Feature: JSON output prettification/nesting for PowerBI #189
Description
Hey there. I use PowerBI to report on the JSON output from the Snaffler CLI tool specifically:
./Snaffler.exe -s -o snaffledShares.json -t json -i "\\myShare12345\"
I notice that when I import this into PowerBI, I don't get the ability to filter by severity=Green or severity=Red, because, all rows are flat like this:
entries.eventProperties.Green.FileResult.FileInfo.Directory.Exists
entries.eventProperties.Black.FileResult.FileInfo.Directory.Exists
...etc
They're "flattened", which makes PowerBI reporting a bit harder.
To fix this, I propose a lightweight Python script be added that lets you "aggregate" these into a more PowerBI-friendly format.
I will work on this PowerBI-unflatten.py and then reply with it after testing it.
Pseudocode:
'''
1. print all json properties (generate a schema) for the native snaffler json output stored at ./snaffledShares.json
2. Save the schema to ./snafflerSchema.tmp.json
3. read the schema and understand it
4. create a function to mutate the schema so it's nested properly (i.e. no more entries.eventProperties.Green, but rather, enteries.event.severity, etc)
5. use the function to mutate ./snaffledShares.json into ./snaffledShares.powerbi.json
6. read the mutated json file and confirm it's valid json and has similar data.
'''