stop_cur_flow",
"rspStatusType": 3,
"rspStatusThreshold": 0
},
"componentName": "DataFormat",
"actionName": "joindata",
"cascaderValue": [
{
"label": "rightJSON",
"value": "${rightJSON}",
"children": [
{
"label": "rightJSON.total_data_with_dup",
"name": "rightJSON.total_data_with_dup",
"value": "${rightJSON.total_data_with_dup}"
},
{
"label": "rightJSON.total_data",
"name": "rightJSON.total_data",
"value": "${rightJSON.total_data}"
},
{
"label": "rightJSON.status",
"name": "rightJSON.status",
"value": "${rightJSON.status}"
},
{
"label": "rightJSON.datalist.*.host",
"name": "rightJSON.datalist.*.host",
"value": "${rightJSON.datalist.*.host}"
},
{
"label": "rightJSON.total_exe_successful",
"name": "rightJSON.total_exe_successful",
"value": "${rightJSON.total_exe_successful}"
},
{
"label": "rightJSON.datalist.*.uuid.*.uuid-key",
"name": "rightJSON.datalist.*.uuid.*.uuid-key",
"value": "${rightJSON.datalist.*.uuid.*.uuid-key}"
},
{
"label": "rightJSON.total_data_successful",
"name": "rightJSON.total_data_successful",
"value": "${rightJSON.total_data_successful}"
},
{
"label": "rightJSON.total_exe",
"name": "rightJSON.total_exe",
"value": "${rightJSON.total_exe}"
}
]
},
{
"label": "leftJSON",
"value": "${leftJSON}",
"children": [
{
"label": "leftJSON.total_data",
"name": "leftJSON.total_data",
"value": "${leftJSON.total_data}"
},
{
"label": "leftJSON.status",
"name": "leftJSON.status",
"value": "${leftJSON.status}"
},
{
"label": "leftJSON.total_exe",
"name": "leftJSON.total_exe",
"value": "${leftJSON.total_exe}"
},
{
"label": "leftJSON.datalist.*.uuid.*.uuid-key",
"name": "leftJSON.datalist.*.uuid.*.uuid-key",
"value": "${leftJSON.datalist.*.uuid.*.uuid-key}"
},
{
"label": "leftJSON.total_data_successful",
"name": "leftJSON.total_data_successful",
"value": "${leftJSON.total_data_successful}"
},
{
"label": "leftJSON.total_data_with_dup",
"name": "leftJSON.total_data_with_dup",
"value": "${leftJSON.total_data_with_dup}"
},
{
"label": "leftJSON.total_exe_successful",
"name": "leftJSON.total_exe_successful",
"value": "${leftJSON.total_exe_successful}"
},
{
"label": "leftJSON.datalist.*.action",
"name": "leftJSON.datalist.*.action",
"value": "${leftJSON.datalist.*.action}"
}
]
}
],
"status": "success"
},
"isNode": true
},
{
"shape": "custom-edge",
"attrs": {
"line": {
"stroke": "#63ba4d",
"targetMarker": {
"stroke": "#63ba4d"
}
}
},
"zIndex": 1,
"id": "a6f70a6a-f5a0-4e5c-9de5-5230dc1deefa",
"data": {
"nodeType": "sequenceFlow",
"appType": "basic",
"icon": "icon-upper-right-arrow",
"isRequired": false
},
"router": {
"name": "normal"
},
"isNode": false,
"source": {
"cell": "StartEvent_1"
},
"target": {
"cell": "7309e77a-0c93-4396-b28b-9b0c1672cd4e"
},
"vertices": [
{
"x": -492,
"y": 143
}
]
},
{
"shape": "custom-edge",
"attrs": {
"line": {
"stroke": "#63ba4d",
"targetMarker": {
"stroke": "#63ba4d"
}
}
},
"zIndex": 1,
"id": "13db0fe6-495d-4b16-80ca-df96d33beff1",
"data": {
"nodeType": "sequenceFlow",
"appType": "basic",
"icon": "icon-upper-right-arrow",
"isRequired": false
},
"isNode": false,
"source": {
"cell": "7309e77a-0c93-4396-b28b-9b0c1672cd4e"
},
"target": {
"cell": "e3134166-6d6c-4879-846b-a9b00ad6c4a6"
}
},
{
"shape": "custom-edge",
"attrs": {
"line": {
"stroke": "#63ba4d",
"targetMarker": {
"stroke": "#63ba4d"
}
}
},
"zIndex": 1,
"id": "9f472b01-bb53-4bac-a8dd-a67c3c537fa9",
"data": {
"nodeType": "sequenceFlow",
"appType": "basic",
"icon": "icon-upper-right-arrow",
"isRequired": false
},
"isNode": false,
"source": {
"cell": "e3134166-6d6c-4879-846b-a9b00ad6c4a6"
},
"target": {
"cell": "0ac43fe1-2031-4b6e-a883-d788c603e944"
}
},
{
"position": {
"x": 440,
"y": 110
},
"size": {
"width": 36,
"height": 36
},
"attrs": {
"body": {
"fill": "white",
"strokeOpacity": 0.95,
"stroke": "#63ba4d",
"strokeWidth": 2
},
"path": {
"r": 12,
"refX": "50%",
"refY": "50%",
"fill": "#63ba4d",
"strokeOpacity": 0.95,
"stroke": "#63ba4d",
"strokeWidth": 4
},
"label": {
"text": "End",
"fontSize": 12,
"refX": 0.5,
"refY": "100%",
"refY2": 4,
"textAnchor": "middle",
"textVerticalAnchor": "top"
}
},
"visible": true,
"shape": "circle",
"id": "a66c2f32-7d29-40a2-8e7e-622f09cf23dd",
"zIndex": 1,
"data": {
"nodeType": "endEvent",
"appType": "basic",
"nodeName": "End",
"icon": "icon-radio-off-full",
"description": "Playbook end node"
},
"markup": [
{
"tagName": "circle",
"selector": "body"
},
{
"tagName": "circle",
"selector": "path"
},
{
"tagName": "text",
"selector": "label"
}
],
"isNode": true
},
{
"shape": "custom-edge",
"attrs": {
"line": {
"stroke": "#63ba4d",
"targetMarker": {
"stroke": "#63ba4d"
}
}
},
"zIndex": 1,
"id": "caf56653-94c8-42f8-beec-f4deb72dc93f",
"data": {
"nodeType": "sequenceFlow",
"appType": "basic",
"icon": "icon-upper-right-arrow",
"isRequired": false
},
"isNode": false,
"source": {
"cell": "0ac43fe1-2031-4b6e-a883-d788c603e944"
},
"target": {
"cell": "a66c2f32-7d29-40a2-8e7e-622f09cf23dd"
}
},
{
"position": {
"x": -310,
"y": 262
},
"size": {
"width": 137,
"height": 66
},
"view": "react-shape-view",
"shape": "activity",
"id": "83110da4-c8e7-4d19-8e79-51f8903625b2",
"zIndex": 1,
"data": {
"nodeType": "action",
"appType": "component",
"nodeName": "mockData",
"valueData": {
"inputData": "[{\"Attack Type\":\"web shell\",\"count\":\"1\",\"startTime\":\"1646115503000\",\"endTime\":\"1646115503000\",\"securityEventIds\":\"330706\"},{\"Attack Type\":\"web shell\",\"count\":\"1\",\"startTime\":\"1646114346000\",\"endTime\":\"1646114346000\",\"securityEventIds\":\"330700\"},{\"Attack Type\":\"application whitelist\",\"count\":\"1\",\"startTime\":\"1646114098000\",\"endTime\":\"1646114098000\",\"securityEventIds\":\"330699\"}]"
},
"icon": "https://sophon-gen-v2.oss-cn-zhangjiakou.aliyuncs.com/componentUpload/1719222281702_DataFormat_logo.png?Expires=1745373374&OSSAccessKeyId=STS.NVCS************&Signature=NG4Wh%2F2zJrendn8IhShW74ymMSA%3D&security-token=CAIS2AJ1q6Ft5B2yfSjIr5X2GMPAo6xY7venWBWHjlgyQexrpZTB1Dz2IHhMenFpAegcv%2Fw%2BlGFZ6%2F8elrp6SJtIXleCZtF94oxN9h2gb4fb4xF6LjaJ0s%2FLI3OaLjKm9u2wCryLYbGwU%2FOpbE%2B%2B5U0X6LDmdDKkckW4OJmS8%2FBOZcgWWQ%2FKBlgvRq0hRG1YpdQdKGHaONu0LxfumRCwNkdzvRdmgm4NgsbWgO%2Fks0OP3AOrlrBN%2Bdiuf8T9NvMBZskvD42Hu8VtbbfE3SJq7BxHybx7lqQs%2B02c5onDWwAJu0%2FXa7uEo4wydVNjFbM9A65Dqufxn%2Fpgt%2Braj4X7xhhEIOVJSSPbSZBbSxJNvU1RXDxQVcEYWxylurjnXvF%2BA9Gz5Y%2FUGin%2B2svzhw6RGJ1dq8DgINtD0jokjPndRVbLXs84nxS7gbsGn76oY2zradH%2FdU501DLSMytAXxqAAYnrQLesLZ0VOxi7cg9LDO9w1brCl%2Fw1TxYuVpiYFJ11Kc5F2ues4ocueMk3q3AuAFpCyXW646Exz7L86%2Bp3aiLIps5ON%2FjCiP9oG8LAXI4ajG3woQPLdwm9bT20vHi4yEJYVlvntpkk5bLR5mOuE%2B6VPgmB2q2gHJTKgj13KEDwIAA%3D",
"description": "Converts the input data to the JSON type. If the input is a JSONArray, all its elements are placed directly into the datalist. If the input is a JSONObject, it is treated as a single row in the datalist.",
"advance": {
"inputParamMode": false,
"onError": "stop_cur_flow",
"rspStatusType": 3,
"rspStatusThreshold": 0
},
"componentName": "DataFormat",
"actionName": "convertToJSON",
"status": "success"
},
"isNode": true
},
{
"position": {
"x": -80,
"y": 262
},
"size": {
"width": 137,
"height": 66
},
"view": "react-shape-view",
"shape": "activity",
"id": "5314c487-af24-4dbf-bc11-f79bed39b60b",
"zIndex": 1,
"data": {
"nodeType": "action",
"appType": "component",
"nodeName": "groupbydata",
"valueData": {
"inputNode": "${JSONArray:mockData.datalist.*}",
"groupByKeys": "Attack Type",
"outputFields": "[{\"fieldName\":\"Attack Count\",\"fieldType\":\"jq\",\"fieldValue\":\".datalist | map_values(.count)|add|length\"},{\"fieldName\":\"Latest Attack Time\",\"fieldType\":\"jq\",\"fieldValue\":\"[.datalist[].endTime|tonumber]|max\"}]"
},
"icon": "https://sophon-gen-v2.oss-cn-zhangjiakou.aliyuncs.com/componentUpload/1719222281702_DataFormat_logo.png?Expires=1745373374&OSSAccessKeyId=STS.NVCS************&Signature=NG4Wh%2F2zJrendn8IhShW74ymMSA%3D&security-token=CAIS2AJ1q6Ft5B2yfSjIr5X2GMPAo6xY7venWBWHjlgyQexrpZTB1Dz2IHhMenFpAegcv%2Fw%2BlGFZ6%2F8elrp6SJtIXleCZtF94oxN9h2gb4fb4xF6LjaJ0s%2FLI3OaLjKm9u2wCryLYbGwU%2FOpbE%2B%2B5U0X6LDmdDKkckW4OJmS8%2FBOZcgWWQ%2FKBlgvRq0hRG1YpdQdKGHaONu0LxfumRCwNkdzvRdmgm4NgsbWgO%2Fks0OP3AOrlrBN%2Bdiuf8T9NvMBZskvD42Hu8VtbbfE3SJq7BxHybx7lqQs%2B02c5onDWwAJu0%2FXa7uEo4wydVNjFbM9A65Dqufxn%2Fpgt%2Braj4X7xhhEIOVJSSPbSZBbSxJNvU1RXDxQVcEYWxylurjnXvF%2BA9Gz5Y%2FUGin%2B2svzhw6RGJ1dq8DgINtD0jokjPndRVbLXs84nxS7gbsGn76oY2zradH%2FdU501DLSMytAXxqAAYnrQLesLZ0VOxi7cg9LDO9w1brCl%2Fw1TxYuVpiYFJ11Kc5F2ues4ocueMk3q3AuAFpCyXW646Exz7L86%2Bp3aiLIps5ON%2FjCiP9oG8LAXI4ajG3woQPLdwm9bT20vHi4yEJYVlvntpkk5bLR5mOuE%2B6VPgmB2q2gHJTKgj13KEDwIAA%3D",
"description": "Performs an aggregate operation on a data source.",
"advance": {
"inputParamMode": false,
"onError": "stop_cur_flow",
"rspStatusType": 3,
"rspStatusThreshold": 0
},
"componentName": "DataFormat",
"actionName": "groupbydata",
"status": "success"
},
"isNode": true
},
{
"shape": "custom-edge",
"attrs": {
"line": {
"stroke": "#63ba4d",
"targetMarker": {
"stroke": "#63ba4d"
}
}
},
"zIndex": 1,
"id": "e0ac28e4-a693-4c24-aad6-e56349468ecc",
"data": {
"nodeType": "sequenceFlow",
"appType": "basic",
"icon": "icon-upper-right-arrow",
"isRequired": false
},
"router": {
"name": "normal"
},
"isNode": false,
"source": {
"cell": "StartEvent_1"
},
"target": {
"cell": "83110da4-c8e7-4d19-8e79-51f8903625b2"
},
"vertices": [
{
"x": -492,
"y": 295
}
]
},
{
"shape": "custom-edge",
"attrs": {
"line": {
"stroke": "#63ba4d",
"targetMarker": {
"stroke": "#63ba4d"
}
}
},
"zIndex": 1,
"id": "a555fddb-9eb9-48f8-8d01-836537104767",
"data": {
"nodeType": "sequenceFlow",
"appType": "basic",
"icon": "icon-upper-right-arrow",
"isRequired": false
},
"isNode": false,
"source": {
"cell": "83110da4-c8e7-4d19-8e79-51f8903625b2"
},
"target": {
"cell": "5314c487-af24-4dbf-bc11-f79bed39b60b"
}
},
{
"position": {
"x": 240,
"y": 270
},
"size": {
"width": 36,
"height": 36
},
"attrs": {
"body": {
"fill": "white",
"strokeOpacity": 0.95,
"stroke": "#63ba4d",
"strokeWidth": 2
},
"path": {
"r": 12,
"refX": "50%",
"refY": "50%",
"fill": "#63ba4d",
"strokeOpacity": 0.95,
"stroke": "#63ba4d",
"strokeWidth": 4
},
"label": {
"text": "End",
"fontSize": 12,
"refX": 0.5,
"refY": "100%",
"refY2": 4,
"textAnchor": "middle",
"textVerticalAnchor": "top"
}
},
"visible": true,
"shape": "circle",
"id": "7779ea7e-b587-4512-94e0-d00dc76251e4",
"zIndex": 1,
"data": {
"nodeType": "endEvent",
"appType": "basic",
"nodeName": "End",
"icon": "icon-radio-off-full",
"description": "Playbook end node"
},
"markup": [
{
"tagName": "circle",
"selector": "body"
},
{
"tagName": "circle",
"selector": "path"
},
{
"tagName": "text",
"selector": "label"
}
],
"isNode": true
},
{
"shape": "custom-edge",
"attrs": {
"line": {
"stroke": "#63ba4d",
"targetMarker": {
"stroke": "#63ba4d"
}
}
},
"zIndex": 1,
"id": "70f8f4cc-0561-4bd8-aecd-6fa2441c0b38",
"data": {
"nodeType": "sequenceFlow",
"appType": "basic",
"icon": "icon-upper-right-arrow",
"isRequired": false
},
"isNode": false,
"source": {
"cell": "5314c487-af24-4dbf-bc11-f79bed39b60b"
},
"target": {
"cell": "7779ea7e-b587-4512-94e0-d00dc76251e4"
}
},
{
"position": {
"x": -140,
"y": 400
},
"size": {
"width": 137,
"height": 66
},
"view": "react-shape-view",
"shape": "activity",
"id": "a6080934-1dd4-4d87-b573-1f90be7d4535",
"zIndex": 1,
"data": {
"isDebug": false,
"nodeType": "action",
"appType": "component",
"nodeName": "concatFieldtoBatch",
"valueData": {
"inputField": "[{\"Attack Type\":\"web shell\"},{\"Attack Type\":\"web shell\"},{\"Attack Type\":\"web shell\"},{\"Attack Type\":\"application whitelist\"},{\"Attack Type\":\"application whitelist\"}]",
"batchSize": "2",
"concatStr": "\" ## \"",
"fieldAddPrefix": "Prefix",
"fieldAddSuffix": "Suffix"
},
"icon": "https://sophon-gen-v2.oss-cn-zhangjiakou.aliyuncs.com/componentUpload/1719222281702_DataFormat_logo.png?Expires=1745373374&OSSAccessKeyId=STS.NVCS************&Signature=NG4Wh%2F2zJrendn8IhShW74ymMSA%3D&security-token=CAIS2AJ1q6Ft5B2yfSjIr5X2GMPAo6xY7venWBWHjlgyQexrpZTB1Dz2IHhMenFpAegcv%2Fw%2BlGFZ6%2F8elrp6SJtIXleCZtF94oxN9h2gb4fb4xF6LjaJ0s%2FLI3OaLjKm9u2wCryLYbGwU%2FOpbE%2B%2B5U0X6LDmdDKkckW4OJmS8%2FBOZcgWWQ%2FKBlgvRq0hRG1YpdQdKGHaONu0LxfumRCwNkdzvRdmgm4NgsbWgO%2Fks0OP3AOrlrBN%2Bdiuf8T9NvMBZskvD42Hu8VtbbfE3SJq7BxHybx7lqQs%2B02c5onDWwAJu0%2FXa7uEo4wydVNjFbM9A65Dqufxn%2Fpgt%2Braj4X7xhhEIOVJSSPbSZBbSxJNvU1RXDxQVcEYWxylurjnXvF%2BA9Gz5Y%2FUGin%2B2svzhw6RGJ1dq8DgINtD0jokjPndRVbLXs84nxS7gbsGn76oY2zradH%2FdU501DLSMytAXxqAAYnrQLesLZ0VOxi7cg9LDO9w1brCl%2Fw1TxYuVpiYFJ11Kc5F2ues4ocueMk3q3AuAFpCyXW646Exz7L86%2Bp3aiLIps5ON%2FjCiP9oG8LAXI4ajG3woQPLdwm9bT20vHi4yEJYVlvntpkk5bLR5mOuE%2B6VPgmB2q2gHJTKgj13KEDwIAA%3D",
"description": "Splits the values of a field into mini-batches and concatenates each batch into a string.",
"advance": {
"inputParamMode": false,
"onError": "stop_cur_flow",
"rspStatusType": 3,
"rspStatusThreshold": 0
},
"componentName": "DataFormat",
"actionName": "concatFieldtoBatch",
"status": "success",
"cascaderValue": []
},
"isNode": true
},
{
"shape": "custom-edge",
"attrs": {
"line": {
"stroke": "#63ba4d",
"targetMarker": {
"stroke": "#63ba4d"
}
}
},
"zIndex": 1,
"id": "06606aa2-6573-4fe2-83e3-2f66bb70db76",
"data": {
"nodeType": "sequenceFlow",
"appType": "basic",
"icon": "icon-upper-right-arrow",
"isRequired": false
},
"router": {
"name": "normal"
},
"isNode": false,
"source": {
"cell": "StartEvent_1"
},
"target": {
"cell": "a6080934-1dd4-4d87-b573-1f90be7d4535"
},
"vertices": [
{
"x": -492,
"y": 433
}
]
},
{
"position": {
"x": 198,
"y": 415
},
"size": {
"width": 36,
"height": 36
},
"attrs": {
"body": {
"fill": "white",
"strokeOpacity": 0.95,
"stroke": "#63ba4d",
"strokeWidth": 2
},
"path": {
"r": 12,
"refX": "50%",
"refY": "50%",
"fill": "#63ba4d",
"strokeOpacity": 0.95,
"stroke": "#63ba4d",
"strokeWidth": 4
},
"label": {
"text": "End",
"fontSize": 12,
"refX": 0.5,
"refY": "100%",
"refY2": 4,
"textAnchor": "middle",
"textVerticalAnchor": "top"
}
},
"visible": true,
"shape": "circle",
"id": "59bc46fa-d6cb-4e89-9107-d30216c01d2b",
"zIndex": 1,
"data": {
"nodeType": "endEvent",
"appType": "basic",
"nodeName": "End",
"icon": "icon-radio-off-full",
"description": "Playbook end node"
},
"markup": [
{
"tagName": "circle",
"selector": "body"
},
{
"tagName": "circle",
"selector": "path"
},
{
"tagName": "text",
"selector": "label"
}
],
"isNode": true
},
{
"shape": "custom-edge",
"attrs": {
"line": {
"stroke": "#63ba4d",
"targetMarker": {
"stroke": "#63ba4d"
}
}
},
"zIndex": 1,
"id": "fc410d6d-ff0f-4d01-8c0b-2a2e3104d8ce",
"data": {
"nodeType": "sequenceFlow",
"appType": "basic",
"icon": "icon-upper-right-arrow",
"isRequired": false
},
"isNode": false,
"source": {
"cell": "a6080934-1dd4-4d87-b573-1f90be7d4535"
},
"target": {
"cell": "59bc46fa-d6cb-4e89-9107-d30216c01d2b"
}
},
{
"position": {
"x": -180,
"y": -180
},
"size": {
"width": 137,
"height": 66
},
"view": "react-shape-view",
"shape": "activity",
"id": "c1fd4832-8717-44d8-9a27-dc6f45499f47",
"zIndex": 1,
"data": {
"nodeType": "action",
"appType": "component",
"nodeName": "convertToJSON",
"valueData": {
"inputData": "[{\"Attack Type\":\"web shell\"},{\"Attack Type\":\"web shell\"},{\"Attack Type\":\"web shell\"},{\"Attack Type\":\"application whitelist\"},{\"Attack Type\":\"application whitelist\"}]"
},
"icon": "https://sophon-gen-v2.oss-cn-zhangjiakou.aliyuncs.com/componentUpload/1719222281702_DataFormat_logo.png?Expires=1745373374&OSSAccessKeyId=STS.NVCS************&Signature=NG4Wh%2F2zJrendn8IhShW74ymMSA%3D&security-token=CAIS2AJ1q6Ft5B2yfSjIr5X2GMPAo6xY7venWBWHjlgyQexrpZTB1Dz2IHhMenFpAegcv%2Fw%2BlGFZ6%2F8elrp6SJtIXleCZtF94oxN9h2gb4fb4xF6LjaJ0s%2FLI3OaLjKm9u2wCryLYbGwU%2FOpbE%2B%2B5U0X6LDmdDKkckW4OJmS8%2FBOZcgWWQ%2FKBlgvRq0hRG1YpdQdKGHaONu0LxfumRCwNkdzvRdmgm4NgsbWgO%2Fks0OP3AOrlrBN%2Bdiuf8T9NvMBZskvD42Hu8VtbbfE3SJq7BxHybx7lqQs%2B02c5onDWwAJu0%2FXa7uEo4wydVNjFbM9A65Dqufxn%2Fpgt%2Braj4X7xhhEIOVJSSPbSZBbSxJNvU1RXDxQVcEYWxylurjnXvF%2BA9Gz5Y%2FUGin%2B2svzhw6RGJ1dq8DgINtD0jokjPndRVbLXs84nxS7gbsGn76oY2zradH%2FdU501DLSMytAXxqAAYnrQLesLZ0VOxi7cg9LDO9w1brCl%2Fw1TxYuVpiYFJ11Kc5F2ues4ocueMk3q3AuAFpCyXW646Exz7L86%2Bp3aiLIps5ON%2FjCiP9oG8LAXI4ajG3woQPLdwm9bT20vHi4yEJYVlvntpkk5bLR5mOuE%2B6VPgmB2q2gHJTKgj13KEDwIAA%3D",
"description": "Converts the input data to the JSON type. If the input is a JSONArray, all its elements are placed directly into the datalist. If the input is a JSONObject, it is treated as a single row in the datalist.",
"advance": {
"inputParamMode": false,
"onError": "stop_cur_flow",
"rspStatusType": 3,
"rspStatusThreshold": 0
},
"componentName": "DataFormat",
"actionName": "convertToJSON",
"status": "success"
},
"isNode": true
},
{
"shape": "custom-edge",
"attrs": {
"line": {
"stroke": "#63ba4d",
"targetMarker": {
"stroke": "#63ba4d"
}
}
},
"zIndex": 1,
"id": "4f498976-09d4-4550-9e73-2241077b1922",
"data": {
"nodeType": "sequenceFlow",
"appType": "basic",
"icon": "icon-upper-right-arrow",
"isRequired": false
},
"router": {
"name": "normal"
},
"isNode": false,
"source": {
"cell": "StartEvent_1"
},
"target": {
"cell": "c1fd4832-8717-44d8-9a27-dc6f45499f47"
},
"vertices": [
{
"x": -492,
"y": -147
}
]
},
{
"position": {
"x": 121,
"y": -165
},
"size": {
"width": 36,
"height": 36
},
"attrs": {
"body": {
"fill": "white",
"strokeOpacity": 0.95,
"stroke": "#63ba4d",
"strokeWidth": 2
},
"path": {
"r": 12,
"refX": "50%",
"refY": "50%",
"fill": "#63ba4d",
"strokeOpacity": 0.95,
"stroke": "#63ba4d",
"strokeWidth": 4
},
"label": {
"text": "End",
"fontSize": 12,
"refX": 0.5,
"refY": "100%",
"refY2": 4,
"textAnchor": "middle",
"textVerticalAnchor": "top"
}
},
"visible": true,
"shape": "circle",
"id": "46a3b954-56d1-4fd2-b016-08e144390137",
"zIndex": 1,
"data": {
"nodeType": "endEvent",
"appType": "basic",
"nodeName": "End",
"icon": "icon-radio-off-full",
"description": "Playbook end node"
},
"markup": [
{
"tagName": "circle",
"selector": "body"
},
{
"tagName": "circle",
"selector": "path"
},
{
"tagName": "text",
"selector": "label"
}
],
"isNode": true
},
{
"shape": "custom-edge",
"attrs": {
"line": {
"stroke": "#63ba4d",
"targetMarker": {
"stroke": "#63ba4d"
}
}
},
"zIndex": 1,
"id": "96eddfbb-e835-43e0-8d7a-df75888519fb",
"data": {
"nodeType": "sequenceFlow",
"appType": "basic",
"icon": "icon-upper-right-arrow",
"isRequired": false
},
"isNode": false,
"source": {
"cell": "c1fd4832-8717-44d8-9a27-dc6f45499f47"
},
"target": {
"cell": "46a3b954-56d1-4fd2-b016-08e144390137"
}
},
{
"position": {
"x": 117.5,
"y": 505
},
"size": {
"width": 137,
"height": 66
},
"view": "react-shape-view",
"shape": "activity",
"id": "ec535172-836f-4e5e-9e4a-ef546f030f5d",
"zIndex": 1,
"data": {
"nodeType": "action",
"appType": "component",
"nodeName": "uniondata",
"valueData": {
"inputNodes": "[{\"fieldName\":\"leftJSON\",\"fieldValue\":\"${JSONArray:left.datalist.*}\"},{\"fieldName\":\"rightJSON\",\"fieldValue\":\"${JSONArray:right.datalist.*}\"}]"
},
"icon": "https://sophon-gen-v2.oss-cn-zhangjiakou.aliyuncs.com/componentUpload/1719222281702_DataFormat_logo.png?Expires=1745373374&OSSAccessKeyId=STS.NVCS************&Signature=NG4Wh%2F2zJrendn8IhShW74ymMSA%3D&security-token=CAIS2AJ1q6Ft5B2yfSjIr5X2GMPAo6xY7venWBWHjlgyQexrpZTB1Dz2IHhMenFpAegcv%2Fw%2BlGFZ6%2F8elrp6SJtIXleCZtF94oxN9h2gb4fb4xF6LjaJ0s%2FLI3OaLjKm9u2wCryLYbGwU%2FOpbE%2B%2B5U0X6LDmdDKkckW4OJmS8%2FBOZcgWWQ%2FKBlgvRq0hRG1YpdQdKGHaONu0LxfumRCwNkdzvRdmgm4NgsbWgO%2Fks0OP3AOrlrBN%2Bdiuf8T9NvMBZskvD42Hu8VtbbfE3SJq7BxHybx7lqQs%2B02c5onDWwAJu0%2FXa7uEo4wydVNjFbM9A65Dqufxn%2Fpgt%2Braj4X7xhhEIOVJSSPbSZBbSxJNvU1RXDxQVcEYWxylurjnXvF%2BA9Gz5Y%2FUGin%2B2svzhw6RGJ1dq8DgINtD0jokjPndRVbLXs84nxS7gbsGn76oY2zradH%2FdU501DLSMytAXxqAAYnrQLesLZ0VOxi7cg9LDO9w1brCl%2Fw1TxYuVpiYFJ11Kc5F2ues4ocueMk3q3AuAFpCyXW646Exz7L86%2Bp3aiLIps5ON%2FjCiP9oG8LAXI4ajG3woQPLdwm9bT20vHi4yEJYVlvntpkk5bLR5mOuE%2B6VPgmB2q2gHJTKgj13KEDwIAA%3D",
"description": "Unions the multi-row results from multiple upstream nodes.",
"advance": {
"inputParamMode": false,
"onError": "stop_cur_flow",
"rspStatusType": 3,
"rspStatusThreshold": 0
},
"componentName": "DataFormat",
"actionName": "uniondata",
"cascaderValue": [
{
"label": "right",
"value": "${right}",
"children": [
{
"label": "right.total_data_with_dup",
"name": "right.total_data_with_dup",
"value": "${right.total_data_with_dup}"
},
{
"label": "right.total_data_successful",
"name": "right.total_data_successful",
"value": "${right.total_data_successful}"
},
{
"label": "right.status",
"name": "right.status",
"value": "${right.status}"
},
{
"label": "right.total_data",
"name": "right.total_data",
"value": "${right.total_data}"
},
{
"label": "right.datalist.*.uuid.*.uuid-key",
"name": "right.datalist.*.uuid.*.uuid-key",
"value": "${right.datalist.*.uuid.*.uuid-key}"
},
{
"label": "right.total_exe",
"name": "right.total_exe",
"value": "${right.total_exe}"
},
{
"label": "right.total_exe_successful",
"name": "right.total_exe_successful",
"value": "${right.total_exe_successful}"
},
{
"label": "right.datalist.*.host",
"name": "right.datalist.*.host",
"value": "${right.datalist.*.host}"
}
]
},
{
"label": "left",
"value": "${left}",
"children": [
{
"label": "left.total_data",
"name": "left.total_data",
"value": "${left.total_data}"
},
{
"label": "left.total_exe_successful",
"name": "left.total_exe_successful",
"value": "${left.total_exe_successful}"
},
{
"label": "left.status",
"name": "left.status",
"value": "${left.status}"
},
{
"label": "left.datalist.*.action",
"name": "left.datalist.*.action",
"value": "${left.datalist.*.action}"
},
{
"label": "left.datalist.*.uuid.*.uuid-key",
"name": "left.datalist.*.uuid.*.uuid-key",
"value": "${left.datalist.*.uuid.*.uuid-key}"
},
{
"label": "left.total_exe",
"name": "left.total_exe",
"value": "${left.total_exe}"
},
{
"label": "left.total_data_with_dup",
"name": "left.total_data_with_dup",
"value": "${left.total_data_with_dup}"
},
{
"label": "left.total_data_successful",
"name": "left.total_data_successful",
"value": "${left.total_data_successful}"
}
]
}
],
"status": "success"
},
"isNode": true
},
{
"position": {
"x": 400,
"y": 520
},
"size": {
"width": 36,
"height": 36
},
"attrs": {
"body": {
"fill": "white",
"strokeOpacity": 0.95,
"stroke": "#63ba4d",
"strokeWidth": 2
},
"path": {
"r": 12,
"refX": "50%",
"refY": "50%",
"fill": "#63ba4d",
"strokeOpacity": 0.95,
"stroke": "#63ba4d",
"strokeWidth": 4
},
"label": {
"text": "End",
"fontSize": 12,
"refX": 0.5,
"refY": "100%",
"refY2": 4,
"textAnchor": "middle",
"textVerticalAnchor": "top"
}
},
"visible": true,
"shape": "circle",
"id": "598f44e2-1582-486f-95f2-23fba92d9486",
"zIndex": 1,
"data": {
"nodeType": "endEvent",
"appType": "basic",
"nodeName": "End",
"icon": "icon-radio-off-full",
"description": "Playbook end node"
},
"markup": [
{
"tagName": "circle",
"selector": "body"
},
{
"tagName": "circle",
"selector": "path"
},
{
"tagName": "text",
"selector": "label"
}
],
"isNode": true
},
{
"shape": "custom-edge",
"attrs": {
"line": {
"stroke": "#63ba4d",
"targetMarker": {
"stroke": "#63ba4d"
}
}
},
"zIndex": 1,
"id": "4a22f5d7-d8a1-416b-9969-019f530902f6",
"data": {
"nodeType": "sequenceFlow",
"appType": "basic",
"icon": "icon-upper-right-arrow",
"isRequired": false
},
"isNode": false,
"source": {
"cell": "ec535172-836f-4e5e-9e4a-ef546f030f5d"
},
"target": {
"cell": "598f44e2-1582-486f-95f2-23fba92d9486"
}
},
{
"position": {
"x": -210,
"y": 610
},
"size": {
"width": 137,
"height": 66
},
"view": "react-shape-view",
"shape": "activity",
"id": "7de7117c-1da6-4d03-8a09-b761114a7b05",
"zIndex": 1,
"data": {
"nodeType": "action",
"appType": "component",
"nodeName": "formatdata",
"valueData": {
"outputFields": "[{\"fieldName\":\"name\",\"fieldValue\":\"test\"},{\"fieldName\":\"age\",\"fieldValue\":\"18\"}]"
},
"icon": "https://sophon-gen-v2.oss-cn-zhangjiakou.aliyuncs.com/componentUpload/1719222281702_DataFormat_logo.png?Expires=1745373374&OSSAccessKeyId=STS.NVCS************&Signature=NG4Wh%2F2zJrendn8IhShW74ymMSA%3D&security-token=CAIS2AJ1q6Ft5B2yfSjIr5X2GMPAo6xY7venWBWHjlgyQexrpZTB1Dz2IHhMenFpAegcv%2Fw%2BlGFZ6%2F8elrp6SJtIXleCZtF94oxN9h2gb4fb4xF6LjaJ0s%2FLI3OaLjKm9u2wCryLYbGwU%2FOpbE%2B%2B5U0X6LDmdDKkckW4OJmS8%2FBOZcgWWQ%2FKBlgvRq0hRG1YpdQdKGHaONu0LxfumRCwNkdzvRdmgm4NgsbWgO%2Fks0OP3AOrlrBN%2Bdiuf8T9NvMBZskvD42Hu8VtbbfE3SJq7BxHybx7lqQs%2B02c5onDWwAJu0%2FXa7uEo4wydVNjFbM9A65Dqufxn%2Fpgt%2Braj4X7xhhEIOVJSSPbSZBbSxJNvU1RXDxQVcEYWxylurjnXvF%2BA9Gz5Y%2FUGin%2B2svzhw6RGJ1dq8DgINtD0jokjPndRVbLXs84nxS7gbsGn76oY2zradH%2FdU501DLSMytAXxqAAYnrQLesLZ0VOxi7cg9LDO9w1brCl%2Fw1TxYuVpiYFJ11Kc5F2ues4ocueMk3q3AuAFpCyXW646Exz7L86%2Bp3aiLIps5ON%2FjCiP9oG8LAXI4ajG3woQPLdwm9bT20vHi4yEJYVlvntpkk5bLR5mOuE%2B6VPgmB2q2gHJTKgj13KEDwIAA%3D",
"description": "Generates new data.",
"advance": {
"inputParamMode": false,
"onError": "stop_cur_flow",
"rspStatusType": 3,
"rspStatusThreshold": 0
},
"componentName": "DataFormat",
"actionName": "formatdata",
"status": "success",
"cascaderValue": [],
"isDebug": false
},
"isNode": true
},
{
"shape": "custom-edge",
"attrs": {
"line": {
"stroke": "#63ba4d",
"targetMarker": {
"stroke": "#63ba4d"
}
}
},
"zIndex": 1,
"id": "4136040c-0b42-4557-94bb-8b77b6f5f3c5",
"data": {
"nodeType": "sequenceFlow",
"appType": "basic",
"icon": "icon-upper-right-arrow",
"isRequired": false
},
"router": {
"name": "normal"
},
"isNode": false,
"source": {
"cell": "StartEvent_1"
},
"target": {
"cell": "7de7117c-1da6-4d03-8a09-b761114a7b05"
},
"vertices": [
{
"x": -492,
"y": 643
}
]
},
{
"position": {
"x": 71,
"y": 625
},
"size": {
"width": 36,
"height": 36
},
"attrs": {
"body": {
"fill": "white",
"strokeOpacity": 0.95,
"stroke": "#63ba4d",
"strokeWidth": 2
},
"path": {
"r": 12,
"refX": "50%",
"refY": "50%",
"fill": "#63ba4d",
"strokeOpacity": 0.95,
"stroke": "#63ba4d",
"strokeWidth": 4
},
"label": {
"text": "End",
"fontSize": 12,
"refX": 0.5,
"refY": "100%",
"refY2": 4,
"textAnchor": "middle",
"textVerticalAnchor": "top"
}
},
"visible": true,
"shape": "circle",
"id": "8978b5d1-3cae-4e43-98d0-aca302555856",
"zIndex": 1,
"data": {
"nodeType": "endEvent",
"appType": "basic",
"nodeName": "End",
"icon": "icon-radio-off-full",
"description": "Playbook end node"
},
"markup": [
{
"tagName": "circle",
"selector": "body"
},
{
"tagName": "circle",
"selector": "path"
},
{
"tagName": "text",
"selector": "label"
}
],
"isNode": true
},
{
"shape": "custom-edge",
"attrs": {
"line": {
"stroke": "#63ba4d",
"targetMarker": {
"stroke": "#63ba4d"
}
}
},
"zIndex": 1,
"id": "fe238014-7582-4482-b9d4-cf20cbc40e53",
"data": {
"nodeType": "sequenceFlow",
"appType": "basic",
"icon": "icon-upper-right-arrow",
"isRequired": false
},
"isNode": false,
"source": {
"cell": "7de7117c-1da6-4d03-8a09-b761114a7b05"
},
"target": {
"cell": "8978b5d1-3cae-4e43-98d0-aca302555856"
}
},
{
"position": {
"x": -380,
"y": 500
},
"size": {
"width": 137,
"height": 66
},
"view": "react-shape-view",
"shape": "activity",
"id": "b300fedc-d828-413c-b593-153dbda5ed1a",
"zIndex": 1,
"data": {
"nodeType": "action",
"appType": "component",
"nodeName": "left",
"valueData": {
"inputData": "[{\"action\":\"11\",\"uuid\":[{\"uuid-key\":\"1\"}]},{\"action\":\"21\",\"uuid\":[{\"uuid-key\":\"2\"}]}]"
},
"icon": "https://sophon-gen-v2.oss-cn-zhangjiakou.aliyuncs.com/componentUpload/1719222281702_DataFormat_logo.png?Expires=1745373374&OSSAccessKeyId=STS.NVCS************&Signature=NG4Wh%2F2zJrendn8IhShW74ymMSA%3D&security-token=CAIS2AJ1q6Ft5B2yfSjIr5X2GMPAo6xY7venWBWHjlgyQexrpZTB1Dz2IHhMenFpAegcv%2Fw%2BlGFZ6%2F8elrp6SJtIXleCZtF94oxN9h2gb4fb4xF6LjaJ0s%2FLI3OaLjKm9u2wCryLYbGwU%2FOpbE%2B%2B5U0X6LDmdDKkckW4OJmS8%2FBOZcgWWQ%2FKBlgvRq0hRG1YpdQdKGHaONu0LxfumRCwNkdzvRdmgm4NgsbWgO%2Fks0OP3AOrlrBN%2Bdiuf8T9NvMBZskvD42Hu8VtbbfE3SJq7BxHybx7lqQs%2B02c5onDWwAJu0%2FXa7uEo4wydVNjFbM9A65Dqufxn%2Fpgt%2Braj4X7xhhEIOVJSSPbSZBbSxJNvU1RXDxQVcEYWxylurjnXvF%2BA9Gz5Y%2FUGin%2B2svzhw6RGJ1dq8DgINtD0jokjPndRVbLXs84nxS7gbsGn76oY2zradH%2FdU501DLSMytAXxqAAYnrQLesLZ0VOxi7cg9LDO9w1brCl%2Fw1TxYuVpiYFJ11Kc5F2ues4ocueMk3q3AuAFpCyXW646Exz7L86%2Bp3aiLIps5ON%2FjCiP9oG8LAXI4ajG3woQPLdwm9bT20vHi4yEJYVlvntpkk5bLR5mOuE%2B6VPgmB2q2gHJTKgj13KEDwIAA%3D",
"description": "Converts the input data to the JSON type. If the input is a JSONArray, all its elements are placed directly into the datalist. If the input is a JSONObject, it is treated as a single row in the datalist.",
"advance": {
"inputParamMode": false,
"onError": "stop_cur_flow",
"rspStatusType": 3,
"rspStatusThreshold": 0
},
"componentName": "DataFormat",
"actionName": "convertToJSON",
"status": "success"
},
"isNode": true
},
{
"position": {
"x": -80,
"y": 505
},
"size": {
"width": 137,
"height": 66
},
"view": "react-shape-view",
"shape": "activity",
"id": "c5baaffa-df7e-47f4-851d-7289276ad76b",
"zIndex": 1,
"data": {
"nodeType": "action",
"appType": "component",
"nodeName": "right",
"valueData": {
"inputData": "[{\"uuid\":[{\"uuid-key\":\"1\"}],\"host\":\"196.1.*.*\"},{\"uuid\":[{\"uuid-key\":\"1\"}],\"host\":\"196.2.*.*\"}]"
},
"icon": "https://sophon-gen-v2.oss-cn-zhangjiakou.aliyuncs.com/componentUpload/1719222281702_DataFormat_logo.png?Expires=1745373374&OSSAccessKeyId=STS.NVCS************&Signature=NG4Wh%2F2zJrendn8IhShW74ymMSA%3D&security-token=CAIS2AJ1q6Ft5B2yfSjIr5X2GMPAo6xY7venWBWHjlgyQexrpZTB1Dz2IHhMenFpAegcv%2Fw%2BlGFZ6%2F8elrp6SJtIXleCZtF94oxN9h2gb4fb4xF6LjaJ0s%2FLI3OaLjKm9u2wCryLYbGwU%2FOpbE%2B%2B5U0X6LDmdDKkckW4OJmS8%2FBOZcgWWQ%2FKBlgvRq0hRG1YpdQdKGHaONu0LxfumRCwNkdzvRdmgm4NgsbWgO%2Fks0OP3AOrlrBN%2Bdiuf8T9NvMBZskvD42Hu8VtbbfE3SJq7BxHybx7lqQs%2B02c5onDWwAJu0%2FXa7uEo4wydVNjFbM9A65Dqufxn%2Fpgt%2Braj4X7xhhEIOVJSSPbSZBbSxJNvU1RXDxQVcEYWxylurjnXvF%2BA9Gz5Y%2FUGin%2B2svzhw6RGJ1dq8DgINtD0jokjPndRVbLXs84nxS7gbsGn76oY2zradH%2FdU501DLSMytAXxqAAYnrQLesLZ0VOxi7cg9LDO9w1brCl%2Fw1TxYuVpiYFJ11Kc5F2ues4ocueMk3q3AuAFpCyXW646Exz7L86%2Bp3aiLIps5ON%2FjCiP9oG8LAXI4ajG3woQPLdwm9bT20vHi4yEJYVlvntpkk5bLR5mOuE%2B6VPgmB2q2gHJTKgj13KEDwIAA%3D",
"description": "Converts the input data to the JSON type. If the input is a JSONArray, all its elements are placed directly into the datalist. If the input is a JSONObject, it is treated as a single row in the datalist.",
"advance": {
"inputParamMode": false,
"onError": "stop_cur_flow",
"rspStatusType": 3,
"rspStatusThreshold": 0
},
"componentName": "DataFormat",
"actionName": "convertToJSON",
"status": "success"
},
"isNode": true
},
{
"shape": "custom-edge",
"attrs": {
"line": {
"stroke": "#63ba4d",
"targetMarker": {
"stroke": "#63ba4d"
}
}
},
"zIndex": 1,
"id": "a8104b42-f869-4296-9681-f67f4f59ecef",
"data": {
"nodeType": "sequenceFlow",
"appType": "basic",
"icon": "icon-upper-right-arrow",
"isRequired": false
},
"router": {
"name": "normal"
},
"isNode": false,
"source": {
"cell": "StartEvent_1"
},
"target": {
"cell": "b300fedc-d828-413c-b593-153dbda5ed1a"
},
"vertices": [
{
"x": -492,
"y": 533
}
]
},
{
"shape": "custom-edge",
"attrs": {
"line": {
"stroke": "#63ba4d",
"targetMarker": {
"stroke": "#63ba4d"
}
}
},
"zIndex": 1,
"id": "c20d8dea-c711-4cc3-b6ea-f86033954390",
"data": {
"nodeType": "sequenceFlow",
"appType": "basic",
"icon": "icon-upper-right-arrow",
"isRequired": false
},
"isNode": false,
"source": {
"cell": "b300fedc-d828-413c-b593-153dbda5ed1a"
},
"target": {
"cell": "c5baaffa-df7e-47f4-851d-7289276ad76b"
}
},
{
"shape": "custom-edge",
"attrs": {
"line": {
"stroke": "#63ba4d",
"targetMarker": {
"stroke": "#63ba4d"
}
}
},
"zIndex": 1,
"id": "c00c6197-85b7-486b-8771-3daa3fdb243e",
"data": {
"nodeType": "sequenceFlow",
"appType": "basic",
"icon": "icon-upper-right-arrow",
"isRequired": false
},
"isNode": false,
"source": {
"cell": "c5baaffa-df7e-47f4-851d-7289276ad76b"
},
"target": {
"cell": "ec535172-836f-4e5e-9e4a-ef546f030f5d"
}
}
]
}joindata
Joins multiple tables and outputs the specified fields.
Parameter descriptions
Parameter | Description |
inputNodes |
|
joinFields |
|
outputFields | The fields to output after the join. The reference format is `[nodeName].[fieldName]`. |
Example
Example scenario
The `leftJSON` and `rightJSON` data nodes are used as input. Their data formats are as follows:
`leftJSON`: `[{"action":"11","uuid":[{"uuid-key":"1"}]},{"action":"21","uuid":[{"uuid-key":"2"}]}]`
`rightJSON`: `[{"uuid":[{"uuid-key":"1"}],"host":"196.1.*.*"},{"uuid":[{"uuid-key":"1"}],"host":"196.2.*.*"}]`
The tables are joined based on the `uuid` field.
The output fields are configured as follows: The `host` field from `rightJSON` is output as the `myhost` field, the `action` field from `leftJSON` is output as the `myaction` field, and the `uuid` field from `leftJSON` is mapped to the output `uuid` field.
Parameter | Parameter value |
inputNodes | Two rows of data are configured as follows:
Note "JSONArray:" indicates that the parameter is converted to the JSONArray type. Otherwise, data cannot be pulled from the preceding node. |
joinFields | Left input box: `leftJSON.uuid`, Right input box: `rightJSON.uuid`. |
outputFields | Three rows of data are configured as follows: Left input box: `myhost`, Right input box: `rightJSON.host`. Left input box: `myaction`, Right input box: `leftJSON.action`. Left input box: `uuid`, Right input box: `leftJSON.uuid`. |
Sample output:
[
{
"myaction": "11",
"uuid": [
{
"uuid-key": "1"
}
],
"myhost": "196.1.*.*"
},
{
"myaction": "11",
"uuid": [
{
"uuid-key": "1"
}
],
"myhost": "196.2.*.*"
}
]groupbydata
Groups input data based on a key.
Parameter descriptions
Parameter | Description |
inputNode | The input content. The format must be a JSONArray that contains multiple JSON objects. |
groupByKeys | The key to group by. |
outputFields | The content to output after grouping. jq expressions are supported. |
Example
Example scenario
The `inputNode` contains information such as Attack Type, count, and endTime.
The grouping field is `Attack Type`.
The output fields are configured as follows: The `count` values are summed and output as `Attack Count`. The most recent `endTime` is selected and output as `Latest Attack Time`.
Parameter | Parameter value |
inputNode | |
groupByKeys | Attack Type |
outputFields | Note Use jq expressions to process the `inputNode` JSON data:
|
Sample output:
[
{
"Attack Type": "web shell",
"Attack Count": 2,
"Latest Attack Time": 1646115503000
},
{
"Attack Type": "application whitelist",
"Attack Count": 1,
"Latest Attack Time": 1646114098000
}
]concatFiledtoBatch
Concatenates the values from the input data in batches.
Parameter descriptions
Parameter | Description |
inputField | The content to concatenate. The format must be a JSONArray that contains multiple JSON objects. |
batchSize | The number of items to concatenate in each batch. For example, a value of `2` combines two JSON objects into one. A value of `-1` combines all JSON objects into one. |
concatStr | The separator string. If you need spaces around the separator, enclose it in double quotation marks to preserve the spaces. For example: `" ## "`. |
fieldAddPrefix | The prefix to add to the concatenated string. |
fieldAddSuffix | The suffix to add to the concatenated string. |
Example
Example scenario:
Concatenate the `Attack Type` from the inputField in groups of two. Use " ## " to join the data in each group. Add the prefix "Prefix" and the suffix "Suffix" to each group.
Parameter | Parameter value |
inputField | |
batchSize | 2 |
concatStr | " ## " |
fieldAddPrefix | Before |
fieldAddSuffix | Suffix |
Sample output:
[
{
"concatField": "PreWebShellPost\" ## \"PreWebShellPost"
},
{
"concatField": "PreWebShellPost\" ## \"PreApplicationWhitelistPost"
},
{
"concatField": "PreApplicationWhitelistPost"
}
]leftJoin
Performs a left join using the left node as the primary table.
Parameter descriptions
Parameter | Description |
leftNode |
|
rightNode |
|
joinFields |
|
leftOutputFilelds | The fields to output from the left node. Key conversion is supported. The left input box is for the new name, and the right input box is for the original field. Note
|
rightOutputFields | The fields to output from the right node. Key conversion is supported. The left input box is for the new name, and the right input box is for the original field. Note
|
Example
Example scenario
The `leftNode` contains the `action` and `uuid` fields. The `uuid` field contains the nested `uuid-key` data. The `rightNode` contains the `uuid` and `host` fields.
The `uuid` field of the `leftNode` is used as the join field.
The output data is configured as follows: The values of the `action` and `uuid` fields from the `leftNode` are output without changing their key names. The value of the `host` field from the `rightNode` is output and renamed to `site`.
Parameter | Parameter value |
leftNode | Note The following data must be converted to the JsonArray object type first. |
rightNode | Note The following data must be converted to the JsonArray object type first. |
joinFields | Left input box: `leftNode.uuid`, Right input box: `rightNode.uuid`. |
leftOutputFilelds | Left input box: `*`, Right input box: `action,uuid`. |
rightOutputFields | Left input box: `site`, Right input box: `host`. |
Sample output:
[
{
"action": "11",
"uuid": [
{
"uuid-key": "1"
}
],
"site": "196.1.*.*"
},
{
"action": "11",
"uuid": [
{
"uuid-key": "1"
}
],
"site": "196.2.*.*"
},
{
"action": "21",
"uuid": [
{
"uuid-key": "2"
}
]
}
]convertToJson
Converts a JSON string to a JSON object. This action only performs type conversion.
If the input string is a JSONArray, all its elements are placed directly into the datalist.
If the input string is a JSONObject, it is treated as a single row in the datalist.
uniondata
Combines multiple rows of data.
Parameter descriptions
Parameter | Description |
inputNodes | The node data to combine. |
Example
Example:
The `left` and `right` data nodes are used as input. Their data formats are as follows:
`left`: `[{"action":"11","uuid":[{"uuid-key":"1"}]},{"action":"21","uuid":[{"uuid-key":"2"}]}]`
`right`: `[{"uuid":[{"uuid-key":"1"}],"host":"196.1.*.*"},{"uuid":[{"uuid-key":"1"}],"host":"196.2.*.*"}]`
Parameter | Parameter value |
inputNodes | Two rows of data are configured as follows: Left input box: `leftJSON`, Right input box: `${JSONArray:left.datalist.*}`. Left input box: `rightJSON`, Right input box: `${JSONArray:right.datalist.*}`. Note
|
Sample output:
[
{
"action": "11",
"uuid": [
{
"uuid-key": "1"
}
]
},
{
"action": "21",
"uuid": [
{
"uuid-key": "2"
}
]
},
{
"uuid": [
{
"uuid-key": "1"
}
],
"host": "196.1.*.*"
},
{
"uuid": [
{
"uuid-key": "1"
}
],
"host": "196.2.*.*"
}
]formatdata
Transforms data or aggregates data from multiple sources.
Parameters
Parameter | Description |
inputNodes | The data nodes to format. |
Example
Parameter | Parameter value |
inputNodes | Two rows of data are configured as follows: Left input box: `name`, Right input box: `test` Left input box: `age`, Right input box: `18` |
Sample output:
{
"name": "test",
"age": "18"
}