Learn more about the Cortex Query Language call
stage to reference a predefined query from the Query Library.
Syntax
call "<name of predefined query>" [<param_name1> = <value1> <param_name2> = <value2>....]
Description
The call
stage is used to reference a predefined query from the Query Library, including your Personal Query Library. In addition, if your query includes parameters you can reference them in the call
stage using the syntax <param_name1> = <value1> <param_name2> = <value2>...
. When using parameters in your call
stage, you need to ensure that a query already exists that uses these parameters.
Example without Parameters
For the predefined query called "CreateRole operation parsed to fields", returns a maximum of 100 records, where the accessKeyId
equals "1234".
call "CreateRole operation parsed to fields" | filter accessKeyId = "1234" | limit 100
Example with Parameters
Using the same example above, this example shows how to use the same call
stage with parameters. This example assumes that there is a query that is already saved with a parameter $key_id = "1234"
.
Saved query:
dataset = dataset_name | filter field_name = $key_id
Query to run with using parameters:
call "CreateRole operation parsed to fields" key_id = "1234" | limit 100