Query Catalog action
Available for event and incident workflows |
This action queries a data catalog and maps the matching data to the specified event or incident fields.
Catalog Name
The catalog to query.
Lookup Mapping
Look up the matching catalog entry for an object: If the catalog field = the event or incident field, the entry matches.
Apply Mapping
If the action finds a matching entry, copy data from the catalog field to the event or incident field. You can specify a default value if a catalog field is undefined.
Event example
Your monitoring service sends metrics to Moogsoft Cloud. These metrics have all the data required by the Metrics API, but they do not specify the service running on each source. You create a catalog called mySources, which specifies each source and its associated service, region, and instance type:
instance-id, service, region, instance-type i-0z267fg498xc23750, custLogin, us-east-1f, t2.large i-0w690ji481vb38749, dbQuery, us-west-1b, t3a.xlarge ...
To map the catalog data to your monitored sources, you add a Query Catalog action into your workflow and configure it as follows:
Catalog name = mySources
Lookup mapping : instance-id =
SourceApply mapping:
service =
serviceregion =
location.regioninstance-type =
tags.instance-type
When this action processes an event from one of these sources, it adds the catalog data to the event.
Here is an example event that was processed by this workflow:
Event before | Event after |
|---|---|
{
"description":"CPU spike to 75%",
"severity":4,
"source":"i-0z267fg498xc23750",
"time":1592322348182,
"check":"cpu",
"service":[""],
} | {
"description":"CPU spike to 75%",
"severity":4,
"source":"i-0z267fg498xc23750",
"time":1592322348182,
"check":"cpu",
"service":["custLogin"],
"location": { "region":"us-east-1f"},
"tags": { "instance-type":"t2.large"}
} |