Liqi.proBlog

SWQL & practice

From a report need to SWQL (sanitized walkthrough)

Alerts plus Nodes join sketch with sample SWQL — peer-review before production.

Includes sample SWQL, drafted on Orion Platform 2024.4.1 — confirm join keys and columns in your lab.

Goal

Weekly report: still-active alerts with node Caption for grouping.

Sketch

SELECT TOP 200
  a.AlertObjectID,
  a.DisplayName AS AlertName,
  n.Caption AS NodeCaption
FROM Orion.AlertObjects AS a
LEFT JOIN Orion.Nodes AS n ON n.Uri = a.RelatedNodeUri
WHERE a.Active = 1

Confirm whether RelatedNodeUri, EntityUri, or another key is correct for your alert types.

Try SWQL Copilot for variations, then narrow fields in the lab.

SWQL Copilot is not affiliated with or endorsed by SolarWinds.