Skip to main content

Querying Use Cases

The Configuration Query Language (CQL) in Mantis provides powerful capabilities for analyzing and managing your infrastructure configurations. Here are key use cases where CQL proves invaluable:

Security Analysis

CQL helps identify potential security vulnerabilities in your infrastructure:

from: "service[string]"
select: [""]
where: {
"image": "^vulnerable-." // Find vulnerable images
// OR
"image.tag": "^.-cve-." // Find images with CVE tags
}

Resource Management

Resource Consumption Analysis

Track high-resource consumers across your infrastructure:

from: "service[string]"
select: ["resources", "namespace"]
where: {
    "namespace": "production"
    "resources.requests.memory": "^[1-9][0-9]*Gi$"  // High memory requests
}

Resource Misconfiguration Detection

Identify potential resource misconfigurations:

from: "service[string]"
select: ["resources"]
where: {
    "resources.requests.cpu": "^[0-9]*m$"      // CPU in millicores
    "resources.limits.cpu": "^[1-9][0-9]*$"    // High CPU limit
}

High Availability Verification

Ensure proper replica placement and redundancy:

from: "service[string]"
select: ["topology"]
where: {
    "node": ".*-zone-a"              // Check zone placement
    "replicas": "^[1-9][0-9]*$"      // Multiple replicas
}

Change Impact Analysis

Dependency Tracking

Find resources depending on specific components:

from: "resource[string]"
select: ["*"]
where: {
    "depends_on": ".*redis-cache.*"  // Find Redis dependencies
}

Configuration Drift Detection

Compare configurations across environments:

from: "service[string]"
select: [
    "name",
    "replicas",
    "env"
]
where: {
    "replicas": "3"   // Expected replica count
}

Resource Ownership and Management

Track resources by team or application:

from: "service[string]"
select: ["metadata"]
where: {
    "metadata.labels.app": "frontend"
    "metadata.labels.team": "platform"
}

Key Benefits

  1. Enhanced Security: Quickly identify potential security risks and vulnerabilities
  2. Resource Optimization: Track and optimize resource usage across your infrastructure
  3. Change Management: Assess the impact of changes before implementation
  4. Compliance: Ensure configurations meet organizational standards
  5. Operational Efficiency: Streamline infrastructure management tasks

Best Practices

  1. Use consistent naming patterns for resources
  2. Include comprehensive metadata in resource definitions
  3. Document dependencies explicitly
  4. Tag resources with ownership and criticality information
  5. Regularly audit configurations using CQL queries