The system Dataspace
The system dataspace provides powerful visibility into the structure, behavior, and configuration of your organization’s data. You can track how schemas evolve, review alert activity, and inspect audit events — all of which support debugging, auditing, and operational insight.
Overview
The system dataspace contains datasets defined by Coralogix, and is designed to help you understand how your data is structured, how alerts behave over time, and how your environment is changing internally.
You can access this dataspace just like any other in DataPrime using the source keyword:
Key datasets within system
| Dataset | Description |
|---|---|
alerts.history | Tracks triggered alerts, including alert IDs, severity, linked dashboards, and responsible teams. Useful for alert triage and historical audit. |
engine.queries | Captures metadata about query executions. |
engine.schema_fields | Contains schema snapshots for each dataset. This lets you inspect how the structure of a dataset (e.g., fields and types) has changed over time. Each snapshot includes a timestamp and a map of all fields present at that moment. |
notification.deliveries | Logs delivery metadata for notifications (e.g., Slack, email, webhook) including timestamps and status. Helps diagnose why a team may not have received an alert. |
notification.requests | Event schema that captures each incoming notification request, to enable traceability, deduplication, and downstream delivery routing. |
Example: Filtering schema changes
Using DataPrime the engine.schema_fields dataset can be queried to find datasets with P1 alerts that have changed structure recently:
Query behavior and capabilities
All system datasets support full DataPrime functionality — you can filter, aggregate, group, and visualize them like any other dataset. This makes them suitable for use in:
- Explore queries
- Custom Dashboards
- Automated reports
These datasets are especially valuable when paired with historical analysis tools or anomaly detection logic, such as tracking the rate of schema change or alert frequency over time.