Query Your Infrastructure

MQL is a lightweight, fast query language built for searching and filtering infrastructure configuration data. Its data extraction resembles GraphQL, while its scripting approach is similar to JavaScript.

MQL integrates with hundreds of resources to retrieve information about your infrastructure.

Run standalone queries from the command line

To run standalone queries from the command line, use the cnquery run command:

cnquery run TARGET -c QUERY

Examples

List services and their running status on your local system:

cnquery run local -c "services.list { name running }"

Find all AWS EC2 instances with a public IP address:

aws.ec2.instances.where( publicIp != '' ) {
  instanceId
  region
  state
  tags
  publicIp
}

List all users with every available field:

users.list { * }

Find all container image repositories used in a Kubernetes cluster:

k8s.pods {
 name
 containers.map( containerImage.repository.fullName )
}

Resources and fields

Resources are the building blocks for writing queries. They let you retrieve the configuration of an asset. Some examples:

• asset — Information about the asset, including name, family, release, and more
• user — User information, including name, UID, GID, home, shell, and more
• packages — Package information, including name, version, installed, outdated, and more
• k8s.container — Kubernetes container configuration, including imagePullPolicy, workingDir, and more
• terraform.block — Terraform block arguments, attributes, and more

Each resource has fields that return specific configuration values. Retrieve multiple fields at once using braces:

asset { platform version arch }

For a full list of available resources, enter the help command within the cnquery shell, or browse the MQL resource reference.

Operators and functions

For information on MQL operators and functions, read Write Effective MQL.

Learn more

• To explore cnquery commands, read the CLI Reference.
• To explore the capabilities of the MQL language, read the MQL docs.