Skip to main content

Overview

JSONPath is used inside expression contexts such as TRIGGER and ACTIONS.<ref>.result to access nested fields and arrays.

Field access

Use dot notation for nested fields. 
theme: ${{ TRIGGER.data.settings.theme }}
status: ${{ ACTIONS.fetch_alert.result.status }}
Use quoted field names when the field contains special characters. 
value: ${{ TRIGGER.data."alert.sample.data" }}
dash_value: ${{ TRIGGER.data."field-with-dashes" }}

Array access

Use brackets to access array items. 
first_item: ${{ TRIGGER.items[0] }}
last_item: ${{ TRIGGER.items[-1] }}
first_name: ${{ ACTIONS.lookup_users.result.users[0].name }}

Wildcards

Use [*] to select all items in an array. 
ids: ${{ TRIGGER.items[*].id }}
names: ${{ ACTIONS.lookup_users.result.users[*].name }}
Wildcard expressions return a list.

Filters

Use filters to select matching items. 
active_users: ${{ ACTIONS.lookup_users.result.users[?(@.active == true)] }}
high_scores: ${{ ACTIONS.lookup_users.result.users[?(@.score >= 90)] }}
matching_alerts: ${{ TRIGGER.alerts[?(@.severity == "high")] }}
Filter expressions return a list.

Missing fields

Accessing a field that does not exist returns None. No error is raised. 
value: ${{ ACTIONS.check_hash.result.id }}
Guard against None with a null check before dereferencing deeper fields. 
run_if: ${{ ACTIONS.check_hash.result != None && ACTIONS.check_hash.result.id != None }}
  • See the JSONPath cheatsheet for detailed filter patterns, return behavior, and more examples.
  • See Expressions for expression syntax and contexts.
  • See Functions for helper functions you can use alongside JSONPath access.