Liquid

Rootly supports the use of the Liquid templating engine in Workflows Tasks. Liquid provides a number of useful filters which can be used to manipulate the contents of options blocks. For example, the expression {{ 'hello' | upcase }} uses the upcase filter, when inserted into an options block it will render HELLO. You can string multiple Liquid filters together, with the expression processed left-to-right.

Expression: {{ "now" | date: "%Y%m%d" }}

Sample result: "20180424"

Reference

Expression: {{ .my_array | size | times: 10 }}

Sample result: 50

Reference

• abs: Returns the absolute value of a number.
• append: Concatenates two strings and returns the concatenated value.
• at_least: Limits a number to a minimum value.
• at_most:Limits a number to a maximum value.
• capitalize: Makes the first character of a string capitalized.
• ceil: Rounds the input up to the nearest whole number. Liquid tries to convert the input to a number before the filter is applied.
• compact: Removes any nil values from an array.
• concat: Concatenates (joins together) multiple arrays. The resulting array contains all the elements from the input arrays.
• date: Converts a timestamp into another date format. The format for this syntax is the same as strftime.
• default: Allows you to specify a fallback in case a value doesn’t exist. default will show its value if the left side is nil, false, or empty.
• divided_by: Divides a number by the specified number.
• downcase: Makes each character in a string lowercase. It has no effect on strings which are already all lowercase.
• escape: Escapes a string by replacing characters with escape sequences (so that the string can be used in a URL, for example). It doesn’t change strings that don’t have anything to escape.
• escape_once: Escapes a string without changing existing escaped entities. It doesn’t change strings that don’t have anything to escape.
• first: Returns the first element of an array.
• floor: Rounds a number down to the nearest whole number. Liquid tries to convert the input to a number before the filter is applied.
• hmac_sha1: Converts a string into a SHA-1 hash using a hash message authentication code (HMAC). Pass the secret key for the message as a parameter to the filter.
• hmac_sha256: Converts a string into a SHA-256 hash using a hash message authentication code (HMAC). Pass the secret key for the message as a parameter to the filter.
• join: Combines the elements in an array into a single string using the argument as a separator.
• last: Returns the last element of an array.
• lstrip: Removes all whitespace (tabs, spaces, and newlines) from the beginning of a string. The filter does not affect spaces between words.
• map: Creates an array of values by extracting the values of a named property from another object.
• minus: Subtracts a number from another number.
• modulo: Returns the remainder of a division operation.
• newline_to_br: Replaces every newline (\n) with an HTML line break (\<br>).
• plus: Adds a number to another number.
• prepend: Adds the specified string to the beginning of another string.
• replace: Replaces every occurrence of an argument in a string with the second argument.
• replace_first: Replaces only the first occurrence of the first argument in a string with the second argument.
• reverse: Reverses the order of the elements in an array. reverse cannot reverse a string.
• round: Rounds an input number to the nearest integer or, if a number is specified as an argument, to that number of decimal places.
• rstrip: Removes all whitespace (tabs, spaces, and newlines) from the right side of a string.
• size: Returns the number of characters in a string or the number of elements in an array.
• slice: Returns a substring of 1 character beginning at the index specified by the argument passed in. An optional second argument specifies the length of the substring to be returned.
• sort: Sorts elements in an array by a property of an element in the array. The order of the sorted array is case-sensitive.
• sort_natural: Sorts elements in an array by a property of an element in the array.
• split: Divides an input string into an array using the argument as a separator. split is commonly used to convert comma-separated items from a string to an array. Use with as_object to send data as an array, e.g.: {{ .comma_delimited_string | split: ',' | as_object }}. Without using as_object, the result will commonly be a string with concatenated values in the array.
• strip: Removes all whitespace (tabs, spaces, and newlines) from both the left and right side of a string. It does not affect spaces between words.
• strip_html: Removes any HTML tags from a string.
• strip_newlines: Removes any newline characters (line breaks) from a string.
• times: Multiplies a number by another number.
• truncate: truncate shortens a string down to the number of characters passed as a parameter. If the number of characters specified is less than the length of the string, an ellipsis (…) is appended to the string and is included in the character count.
• truncatewords: Shortens a string down to the number of words passed as the argument. If the specified number of words is less than the number of words in the string, an ellipsis (…) is appended to the string.
• uniq: Removes any duplicate elements in an array.
• upcase: Makes each character in a string uppercase. It has no effect on strings which are already all uppercase.
• url_decode: Decodes a string that has been encoded as a URL or by url_encode.
• url_encode: Converts any URL-unsafe characters in a string into percent-encoded characters.
• where: Selects all the elements in an array where the key has the given value. {{ .get_all_alarms.body.alarms | where:"classification","malware" }}