Template - Functions

UPDATED: Please head over to our new GitHub Support Site for help, examples, tips and tricks: https://github.com/AttackForge/ReportGen

$declare

Use this function to declare a variable, which can then be used in other procedures and operators below.

{$declare[variable][value]}

Parameters

  • variable - the name of the variable.

  • value - the value to assign to this variable. Supports:

    • booleans

    • integers

    • "strings"

    • [] - empty array

    • <Dictionary> - a flat list of key:value pairs

    • variables - other variables. See variables

    • scope - data contained within the JSON file. See scope

Example

Declare a new variable 'myVariable' and set a value of 0.

{$declare[myVariable][0]}

Declare a new variable 'myVariable' and set a value of false.

{$declare[myVariable][false]}

Declare a new variable 'myVariable' set a value of empty list/array.

{$declare[myVariable][[]]}

Declare a new key 'key1' on an existing Dictionary variable 'myVariable' and set a value of empty list/array.

{$declare[myVariable][<Dictionary>]}
{$declare[myVariable["key1"]][[]]}

Declare a new key based on value of another variable 'otherVariable' on an existing Dictionary variable 'myVariable' and set a value of empty list/array.

{$declare[myVariable][<Dictionary>]}
{$declare[myVariable["$(otherVariable)"]][[]]}

$push

Use this function to push a value to a variable which has been initialized as an array.

{$push[variable][value]}

Parameters

  • variable - the name of the variable. See $declare.

  • value - the value to add to the end of the array. Supports:

    • "strings"

    • integers

    • variables - other variables. See variables

    • scope - data contained within the JSON file. See scope

Example 1

Example below will create a new variable that contains the details for each affected asset for SSL Weak Cipher vulnerabilities based on custom tags. Combine with $value to retrieve the affected assets. 

{$declare[WeakCipherVulns][[]]}
{#vulnerabilities | filterBy:“AffectedAssetCustomTags”:[“ssl_weak_ciphers:true”]}
{$push[WeakCipherVulns][“%(./)”]}
{/}
{#$value[WeakCipherVulns]}
Weak Cipher Vulnerability Title: {title}
{/}

Example 2 - pushing to a Dictionary

Example below will push data to a Dictionary and use $keys to display the data.

{$declare[TestingPhaseVulns][<Dictionary>]}
{#projectCustomFields}
{#testing_phases}
{$declare[CurrentPhase][“%(./)”]}
{$declare[TestingPhaseVulns[“$(CurrentPhase)”]][[]]}
{#vulnerabilities | filterBy:“AffectedAssetCustomFields”:[“testing_phase:$(CurrentPhase)”]}
{$push[TestingPhaseVulns[“$(CurrentPhase)”]][“%(./)”]}
{/}{/}{/}
{#$keys[TestingPhaseVulns]}
Vulnerabilities for Testing Phase: {this[0]}
{#this[1]}
Vulnerability Title: {title}
{/}{/}

$increment

Use this function to increment a variable which has a numeric value.

{$increment[variable][number]}

Parameters

  • variable - the name of the variable. See $declare.

  • number - the number to increment the existing value for this variable. Supports:

    • integers

    • variables - other variables which are integers. See variables

    • scope - data contained within the JSON file that is number format. See scope

Example

Example below will create a new variable that increments the total number of vulnerabilities by 1, every time it loops through a new vulnerability. Combine with $value to retrieve the count.

{$declare[CountTotalVulnerabilities][0]}
{#vulnerabilities}
{$increment[CountTotalVulnerabilities][1]}
{/}

$decrement

Use this function to decrease a variable which has a numeric value.

{$decrement[variable][number]}

Parameters

  • variable - the name of the variable. See $declare.

  • number - the number to decrease the existing value for this variable. Supports:

    • integers

    • variables - other variables which are integers. See variables

    • scope - data contained within the JSON file that is number format. See scope

Example

Example below will create a new variable that counts all vulnerabilities except for info vulnerabilities. It decreases the total number of vulnerabilities by 1, every time it loops through a new vulnerability and where the vulnerability priority is Info. Combine with $value to retrieve the count.

{$declare[CountAllVulnsExceptInfo][0]}
{#vulnerabilities}
{$increment[CountAllVulnsExceptInfo][1]}
{#priority === "Info"}
{$decrement[CountAllVulnsExceptInfo][1]}
{/}{/}

$multiply

Use this function to multiply a variable which has a numeric value.

{$multiply[variable][number]}

Parameters

  • variable - the name of the variable. See $declare.

  • number - the number to multiply the existing value for this variable. Supports:

    • integers

    • variables - other variables which are integers. See variables

    • scope - data contained within the JSON file that is number format. See scope

Example

Example below will create a new variable 'AmountToCharge' with a default amount of $500. It then checks for a project custom field 'rateToMultiplyCharge' and multiplies 'AmountToCharge' by this amount. Combine with $value to show the amount to charge.

{$declare[AmountToCharge][500]}
{#projectCustomFields}
{#rateToMultiplyCharge}
{$multiply[AmountToCharge][”%(rateToMultiplyCharge)”]}
{/}{/}
{$value[AmountToCharge]}

$append

Use this function to append data to an existing variable.

{$append[variable][value]}

Parameters

  • variable - the name of the variable. See $declare.

  • value - the value to assign to this variable. Supports:

    • booleans

    • integers

    • "strings"

    • variables - other variables. See variables

    • scope - data contained within the JSON file. See scope

Example

Example below will create a new variable, then append the vulnerability title to it.

{$declare[VulnTitle]["Title: "]}
{#vulnerabilities[0]}
{$append[VulnTitle]["%(./)"]}
{/}
{$value[VulnTitle]}

$assign

Use this function to assign a new value for a variable.

{$assign[variable][value]}

Parameters

  • variable - the name of the variable. See $declare.

  • value - the value to assign to this variable. Supports:

    • booleans

    • integers

    • "strings"

    • variables - other variables. See variables

    • scope - data contained within the JSON file. See scope

Example 1

Example below will create a new variable that counts all affected assets for every vulnerability, then prints the count along with the vulnerability name. It uses $assign to reset the counter for every new vulnerability.

{$declare[CountAllAffectedAssets][0]}
{#vulnerabilities}
{#affected_assets}
{$increment[CountAllAffectedAssets][1]}
{/}
Total affected assets for vulnerability {title}:
{$value[CountAllAffectedAssets]}
{$assign[CountAllAffectedAssets][0]}
{/}

Example 2 - assigning to a Dictionary

Example below will create a new Dictionary variable that counts all affected assets for every vulnerability, then prints the count along with the vulnerability name.

{$declare[VulnsCountAffectedAssets][<Dictionary>]}
{#vulnerabilities}
{$declare[VulnsCountAffectedAssets[“%(title)”]][0]}
{$assign[VulnsCountAffectedAssets[“%(title)”]][“%(affected_assets.length)”]}
{/}
{#$keys[VulnsCountAffectedAssets]}
Vulnerability Title: {this[0]} – Total Affected Assets: {this[1]}
{/}

$value

Use this function to retrieve the value for a variable.

{$value[variable]}

Parameters

  • variable - the name of the variable. Supports:

    • variables - see variables

    • scope - data contained within the JSON file. See scope

Example

Example below will create a new variable that counts all affected assets for every vulnerability, then prints the count along with the vulnerability name. It resets the counter for each new vulnerability.

{$declare[CountAllAffectedAssets][0]}
{#vulnerabilities}
{#affected_assets}
{$increment[CountAllAffectedAssets][1]}
{/}
Total affected assets for vulnerability {title}:
{$value[CountAllAffectedAssets]}
{$assign[CountAllAffectedAssets][0]}
{/}

$keys

Use this function to retrieve the value for a Dictionary. $keys will return the data from a Dictionary in the following format:

[
    [
        "key",
        "value"
    ]
]

Therefore you can access the key using this[0] and value using this[1]. See example below.

Example

The example below uses a Dictionary to store the name of every unique vulnerability along with its total number of affected assets, then prints the data using this function.

{$declare[VulnsCountAffectedAssets][<Dictionary>]}
{#vulnerabilities}
{$declare[VulnsCountAffectedAssets[“%(title)”]][0]}
{$assign[VulnsCountAffectedAssets[“%(title)”]][“%(affected_assets.length)”]}
{/}
{#$keys[VulnsCountAffectedAssets]}
Vulnerability Title: {this[0]} – Total Affected Assets: {this[1]}
{/}

You can also use {$keys[this]} on any object, which will return each key/value pair in the object as an array - {this[0]} for the key, and {this[1]} for the value.

{#vulnerabilities}
{#$keys[this]}
{$help[scope]}
Key: {this[0]}
Value: {this[1]}
{/}{/}

$sort

Use this function to sort the data within a variable.

{#$sort[variable]["key:<asc/desc>"]}{/}

  • key - JSON object key. Omit this value if sorting a string array (just keep colon)

  • asc - sort data in ascending order

  • desc - sort data in descending order

To observe the variables available for sorting - use the $help procedure.

Example 1: Sort A List

{#$sort[UniqueAffectedEndpoints][":asc"]}{/}

Example 1: Single-Key Sort

{#$sort[UniqueAffectedEndpoints]["af_sys_affected_endpoint:desc"]}{/}

Example 2: Multi-Key Sort

{#$sort[UniqueOWASPTop10Vulns]["priority:asc","title:desc"]}{/}

$includes

Use this function to check if a value exists or does not exist (excludes) within a variable.

To check if data exists:

{#$includes[variable][value]}{/}

To check if data does not exist (excludes):

{^$includes[variable][value]}{/}

  • value - the value to assign to this variable. Supports:

    • booleans

    • integers

    • "strings"

    • variables - other variables. See variables

    • scope - data contained within the JSON file. See scope

The following example creates a unique list of affected asset names, then prints the list.

{$declare[UniqueAssets][[]]}
{#vulnerabilities}
{#affected_assets}
{^$includes[UniqueAssets]["%(asset)"]}
{$push[UniqueAssets]["%(asset)"]}
{/}{/}{/}
{#$value[UniqueAssets]}
{.}
{/}

$comment

Use this function to include a comment in your template which will not show in your report.

You can include a comment in two separate ways:

{$comment[THIS IS A COMMENT]}
{!!THIS IS A COMMENT}

$help

Use this function to print diagnostic information to your ReportGen browser console.

Insert this function in the relevant section in your template to se information about variables and scope.

You can add your own labels to help with debugging when you have multiple help functions used in your template.

{$help[label][function]}

Parameters

  • {$help[some label][var]} - prints diagnostic information for variables

  • {$help[some label][scope]} - prints diagnostic information for scope

Example 1 - Printing Help for Scope

{$help[All Report Data][scope]}
{#vulnerabilities}
{$help[Vulnerability][scope]}
{/}

Example 2 - Printing Help for Variables

{$declare[TotalUniqueVulnerabilities][0]}
{#vulnerabilities}
{$increment[TotalUniqueVulnerabilities][1]}
{/}
{$help[My Variables][var]}

@$hyperlink

Use this function to create a hyperlink.

{@$hyperlink[text][link]}

Parameters

  • text - the text for the hyperlink. Supports:

    • "strings"

    • variables - other variables. See variables

    • scope - data contained within the JSON file. See scope

  • link - the URL to assign to the hyperlink. Supports:

    • "strings"

    • variables - other variables. See variables

    • scope - data contained within the JSON file. See scope

Example 1 - Scope

Example below will create a new hyperlink based on scope.

{@$hyperlink[“%(projectName)”][“%(data.project.url)”]}

Example 2 - Manual

Example below will create a new hyperlink based on manually entered in values.

{@$hyperlink[“AttackForge.com”][“https://attackforge.com”]}

Example 3 - Variables

Example below will create a new hyperlink based on the values from other variables.

{$declare[Text][“Link to ReportGen”]}
{$declare[Link][“https://www.attackforge.com/reportgen.html”]}
{@$hyperlink[“$(Text)”][“$(Link)”]}

$index

Use this function to print the current index of the loop you are iterating over:

{#vulnerabilities}
{$index} - {title}
{/}

$isFirst

Use this function to check if you are in the first iteration of a loop.

For example, if you want to add a section heading BEFORE printing the vulnerability titles:

{#vulnerabilities}
{#$isFirst}VULNERABILITIES
{/}{title}
{/}

Another example is if you want to check if it IS NOT the first iteration of a loop:

{#vulnerabilities}
{^$isFirst}NOT FIRST{/}{title}
{/}

$isLast

Use this function to check if you are in the last iteration of a loop.

For example, if you want to add an extra line break after every vulnerability title except for the last:

{#vulnerabilities}
{title}{^$isLast}
{/}{/}

Another example is if you want to check if it IS the last iteration of a loop:

{#vulnerabilities}
{#$isLast}IS LAST{/}{title}
{/}

$equals

Use this function to perform an equality comparison for a variable against a value.

{$equals[variable][value]}

Parameters

  • variable - the name of the variable. See $declare.

  • value - the value which is used to perform the comparison against this variable. Supports:

    • booleans

    • integers

    • "strings"

    • variables - see variables

    • scope - data contained within the JSON file. See scope

Example

Example below will create a new variable that will be used to print a section heading AFFECTED ASSETS: before listing all of the affected assets for every vulnerability. After printing the heading, it assigns the variable to false to prevent it displaying on the next affected asset. After looping through and listing every affected asset, it re-assigns the variable to true so it is printed for the next vulnerability.

{$declare[AffectedAssetsHeading][true]}
{#vulnerabilities}
{#affected_assets}
{#$equals[AffectedAssetsHeading][true]}
AFFECTED ASSETS:
{$assign[AffectedAssetsHeading][false]}
{/}
{asset}
{/}
{$assign[AffectedAssetsHeading][true]}
{/}

$equalsRegExp

Use this function to perform an equality comparison for a variable against a value using a Regular Expression test. Performs a global, case insensitive test.

{$equalsRegExp[variable][/someRegExp/]}

Parameters

  • variable - the name of the variable. See $declare.

  • value - the value which is used to perform the comparison against this variable. Supports:

    • Regular Expression - /.../

Example 1

{$declare[MyName][“Bobby Brown”]}
{#$equalsRegExp[MyName][/brown/]}
My Name has Brown
{/}{^$equalsRegExp[MyName][/brown/]}
My Name does not have Brown
{/}

Example 2

{$declare[TestURL][“https://google.com”]}
{#$equalsRegExp[TestURL][/(https?:\/\/(?:www\.|(?!www))[a-zA-Z0-9][a-zA-Z0-9-]+[a-zA-Z0-9]\.[^\s]|www\.[a-zA-Z0-9][a-zA-Z0-9-]+[a-zA-Z0-9]\.[^\s]|https?:\/\/(?:www\.|(?!www))[a-zA-Z0-9]+\.[^\s]|www\.[a-zA-Z0-9]+\.[^\s])/]}
Is a URL
{/}{^$equalsRegExp[TestURL][/(https?:\/\/(?:www\.|(?!www))[a-zA-Z0-9][a-zA-Z0-9-]+[a-zA-Z0-9]\.[^\s]|www\.[a-zA-Z0-9][a-zA-Z0-9-]+[a-zA-Z0-9]\.[^\s]|https?:\/\/(?:www\.|(?!www))[a-zA-Z0-9]+\.[^\s]|www\.[a-zA-Z0-9]+\.[^\s])/]}
Is NOT a URL
{/}

Example 3

{$declare[TestIP][“192.168.0.1”]}
{#$equalsRegExp[TestIP][/^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$/]}
Is an IP address
{/}{^$equalsRegExp[TestIP][/^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$/]}
Is NOT an IP address
{/}

$lessThan

Use this function to perform a 'less than' comparison for a variable against a number or date.

{$lessThan[variable][value]}

Parameters

  • variable - the name of the variable. See $declare.

  • value - the value which is used to perform the comparison against this variable. Supports:

    • integers

    • UTC datetime string

    • variables - other variables which are integers. See variables

    • scope - data contained within the JSON file that is number format. See scope

Example

Example below will create a new variable that will be used to count all affected assets for every vulnerability, and if there are less than 5 affected assets on a vulnerability - it will print There is less than 5 affected assets for this vulnerability. It resets the counter to 0 after looping on each vulnerability so it is ready for the next vulnerability.

{$declare[TotalAffectedAssets][0]}
{#vulnerabilities}
{#affected_assets}
{$increment[TotalAffectedAssets][1]}
{/}
{#lessThan[TotalAffectedAssets][5]}
There is less than 5 affected assets for this vulnerability.
{/}
{$assign[TotalAffectedAssets][0]}
{/}

$lessThanOrEqual

Use this function to perform a 'less than or equal' comparison for a variable against a number.

{$lessThanOrEqual[variable][value]}

Parameters

  • variable - the name of the variable. See $declare.

  • value - the value which is used to perform the comparison against this variable. Supports:

    • integers

    • UTC datetime string

    • variables - other variables which are integers. See variables

    • scope - data contained within the JSON file that is number format. See scope

Example

Example below will create a new variable that will be used to count all affected assets for every vulnerability, and if there are less than 5 affected assets on a vulnerability - it will print There is 5 or less affected assets for this vulnerability. It resets the counter to 0 after looping on each vulnerability so it is ready for the next vulnerability.

{$declare[TotalAffectedAssets][0]}
{#vulnerabilities}
{#affected_assets}
{$increment[TotalAffectedAssets][1]}
{/}
{#lessThanOrEqual[TotalAffectedAssets][5]}
There is 5 or less affected assets for this vulnerability.
{/}
{$assign[TotalAffectedAssets][0]}
{/}

$greaterThan

Use this function to perform a 'greater than' comparison for a variable against a number.

{$greaterThan[variable][value]}

Parameters

  • variable - the name of the variable. See $declare.

  • value - the value which is used to perform the comparison against this variable. Supports:

    • integers

    • UTC datetime string

    • variables - other variables which are integers. See variables

    • scope - data contained within the JSON file that is number format. See scope

Example

Example below will create a new variable that will be used to count all affected assets for every vulnerability, and if there are more than 5 affected assets on a vulnerability - it will print There are more than 5 affected assets for this vulnerability. It resets the counter to 0 after looping on each vulnerability so it is ready for the next vulnerability.

{$declare[TotalAffectedAssets][0]}
{#vulnerabilities}
{#affected_assets}
{$increment[TotalAffectedAssets][1]}
{/}
{#greaterThan[TotalAffectedAssets][5]}
There are more than 5 affected assets for this vulnerability.
{/}
{$assign[TotalAffectedAssets][0]}
{/}

$greaterThanOrEqual

Use this function to perform a 'greater than or equal' comparison for a variable against a number.

{$greaterThanOrEqual[variable][value]}

Parameters

  • variable - the name of the variable. See $declare.

  • value - the value which is used to perform the comparison against this variable. Supports:

    • integers

    • UTC datetime string

    • variables - other variables which are integers. See variables

    • scope - data contained within the JSON file that is number format. See scope

Example

Example below will create a new variable that will be used to count all affected assets for every vulnerability, and if there are 5 or more affected assets on a vulnerability - it will print There are 5 or more affected assets for this vulnerability. It resets the counter to 0 after looping on each vulnerability so it is ready for the next vulnerability.

{$declare[TotalAffectedAssets][0]}
{#vulnerabilities}
{#affected_assets}
{$increment[TotalAffectedAssets][1]}
{/}
{#greaterThanOrEqual[TotalAffectedAssets][5]}
There are 5 or more affected assets for this vulnerability.
{/}
{$assign[TotalAffectedAssets][0]}
{/}

Variables

Variables can be declared using the $declare function.

Once a variable has been declared, it can be used in other functions as follows:

"$(variable)"

For example, you can declare a new variable with the value of a different variable as follows:

{$declare[Variable1][25]}
{$declare[Variable2]["$(Variable1)"]}
Value of Variable2 is 25:
{$value[Variable2]}

Or you can compare variables again each other:

{$declare[Variable1][25]}
{$declare[Variable2][30]}
Check if Variable1 is greater than Variable2
{#greaterThan[Variable1]["$(Variable2)"]}

Scope

Functions support passing scope as a value.

Scope is a path/reference to a key within the JSON data structure used by ReportGen.

Scope uses a 'relative path' format, meaning you can traverse up or down the JSON data structure to get to the data you need.

Scope can be accessed as follows:

"%(pathToScopeItem)"

For reference on what to use as pathToScopeItem - please see examples listed below.

!IMPORTANT: Before using scope, we recommend you to first get comfortable with JSON data structures. This will make it easier for you to understand how to access the data you need.

To access the scope you can use the following $help procedure within your template:

{$help["%()"]}

Place this function within the area of your template where you would like to see more details on the available scope.

After that, save your template and then open the ReportGen tool and open the browser console.

Run your report and notice that additional diagnostic information relating to your scope is printed in the console.

Example:

{#vulnerabilities}
{$help["%()"]}
{/}

Example 1 - Accessing Current Scope

{#vulnerabilities}
{#affected_assets}
{$value["%(asset)"]}
{/}{/}

In the example above, we are printing the value of the asset name using the $value function.

Because we are calling this function within the affected_assets loop - the immediate scope available is any JSON object keys/values that exist within affected_assets object, for example 'asset' which is the asset name.

Therefore we can access the asset name using "%(asset)".

If you wanted to access the JSON object (affected_asset) instead of the name of the asset, you can use the following:

{#vulnerabilities}
{#affected_assets}
{$value["%(./)"]}
{/}{/}

Example 2 - Accessing Parent Scope

{#vulnerabilities}
{#affected_assets}
{$value["%(../priority)"]}
{/}{/}

In the example above, we are printing the value of the vulnerability priority using the $value function.

Because we are calling this function within the affected_assets loop and the data we need - the priority of the vulnerability - is one-level above in the vulnerability JSON object, we will need to traverse up the scope path to the vulnerability object. We can do this by using ../ syntax which will go up a level within the JSON data structure.

Once we are at the vulnerability level, we can access the 'priority' JSON object key. The result is using "%(../priority)" to get the priority.

If you wanted to access the JSON object for the parent (vulnerability) instead of the priority, you can use the following:

{#vulnerabilities}
{#affected_assets}
{$value["%(../)"]}
{/}{/}

Example 3 - Accessing Multi-Level Parent Scope

{#vulnerabilities}
{#affected_assets}
{$value["%(../../project.name)"]}
{/}{/}

In the example above, we are printing the value of the project name using the $value function.

Because we are calling this function within the affected_assets loop and the data we need - the name of the project - is two-levels above in the project JSON object, we will need to traverse up the scope path to the project object. We can do this by using ../../ syntax which will go up two levels within the JSON data structure.

Once we are at the project level, we can access the 'name' key within the project JSON object. The result is using "%(../../project.name)" to get the project name.

Notice that the project JSON object has a number of different keys such as "name", "code" and "created". You can use dot (.) syntax to traverse down the JSON data structure, in the same way you would in object-oriented programming - for example project.name or project.code.

Example 4 - Accessing Arrays

{#vulnerabilities}
{#affected_assets}
{$value["%(../../projectCustomFields[1].out_of_scope)"]}
{/}{/}

In the example above, we are printing the value of the project custom field 'out_of_scope' using the $value function.

Because we are calling this function within the affected_assets loop and the data we need - the project custom field 'out_of_scope' - is two-levels above in the projectCustomFields JSON object array, we will need to traverse up the scope path to the projectCustomFields object array. We can do this by using ../../ syntax which will go up two levels within the JSON data structure.

Once we are at the projectCustomFields level, note that this key is an array of objects. Therefore, we cannot use syntax such as projectCustomFields.out_of_scope as out_of_scope is not a key in the projectCustomFields object array.

We will need to instead identify which object in the array has the key we need, then use the index of that object.

"projectCustomFields":
    [
        {
            "source_ips": "192.168.0.1"
        },
        {
            "out_of_scope": "URL1, URL2, URL3"
        }
    ],

From the example above, the out_of_scope object is the second (2nd) index in the array. Because this is a JSON structure, indexes start at 0 and count upwards. Therefore the index we need to use is 1.

The result is using "%(../../projectCustomFields[1].out_of_scope)" to traverse up two (2) levels, select the projectCustomFields object array, select object [1] within the array, then select out_of_scope key.

Example 5 - Accessing Array Length

{$value["%(testing_summary.assets.length())"]}

In the example above, we are printing the total number of assets in the project scope using the $value function.

Because we are calling this function at the root (top) level - we can immediately access the testing_summary object which has the data we need - 'assets' key.

Because assets is a string array, it has a length. Therefore we can refer to that length using a .length() operation.

The result is using "%(testing_summary.assets.length())" to select the 'testing_summary' object, select 'assets' string array, and perform a length operation.

Combining Filters In Functions

You can combine filters in your functions in two ways:

Example 1: Using a filter inside the function

{#vulnerabilities}
{#affected_assets}
{#assetCustomFields}
{$value[“%(af_sys_affected_endpoint) | replace:[“http”,”https”]”]}
{$declare[Custom][“%(af_sys_affected_endpoint) | replace:[“http”,”https”]”]}
{/}{/}{/}

{$value[“$(Custom) | replace:[“com”,”moc”]”]}

Example 2: Chaining a filter to the output of a function

{$declare[CustomSortedAffectedAssets][[]]}
{#vulnerabilities}
{#affected_assets}
{$push[SortedAffectedAssets][“%(./)”]}
{/}{/}
{#$value[SortedAffectedAssets] | sort:[“customtag_sortindex:asc”]}
{asset}
{/}
PreviousTemplate - OptionsNextTemplate - Filters

Last updated

Check YouTube for more tutorials: https://youtube.com/@attackforge