sed to replace value for a key in a json object

Question

What am I trying to do?

Given a file of json events. I want to locate specific events by keyword and then replace the value of key in that event with "". This must be done with sed (Splunk forwarding issue.. I wont bore you with the details).

Example Event

{
  "message":"we have a response from SomeService",
  "other":"some stuff",
  "other2":"some other stuff",
  "xml":"<Envelope xmlns:soap=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:awsse=\"http://xml.chicken.com/2010/06/Session_v3\" xmlns:wsa=\"http://www.w3.org/2005/08/addressing\"><Header><To>http://www.w3.org/2005/08/addressing/anonymous</To><From><Address>..... AND SO ON BIG GIANT NASTEY XML",
  "other3":"even more stuff"
}

Desired outcome

{
  "message":"we have a response from SomeService",
  "other":"some stuff",
  "other2":"some other stuff",
  "xml":"",
  "other3":"even more stuff"
}

What have I tried? I can isolate the events and replace a key no problem. I am struggling with a regex to replace the value of a key in the json.

cat test.json | sed '/"we have a response from SomeService"/ s/other2/chicken/'

Thansk for you help!

Answer 1

copy from comment

You might try this

cat test.json | sed '/"xml":/ s/"xml":[^,]*/"xml":""/'

[^,]* will match everything until , being find.