Table: pagerduty_incident - Query PagerDuty Incidents using SQL
PagerDuty Incident Management is a digital operations management platform that combines machine data with human data to improve visibility and agility across organizations. It helps teams to minimize business disruptions and improve the customer experience by providing real-time alerts and incident tracking. PagerDuty Incident Management allows organizations to manage incidents from any source, and it's trusted by thousands of organizations globally to improve their incident response.
Table Usage Guide
The pagerduty_incident
table provides detailed insights into incidents managed through the PagerDuty platform. As an Operations or DevOps engineer, explore incident-specific details through this table, including current status, associated services, and urgency level. Utilize it to track and manage incidents, understand their impact, and plan for timely resolution.
Examples
List unacknowledged incidents for the last 30 days
Explore the recent incidents that have not been addressed in the past month. This is beneficial for prioritizing urgent tasks and understanding the backlog of unresolved issues.
select incident_number, summary, urgency, created_at, assignmentsfrom pagerduty_incidentwhere status = 'triggered' and created_at >= now() - interval '30 days';
select incident_number, summary, urgency, created_at, assignmentsfrom pagerduty_incidentwhere status = 'triggered' and created_at >= datetime('now', '-30 days');
List unacknowledged incidents with high urgency for the last 1 week
Determine the high urgency incidents from the past week that are still pending acknowledgment. This aids in prioritizing immediate action on urgent matters that have been overlooked.
select incident_number, summary, urgency, created_at, assignmentsfrom pagerduty_incidentwhere status = 'triggered' and urgency = 'high' and created_at >= now() - interval '7 days';
select incident_number, summary, urgency, created_at, assignmentsfrom pagerduty_incidentwhere status = 'triggered' and urgency = 'high' and created_at >= datetime('now', '-7 days');
List unacknowledged incidents assigned to a specific user for the last 3 days
Determine the areas in which urgent issues have not been acknowledged by a specific team member in the last three days. This helps to identify potential bottlenecks and ensures that critical incidents are addressed promptly.
select i.incident_number, i.summary, i.urgency, i.created_at, p.email as assigned_tofrom pagerduty_incident as i, jsonb_array_elements(i.assignments) as a join pagerduty_user as p on p.id = a -> 'assignee' ->> 'id'where p.id = 'P5ISTE8' and status = 'triggered' and created_at >= now() - interval '3 days';
select i.incident_number, i.summary, i.urgency, i.created_at, p.email as assigned_tofrom pagerduty_incident as i, json_each(i.assignments) as a join pagerduty_user as p on p.id = json_extract(a.value, '$.assignee.id')where p.id = 'P5ISTE8' and status = 'triggered' and created_at >= datetime('now', '-3 days');
List all unacknowledged incidents for the last 7 days
Gain insights into all the recent incidents that have not been addressed yet, within the past week. This can help prioritize urgent matters and streamline incident response.
select incident_number, summary, urgency, created_at, assignmentsfrom pagerduty_incidentwhere status = 'triggered' and created_at >= now() - interval '7 days';
select incident_number, summary, urgency, created_at, assignmentsfrom pagerduty_incidentwhere status = 'triggered' and created_at >= datetime('now', '-7 days');
Schema for pagerduty_incident
Name | Type | Operators | Description |
---|---|---|---|
_ctx | jsonb | Steampipe context in JSON form. | |
acknowledgements | jsonb | A list of all acknowledgements for this incident. This list will be empty if the 'Incident.status' is resolved or triggered. | |
alert_counts | jsonb | Describes the count of triggered and resolved alerts. | |
assignments | jsonb | A list of all assignments for this incident. This list will be empty if the 'Incident.status' is resolved. | |
body | jsonb | Describes the additional incident details. | |
conference_bridge | jsonb | Specifies the contact information that allows responders to easily connect and collaborate during major incident response. | |
created_at | timestamp with time zone | >, >=, =, <, <= | The date/time the incident was first triggered. |
description | text | The description of the incident. | |
escalation_policy | jsonb | Specifies the escalation policy assigned to this incident. | |
first_trigger_log_entry | jsonb | Specifies the first log entry when the incident was triggered. | |
html_url | text | The API show URL at which the object is accessible. | |
id | text | = | An unique identifier of the incident. |
incident_key | text | = | The incident's de-duplication key. |
incident_number | bigint | The number of the incident. This is unique across your account. | |
is_mergeable | boolean | Indicates whether the incident's alerts can be merged with another incident, or not. | |
last_status_change_at | timestamp with time zone | The time at which the status of the incident last changed. | |
last_status_change_by | jsonb | The agent (user, service or integration) that created or modified the incident log entry. | |
pending_actions | jsonb | A list of pending_actions on the incident. A pending_action object contains a type of action which can be escalate, unacknowledge, resolve or urgency_change. A pending_action object contains at, the time at which the action will take place. An urgency_change pending_action will contain to, the urgency that the incident will change to. | |
priority | jsonb | Specifies the priority set for this incident. | |
resolve_reason | jsonb | Specifies the reason the incident was resolved. | |
self | text | The API show URL at which the object is accessible. | |
service | jsonb | Specifies the information about the impacted service. | |
sp_connection_name | text | =, !=, ~~, ~~*, !~~, !~~* | Steampipe connection name. |
sp_ctx | jsonb | Steampipe context in JSON form. | |
status | text | = | The current status of the incident. |
summary | text | A short-form, server-generated string that provides succinct, important information about an object suitable for primary labeling of an entity in a client. In many cases, this will be identical to name, though it is not intended to be an identifier. | |
teams | jsonb | The teams involved in the incident's lifecycle. | |
title | text | Title of the resource. | |
type | text | The type of object being created. | |
urgency | text | = | The current urgency of the incident. |
Export
This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh
script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- pagerduty
You can pass the configuration to the command with the --config
argument:
steampipe_export_pagerduty --config '<your_config>' pagerduty_incident