Examples
This page provides practical examples of using Port's search and query syntax across different features.
Catalog pages
Initial filters for catalog pages are configured when creating or editing a catalog page in your software catalog. These filters pre-filter which entities appear when the page loads, improving performance and showing only relevant data.
Filters are particularly useful for blueprints with large entity counts (such as Snyk vulnerabilities), where requests may take a long time to ld or even time out without filtering.
- Basic example
- Advanced example
This example demonstrates how to filter a Snyk vulnerability catalog page, showing only high and critical severity vulnerabilities:
{
"combinator": "and",
"rules": [
{
"value": [
"high",
"critical"
],
"property": "severity",
"operator": "in"
}
]
}
This example demonstrates how to filter a service catalog page with multiple conditions, showing only production services owned by specific teams that were updated within a specific date range:
{
"combinator": "and",
"rules": [
{
"value": "production",
"property": "environment",
"operator": "="
},
{
"value": [
"platform_team",
"developers_team"
],
"property": "$team",
"operator": "containsAny"
},
{
"property": "last_push",
"operator": "between",
"value": {
"from": "<START_DATE>",
"to": "<END_DATE>"
}
}
]
}
Entity pages
Filters for related entity tabs are configured when creating custom tabs on any entity page.
To add filters, navigate to the Related Entities tab, click the + button to create a new tab or edit an existing one. Then under Additional filters, click the filters button to add your query.
These filters are particularly useful when a tab displays a large number of related entities. Filters improve performance and make the data more manageable.
- Basic example
- Advanced example
This example demonstrates how to filter related pull requests for a repository entity, showing only PRs with an open status:
{
"combinator": "and",
"rules": [
{
"value": "open",
"property": "status",
"operator": "="
}
]
}
This example demonstrates how to filter related PagerDuty incidents for a service entity with multiple conditions, showing only high-urgency incidents that are still unresolved and were created in the last week:
{
"combinator": "and",
"rules": [
{
"value": "high",
"property": "urgency",
"operator": "="
},
{
"value": [
"triggered",
"acknowledged"
],
"property": "status",
"operator": "in"
},
{
"property": "created_at",
"operator": "between",
"value": {
"preset": "lastWeek"
}
}
]
}
Dashboard widgets
Widget-specific filters are configured in the widget creatio or edit form for dashboard widgets. These filters determine which entities are included in calculations and visualizations.
- Basic property filter
- Filter by contextual data
- Filter by relation-path
This example demonstrates how to filter overdue pull requests, showing only PRs with an open status that were created in the past 90 days:
{
"combinator": "and",
"rules": [
{
"value": "open",
"property": "status",
"operator": "="
},
{
"property": "createdAt",
"operator": "between",
"value": {
"preset": "last3Months"
}
}
]
}
Contextual queries using the context field require JSON mode. You cannot configure these through the UI form.
Filter by logged-in user
This example demonstrates how to filter entities owned by the logged-in user:
{
"combinator": "and",
"rules": [
{
"operator": "matchAny",
"property": {
"path": ["relationID_1"]
},
"value": {
"context": "user",
"property": "$identifier"
}
}
]
}
Filter by user's teams
This example demonstrates how to filter entities by the logged-in user's owning teams:
{
"combinator": "and",
"rules": [
{
"value": {
"context": "user",
"property": "$team"
},
"property": "$team",
"operator": "containsAny"
}
]
}
This example demonstrates how to filter pull requests based on their relationship to a specific repository. It shows only PRs belonging to the backend-api service:
{
"combinator": "and",
"rules": [
{
"operator": "matchAny",
"property": {
"path": [
"service"
]
},
"value": "backend_api"
}
]
}
Blueprint read permissions
Blueprint read permissions can be configured with dynamic policy rules using search and query syntax. Configure these in the data model page by clicking on a blueprint and going to the Permissions tab.
The policy key allows you to create dynamic read access rules that grant users access to entities based on their properties, team membership, and contextual user data. This determines which entities users can see in catalog pages.
For detailed examples and information, see the read permissions policy section in the catalog RBAC documentation.
Aggregation properties
Configure filters when creating or editing an aggregation property in the data model page. The search and query filter is defined under the query section of the aggregation property.
This example demonstrates how to add an aggregation property to a service blueprint that calculates the number of open high-severity vulnerabilities for each service, filtering only vulnerabilities with severity set to high and status set to open:
{
"aggregationProperties": {
"numberOfOpenHighVulnerabilities": {
"title": "Number of open high severity vulnerabilities",
"target": "vulnerability",
"calculationSpec": {
"calculationBy": "entities",
"func": "count"
},
"query": {
"combinator": "and",
"rules": [
{
"property": "severity",
"operator": "=",
"value": "high"
},
{
"property": "status",
"operator": "=",
"value": "open"
}
]
}
}
}
}
Scorecards
Configure filters when creating or editing a scorecard. Filters determine which entities the rule evaluates, filtering out irrelevant entities and performing checks only on entities that pass the filtering.
Scorecard filters use conditions instead of rules, but follow the same structure with combinator, property, operator, and value.
This example demonstrates how to filter a scorecard to apply only to production services owned by specific teams. This ensures the quality check only runs on critical services:
"filter": {
"combinator": "and",
"conditions": [
{
"value": [
"builder_team",
"developers_team"
],
"operator": "containsAny",
"property": "$team"
},
{
"value": "production",
"operator": "=",
"property": "environment"
}
]
}
For a complete list of the available operators in scorecard filters, see the available operators section under the rule elements documentation.
Self-service actions
Configure these options when creating or editing an action in the self-service actions page.
- Action conditions
- Entity input datasets
- Dynamic permissions
Action conditions determine which entities an action appears on, ensuring actions are only available for relevant entities. Configure this in the Basic Details tab of the action form.
Action conditions are only available for DAY-2 and DELETE operations.
This example demonstrates how to conditionally display an action based on entity properties. It shows the action only on entities where the environment property equals production:
{
"type": "SEARCH",
"rules": [
{
"operator": "=",
"property": "environment",
"value": "production"
}
],
"combinator": "and"
}
Filter dropdown options in action forms to show only relevant entities based on properties, relations, or user context.
To configure this, go to the User Form tab when setting up entity-type inputs, then expand the advanced configuration section where you can define a dataset filter. This is particularly useful for filtering entity options based on the logged-in user or their teams.
This example demonstrates how to filter an entity input dropdown to show only environments owned by the logged-in user's teams. This ensures users can only select environments they have access to:
{
"properties": {
"environment": {
"type": "string",
"format": "entity",
"blueprint": "environment",
"dataset": {
"combinator": "and",
"rules": [
{
"property": "team_mirror", // Need to add a mirror property of the Owning team
"operator": "in", // to the environment blueprint
"value": {
"jqQuery": ".user.team"
}
}
]
}
}
}
}
Dynamic permissions control who can execute or approve actions based on entity properties and user context. When creating or editing an action, go to the Permissions tab to configure query-based permissions.
For examples of dynamic action permissions using search and query syntax, see the examples section of the Dynamic permissions page.
API
You can use search and query syntax with the following API routes: search entities and search a blueprint's entities.
The examples below use the EU region API.
If you wish to use the US region API, replace https://api.getport.io with https://api.us.getport.io.
The following examples provide a foundation for using the search route. You can modify the rules array to match your specific search requirements.
- Python
- Javascript
- cURL
# Dependencies to install:
# $ python -m pip install requests
import json
import requests
CLIENT_ID = "YOUR_CLIENT_ID"
CLIENT_SECRET = "YOUR_CLIENT_SECRET"
API_URL = "https://api.getport.io/v1"
credentials = {"clientId": CLIENT_ID, "clientSecret": CLIENT_SECRET}
token_response = requests.post(f"{API_URL}/auth/access_token", json=credentials)
access_token = f"Bearer {token_response.json()['accessToken']}"
# You can now use the value in access_token when making further requests
headers = {
'Authorization': access_token
}
query = {
"combinator": "or",
"rules": [
{
"property": "$title",
"operator": "=",
"value": "admin-prod"
},
{
"property": "$title",
"operator": "=",
"value": "admin-test"
}
]
}
search_req = requests.post(f"{API_URL}/entities/search", headers=headers, json=query)
search_entities = search_req.json()['entities']
for entity in search_entities:
print(json.dumps(entity))
// Dependencies to install:
// $ npm install axios --save
const axios = require("axios").default;
const CLIENT_ID = "YOUR_CLIENT_ID";
const CLIENT_SECRET = "YOUR_CLIENT_SECRET";
const API_URL = "https://api.getport.io/v1";
(async () => {
const tokenResp = await axios.post(`${API_URL}/auth/access_token`, {
clientId: CLIENT_ID,
clientSecret: CLIENT_SECRET,
});
const accessToken = tokenResp.data.accessToken;
// You can now use the value in accessToken when making further requests
const config = {
headers: {
Authorization: `Bearer ${accessToken}`,
},
};
const query = {
combinator: "or",
rules: [
{
property: "$title",
operator: "=",
value: "admin-prod",
},
{
property: "$title",
operator: "=",
value: "admin-test",
},
],
};
const response = await axios.post(
`${API_URL}/entities/search`,
query,
config
);
console.log(response.data["entities"]);
})();
#!/bin/bash
# Dependencies to install:
# For apt:
# $ sudo apt-get install jq
# For yum:
# $ sudo yum install jq
access_token=$(curl --location --request POST 'https://api.getport.io/v1/auth/access_token' \
--header 'Content-Type: application/json' \
--data-raw '{
"clientId": "CLIENT_ID",
"clientSecret": "CLIENT_SECRET"
}' | jq '.accessToken' | sed 's/"//g')
# The token will be available in the access_token variable
curl --location --request POST 'https://api.getport.io/v1/entities/search?attach_title_to_relation=true&exclude_calculated_properties=false' \
--header "Authorization: Bearer $access_token" \
--header 'Content-Type: application/json' \
--data-raw '{
"combinator": "or",
"rules": [
{
"property": "$title",
"operator": "=",
"value": "admin-prod"
},
{
"property": "$title",
"operator": "=",
"value": "admin-test"
}
]
}'