source
Description
The source command is a foundational component of DataPrime. It informs the DataPrime engine which datasource you wish to read from.
Note
While you can start your query with this, the source command is optional and will default to logs.
Basic usage
In DataPrime, you read data by specifying a dataset within an optional dataspace: dataprime source <dataspace>/<dataset> If no dataspace is provided, the query defaults to the default dataspace. This allows for concise syntax when working within the most common data sources. Common datasets include: * logs – Application and infrastructure logs. Default dataset. Equivalent to source default/logs. * spans – Distributed tracing data from systems like OpenTelemetry. Equivalent to source default/spans. * enrichments/<name> – custom enrichment tables uploaded via the UI or API. For example: source default/enrichments/ip_lookup
You can also query system-generated datasets such as: * system/engine.queries – Logs of all DataPrime query executions. * system/alerts.history – Historical records of alert events.
Dataset names may include dots (e.g.,
engine.queries) but are still treated as flat identifiers—not nested structures. This structure supports querying across teams, environments, or pipelines—whether you’re debugging logs, analyzing performance, or auditing notifications.
Syntax
Example 1
Query logs from the default dataspace:
Example query
Example 2
Query spans from the default dataspace.
Example query
Example 3
Query system generated data such as engine.query logs/
Example query
Try it yourself
In the Explore screen, enter:
You’ll see all log events from the default dataspace within the currently selected timeframe.
To view traces instead:
This switches the dataset to spans while staying in the same dataspace context.