Add JSON Support to RECmd Batch#108
Merged
EricZimmerman merged 1 commit intoEricZimmerman:masterfrom Oct 13, 2025
Merged
Conversation
There was a problem hiding this comment.
Pull Request Overview
This PR adds JSON output support to RECmd's batch mode functionality, allowing users to output results in JSONL format as an alternative to CSV. The implementation follows a similar pattern to the SQLECmd JSON support, with both main batch output and plugin output capabilities.
- Adds JSON command-line options and validation logic for batch mode
- Implements JSONL output for both main batch results and plugin-specific data
- Updates method signatures throughout the codebase to support JSON parameters
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
As requested by @AndrewRathbun and @philhagen implemented JSON support to RECmd Batch. This follows the JSONL format similar to the pull request I did for SQLECmd. I did the minimum amount of changes required to allow this to function.
Similar to SQLECmd I have allowed null values to be output as I feel it is important to surface the field names to let the analyst know the tool didn't output a value for a specific field but open to change this if you want null values hidden.
Kept the format the same where the plugins output to a separate folder to avoid clogging up the main batch file but these files also output to JSON as well.