Qorrelate Qorrelate | Docs

Workflow Automation

Build powerful automations that respond to alerts, query your observability data, analyze with AI, and notify your team. No code required.

Quick Start

  1. Navigate to Workflows in the sidebar
  2. Click New Workflow
  3. Add a trigger (Alert, Schedule, or Manual)
  4. Add data nodes, logic, and actions
  5. Save and activate your workflow

How Workflows Work

A workflow is a series of connected nodes that execute in order. Each node performs a specific action:

  • Trigger Starts the workflow (alert, schedule, or manual)
  • Data Queries logs, traces, metrics, sessions, alerts, or services
  • AI Analyzes data using Claude AI
  • Logic Controls flow with conditions, loops, and transformations
  • Action Sends notifications or creates tickets

Triggers

Every workflow starts with exactly one trigger node.

Alert Trigger

Runs when a specific alert fires

Select an alert from your organization. When that alert fires, the workflow executes automatically with the alert data as trigger context.

Config: alert_id - The ID of the alert to monitor

Schedule Trigger

Runs on a cron schedule

Define a cron expression to run the workflow at specific intervals.

Config: cron - Cron expression (e.g., 0 * * * * for hourly)

Examples: 0 9 * * * (daily at 9am), */15 * * * * (every 15 min), 0 0 * * 1 (weekly on Monday)

Manual Trigger

Run on-demand from the UI

Click "Run" in the workflow list to execute manually. Useful for testing or ad-hoc operations.

Data Nodes

Query your organization's observability data.

Observability Data

Node Description Config
Search Logs Query log entries query, time_window, limit
Search Traces Query trace spans query, time_window, limit
Check Metric Query metric value metric_name, aggregation, time_window

Organization Data

Node Description Output
Search Sessions Query session replay data Sessions with user, URL, duration
Get Alerts List alerts by status/severity Alerts with status, fire_count
Alert History When alerts fired Historical alert events
Get Usage Ingestion stats Logs, metrics, traces counts and bytes
Get Services Services with health Services with error_rate, latency, health
Error Summary Aggregate errors Errors from logs & traces by service

AI Nodes

AI Analyze

Analyze data with Claude AI

Send data from previous nodes to AI for analysis. Great for root cause analysis, error classification, and generating summaries.

Config:

  • prompt - Instructions for the AI
  • input_variable - Which node's output to analyze (e.g., node_1)
  • max_tokens - Maximum response length

Example prompts:

  • "Analyze these error logs and identify the root cause"
  • "Summarize the key issues in these traces"
  • "Classify this error and suggest a fix"

Logic Nodes

Control workflow execution with conditions, loops, and transformations.

If/Else Condition

Branch based on field value (2 outputs: true/false)

Switch

Multi-branch routing (up to 4 outputs)

Filter

Filter array items by condition

Aggregate

Count, sum, avg, min, max on arrays

Transform

Extract, count, first, last operations

Loop

Iterate over array items

Delay

Wait before continuing (max 1 hour)

Template

Format text with {{variables}}

Set Variable

Store value for later use

Merge

Combine multiple inputs

Action Nodes

Send notifications and integrate with external tools.

Node Description Key Config
Slack Send Slack message webhook_url, message, channel
Microsoft Teams Send Teams message webhook_url, title, message
Email Send email via AWS SES to, subject, body
PagerDuty Create/resolve incidents routing_key, severity, summary
Jira Create Jira issue project_key, issue_type, summary
GitHub Create GitHub issue repo, title, body
HTTP Request Call any webhook/API url, method, body

Variables & Templates

Reference data from previous nodes using template syntax.

Accessing Node Outputs

Each node's output is stored as node_X where X is the node ID. Use double curly braces to reference: 

{{node_1}}           - Full output of node 1
{{node_1.count}}     - The "count" field from node 1
{{node_1.logs.0}}    - First log from node 1's logs array
{{trigger_data}}     - Data that triggered the workflow

Template Example

🚨 Alert: High Error Rate

Errors found: {{node_2.count}}
Top error: {{node_2.logs.0.body}}

AI Analysis:
{{node_3.analysis}}

AI Workflow Generation

Describe what you want in natural language and AI will generate the workflow for you.

How to Use

  1. Open the workflow builder
  2. Type your description in the AI chat on the left
  3. AI generates the complete workflow with connected nodes
  4. Review, modify, and save

Example Prompts

"When high error rate alert fires, search error logs, analyze with AI, and send to Slack"

Creates: trigger_alert → search_logs → ai_analyze → slack

"Every hour, check service health. If any service has error rate above 5%, create a Jira ticket"

Creates: trigger_schedule → get_services → condition → jira

"Daily at 9am, send a usage summary to the team email"

Creates: trigger_schedule → get_usage → template → email

Example Workflows

Intelligent Alert Response

When an alert fires, automatically gather context, analyze, and notify.

Alert Fires → Search Logs (query: "level:ERROR", 15m) → AI Analyze ("Identify root cause") → Slack (#incidents)

Daily Health Report

Every morning, summarize service health and email to the team.

Schedule (0 9 * * *) → Get Services (24h) → Filter (health != "healthy") → Template → Email

Auto-Create Bug Tickets

When critical errors spike, automatically create Jira issues with context.

Alert Fires → Error Summary (1h) → Condition (count > 10) → AI Analyze → Jira (Bug)

API Reference

Manage workflows programmatically via the API.

POST /v1/organizations/{org_id}/workflows

Create a new workflow

GET /v1/organizations/{org_id}/workflows

List all workflows

POST /v1/organizations/{org_id}/workflows/{id}/run

Manually run a workflow

POST /v1/ai/generate-workflow

Generate workflow from natural language