turbot/newrelic
steampipe plugin install newrelic

Table: newrelic_alert_incident - Query New Relic Alert Incidents using SQL

New Relic Alerts is a flexible, centralized notification system that unlocks the operational potential of New Relic. Alerts provides a streamlined interface for managing alert policies and conditions, allowing users to evolve their alerting strategy to suit changing needs. It offers fine-grained control over alert conditions, ensuring that the right people are notified at the right time.

Table Usage Guide

The newrelic_alert_incident table provides insights into alert incidents within New Relic. As a DevOps engineer, explore incident-specific details through this table, including the severity, duration, and associated policies. Utilize it to uncover information about incidents, such as those with high severity, long duration, and the policies that triggered them.

Examples

List all alert incidents

Explore all alert incidents to identify when they were opened and closed, their preferences, associated policies, and any violations. This is useful for gaining insights into potential issues and ensuring appropriate alert policies are in place.

select
id,
opened_at,
closed_at,
incident_preference,
policy_id,
violations
from
newrelic_alert_incident;
select
id,
opened_at,
closed_at,
incident_preference,
policy_id,
violations
from
newrelic_alert_incident;

List alert incidents with policy names

Determine the areas in which alert incidents are linked with specific policy names. This can be useful to understand the timeline of incidents and their corresponding policies, helping to manage and mitigate risks effectively.

select
i.id,
p.name as policy,
i.opened_at,
i.closed_at
from
newrelic_alert_incident i,
newrelic_alert_policy p
where
i.policy_id = p.id;
select
i.id,
p.name as policy,
i.opened_at,
i.closed_at
from
newrelic_alert_incident i,
newrelic_alert_policy p
where
i.policy_id = p.id;

List open alert incidents

Explore which alert incidents are currently open in your NewRelic monitoring system. This can help you quickly assess active issues and prioritize your response efforts.

select
id,
opened_at,
closed_at,
incident_preference,
policy_id,
violations
from
newrelic_alert_incident
where
closed_at is null;
select
id,
opened_at,
closed_at,
incident_preference,
policy_id,
violations
from
newrelic_alert_incident
where
closed_at is null;

Schema for newrelic_alert_incident

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
closed_attimestamp with time zoneTimestamp of when the incident was closed.
idbigintUnique identifier for the alert incident.
incident_preferencetextThe preference of the incident.
opened_attimestamp with time zoneTimestamp of when the incident was created.
policy_idbigintIdentifier of the policy the incident is associated with.
profile_idtext=, !=, ~~, ~~*, !~~, !~~*Unique identifier of the current user.
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
violationsjsonbAn array of violation identifiers associated with the incident.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- newrelic

You can pass the configuration to the command with the --config argument:

steampipe_export_newrelic --config '<your_config>' newrelic_alert_incident