Contents
Get a Personalized Demo
See how Torq harnesses AI in your SOC to detect, prioritize, and respond to threats faster.
Automation workflows add a lot of value to an organization’s day-to-day operations. At a minimum, they streamline the execution of complex, multi-step processes, allowing people to focus on higher-value tasks. On top of that, automation workflows can provide valuable insights through the metrics that they gather – including the number of requests, the date and time they were requested, the time it took to complete each request, who made the request, and much more.
At first, automated workflows functioned much like a basic assembly line, where workers only know how to perform one step in the whole process. Now, modern automation solutions like Torq’s no-code platform are able to use the data passed into a certain step, together with the data generated in that step to make decisions about retries, failures, and next steps in the process.
In the beginning, these workflows functioned much like a basic assembly line, where workers only knew how to perform one step in the whole process. Now, modern automation solutions can use the data that’s being passed into a certain step, together with the data that’s generated in that step to make decisions about retries, failures, and where to send the request next.
This is especially important when it comes to security and auditing. While gathering more context to achieve a more complete record of what is happening, that context can also be used to decide what a requester can send or receive at each step. For example, while someone in the payroll department can access salary data that someone on the help desk cannot, both can see who the employee’s manager is.
JSON Basics: The Building Blocks for Workflow Automation
Since modern intelligent automation workflows are built around their data, that data needs to have a consistent format across all steps in the workflow. The format that Torq uses to contain that data is JavaScript Object Notation, better known as JSON.
Because JSON is a text-based, self-describing format, it is easy to work with and very flexible. Compared to older and more formally structured formats like XML (eXtensible Markup Language), it requires less overhead to process and less storage space to archive. It is also easier to extend on the fly without needing to refactor multiple schemas to ensure backwards compatibility.
JSON Basic Structure
JSON is also human-readable, since it is based on the concept of key:value pairs and follows basic formatting rules. In this case, the only purpose of white space is to make it easier for humans to read. You must use a valid format, which normally means beginning and ending with curly brackets (i.e. { }), although square brackets (i.e. [ ]) are used in some cases. In addition, every element except the last one needs to be followed by a comma so that everyone knows there are more values to follow.
In the following JSON key:value example, the keys are shapes and the value of each key is the number of corners that the shape has.
| { “triangle”: 3,
“square”: 4, “octagon”: 8 } |
Basic JSON key:value Example
Data Types
When it comes to values, there are really only three data types. However, the values can be stored in arrays or objects, as defined below:
| Type | Description | Example |
| String | Alphanumeric sequence (written in double quotes). | “day”: “Saturday”“time”: “2021-03-11” |
| Number | An integer (not in double quotes). | “guestsNumber”: 25 |
| Boolean | Value can be true/false (not in double quotes). | “surpriseParty”: false |
Note: Numbers and Boolean values don’t need to be contained in quotes. However, string values and key names must be contained in quotes.
What Is a JSON Object?
JSON objects are items defined with multiple unique key:value pairs below them. Objects are contained within curly brackets, which is why most JSON data that is handled within these workflows will start and end with curly brackets. In fact, all of the data used within a workflow is one single object containing multiple sub-objects.
If we extend our previous example to include the number of sides as well as corners, we’ll end up with a unique object for each shape:
| { “triangle”: { “sides”: 3, “corners”: 3 },
“square”: { “sides”: 4, “corners”: 4 }, “octagon”: { “sides”: 8, “corners”: 8 } } |
JSON Object Example
JSON Arrays
Now you know how to create simple key:value pairs and unique objects. Sometimes, however, you need to record things as data using a common format, but the data itself is unique for each item. In such cases, you would define an array using square brackets ( [ ] ) around the set of key value pairs that need to be stored in the data.
For example, you can make a single object called “shapes” that contains an array for the data:
| { “shapes”: [
{ “type”: “triangle”, “sides”: 3, “corners”: 3 }, { “type”: “square”, “sides”: 4, “corners”: 4 }, { “type”: “octagon”, “sides”: 8, “corners”: 8 } ] } |
JSON Array Example
How to Use JSON to Reference Data
Now that you know what the structure of JSON looks like and how easy it is to follow, we’ll explain how to address specific places inside the JSON data. To do so, you can either target the retrieval of the current state or grab an entire array.
How to Reference JSON Objects / Arrays
Let’s start with the basics of accessing data from an object. JSONpath is built using dot notation, which is a common type of syntax used in many programming languages to access the properties of an object. The basic JSONpath for accessing an entire object is “$.” These two characters will be at the beginning of every JSONpath in Torq.
For instance, to access the value of “triangle” in the first example (a simple JSON with a few key value pairs), you’d begin the path with the root “$.” and add the name of the key that you want to retrieve. So, in our example, “$.triangle” would return the value of 3.
Let’s say you wanted to access something that’s multiple levels down in the object. Using the JSON in the second example, you’d build on the base of “$.triangle” and add “.sides.” So, in this case, “$.triangle.sides” would return the value of 3.
Referencing JSON Arrays
Arrays are handled slightly differently, since they consist of multiple instances of data in a single object. To access data in an array, you can use square brackets and specify the desired record number. Or, if you leave the square brackets off, you’ll get the entire object back.
For instance, using the JSON in the third example, you’d start with the base and ask for all of the records in shapes with the “$.shapes” JSONpath. You would use “$.shapes[0]” if you only wanted the first record. (In JSON, record numbers start at zero, not one.)
You can also pull back the number of sides in every record without pulling the rest of the data. The syntax is similar, except that you replace the index number with a colon to access all records. So, “$.shapes[:].sides” would return “{ 3,4,8 }” as the result.
Once you’ve mastered the art of navigating JSON, you can start to do more advanced filtering within JSONpath. Using the third, “$.shapes[?(@.sides>5)]” would return a record of every shape in the array that has more than 5 sides.
There are many online tools that you can use to validate that these examples really work (like JSONpath.com).
JSON-Based Workflows
Now that you know what the data structure looks like in JSON, as well as how to reference specific values in that data with JSONpath, you have the option to build highly customized workflows to bring sanity and a sense of control to the most challenging manual work within your organization… Not that you’d need it, since Torq offers data-driven, zero-code security automation.
