Hal Pomeranzjq is super useful, once somebody explains the basics to you. Here I am explaining the basics in a way that's applicable for all you DFIR types.
cR0w 
@hal_pomeranz I don't use jq a lot, but when I do, it's absolutely the right tool. Such a cool tool.
Fennix@fennix @hal_pomeranz Does that work with json?
@fennix @hal_pomeranz Ah. I get it now. I should check it out though. I still use sed, awk, tr, cut, grep, etc. for csv files. And the stupid tsv files some tools export to with no other format options.
If you do have to work with CSVs it's quite good.
@hal_pomeranz @fennix Absolutely. But for some reason I prefer fighting that to fighting tabs. I blame hardheadedness and inertia.
@cR0w I’ve been dealing with a lot of JSON data lately and learning a lot about jq. It’s a different mindset than other tools I use and it took a while to get comfortable with it.
@hal_pomeranz I don't use it enough to be comfortable with it, but I have used it enough to have enough examples in my notes to no longer need the help or man page most of the time.
David Zaslavsky@hal_pomeranz @cR0w I agree! It feels like a fundamentally different programming paradigm, compared to the usual ones (procedural, object-oriented, event-driven/asynchronous, etc.). I actually think I've learned quite a bit from writing complex programs in jq. (arguably more complex than should be written in jq, but it was fun)
Mattias Wadman@diazona @hal_pomeranz @cR0w the "everything is a generator" seems to trip up many jq users, but it's also what makes jq so nice! if you want to digg deep into similar languages i think icon and verse are close