greentopsecret/new-relic-nerdgraph
skills/new-relic-nerdgraph/SKILL.md
Query New Relic via NerdGraph GraphQL API — run NRQL queries, search entities, and execute cross-account queries. Use when the user needs to fetch, search, or analyze data from New Relic.
development
Updated Apr 5, 2026
$ install --global
skillsauthnpx skillsauth add greentopsecret/agent-skills new-relic-nerdgraphInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 5, 2026, 3:32 PM6.9s2 files scanned
SKILL.md
- name:
- new-relic-nerdgraph
- description:
- Query New Relic via NerdGraph GraphQL API — run NRQL queries, search entities, and execute cross-account queries. Use when the user needs to fetch, search, or analyze data from New Relic.
- license:
- MIT
- compatibility:
- Node.js 18+, run_in_terminal
- author:
- Maxim Yushin
- version:
- 1.0.0
New Relic NerdGraph Query Tool
Purpose
Execute queries against the New Relic NerdGraph GraphQL API and return structured JSON results. This skill is a data retrieval tool only — it does not interpret or analyze the results.
Supports three operation types:
- NRQL queries — run any NRQL query (defaults to
Logcollection) - Entity search — discover monitored services, hosts, and apps
- Account listing — discover accessible New Relic accounts and their IDs
Prerequisites
NR_API_KEY (required)
The NR_API_KEY environment variable must be set (New Relic User API key, starts with NRAK-).
Check if it's set:
echo "${NR_API_KEY:+SET}"
If NOT set, suggest one of these approaches to the user:
The key can be generated at: https://one.newrelic.com/admin-portal/api-keys/home (create a User key).
- Shell profile (recommended) — add to
~/.zshrcor~/.bashrc:export NR_API_KEY="NRAK-XXXXXXXXXXXXXXXXXXXX" - direnv — add to a
.envrcfile:export NR_API_KEY="NRAK-XXXXXXXXXXXXXXXXXXXX" - macOS Keychain + shell — store securely and load on shell init:
security add-generic-password -a "$USER" -s NR_API_KEY -w "NRAK-XXXXXXXXXXXXXXXXXXXX" # Then in ~/.zshrc: export NR_API_KEY=$(security find-generic-password -a "$USER" -s NR_API_KEY -w)
Do NOT proceed with queries until the key is available. Do NOT hardcode the key in commands.
NR_ACCOUNT_ID (required for query subcommand)
Required for NRQL queries. Set via:
--account <ID>flagNR_ACCOUNT_IDenvironment variable
If the user doesn't know their account ID, run the accounts subcommand first to discover it.
Node.js 18+
Required for the query script (uses native fetch).
Script Location
The script location depends on how the skill was installed:
- Global install (GitHub Copilot):
~/.copilot/skills/new-relic-nerdgraph/scripts/nerdgraph.mjs - Global install (Claude Code):
~/.claude/skills/new-relic-nerdgraph/scripts/nerdgraph.mjs - Project install:
./.agents/skills/new-relic-nerdgraph/scripts/nerdgraph.mjs
Detect the correct path by checking which exists. The script is always at scripts/nerdgraph.mjs relative to this SKILL.md.
Subcommands
query — Run NRQL Queries
node <script> query "<NRQL_QUERY>" --account <ID> [--limit <N>]
- Requires
--account <ID>orNR_ACCOUNT_IDenv var - Outputs JSON array to stdout; errors go to stderr
- Retries up to 3 times on transient failures
--limit <N>appendsLIMIT Nif the query doesn't already have one- If the query has no
FROMclause,FROM Logis appended automatically
Cross-account queries:
node <script> query "<NRQL_QUERY>" --accounts 12345,67890,11111
Use --accounts (plural, comma-separated) to run NRQL across multiple accounts simultaneously. This is useful when data spans dev/staging/prod or separate team accounts.
entities — Search Entities
node <script> entities ["<search-query>"] [--type <TYPE>] [--domain <DOMAIN>]
- Search query uses NR entity search syntax (e.g.,
name LIKE 'my-app') --type: filter by entity type (APPLICATION,HOST,MONITOR, etc.)--domain: filter by domain (APM,INFRA,BROWSER,SYNTH, etc.)- If no arguments given, lists all reporting entities
- Returns: name, entityType, guid, alertSeverity, reporting status, and tags
accounts — List Accounts
node <script> accounts
- No account ID required — uses the API key to discover all accessible accounts
- Returns: account ID and name for each account
- Use this when the user doesn't know their
NR_ACCOUNT_ID
NRQL Reference
Common query patterns
The default collection is Log. These examples use it, but you can query any event type (Transaction, SystemSample, Metric, PageView, SyntheticCheck, etc.).
-- Fetch logs by time range
SELECT * FROM Log
WHERE `level` = 'error'
SINCE 1 hour ago
LIMIT 100
-- Filter by application or host
SELECT * FROM Log
WHERE `application` = '<APP_NAME>'
AND `level` = 'error'
SINCE 1 hour ago
LIMIT 100
-- Search by message content
SELECT * FROM Log
WHERE `message` LIKE '%timeout%'
SINCE 1 hour ago
LIMIT 100
-- Count errors by facet
SELECT count(*) FROM Log
WHERE `level` = 'error'
SINCE 1 day ago
FACET `application`
-- Query transactions (non-Log example)
SELECT average(duration), count(*)
FROM Transaction
WHERE `appName` = '<APP_NAME>'
SINCE 1 hour ago
FACET `name`
-- Infrastructure metrics (non-Log example)
SELECT average(cpuPercent), average(memoryUsedPercent)
FROM SystemSample
SINCE 30 minutes ago
FACET `hostname`
Syntax tips
SINCE/UNTILaccept ISO strings ('2026-02-25 07:15:59+01:00') or relative (1 hour ago)- Backtick-wrap field names with dots/hyphens:
`labels.app` LIMIT MAXreturns up to 5000 events; default is 100FACETgroups results by fieldTIMESERIESreturns time-bucketed data- Expand time windows progressively if queries return no results
Entity search examples
name LIKE 'my-service'
type IN ('APPLICATION')
domain = 'APM' AND reporting = 'true'
tags.environment = 'production'
alertSeverity = 'CRITICAL'
Related Skills
openclaw/openclaw-secret-scanning-maintainer
development
VerifiedTrustedCommunity
Maintainer-only workflow for handling GitHub Secret Scanning alerts on OpenClaw. Use when Codex needs to triage, redact, clean up, and resolve secret leakage found in issue comments, issue bodies, PR comments, or other GitHub content.
357,764SKILL.mdUpdated Apr 15, 2026
openclaw/openclaw-release-maintainer
development
VerifiedTrustedCommunity
Maintainer workflow for OpenClaw releases, prereleases, changelog release notes, and publish validation. Use when Codex needs to prepare or verify stable or beta release steps, align version naming, assemble release notes, check release auth requirements, or validate publish-time commands and artifacts.
357,764SKILL.mdUpdated Apr 10, 2026
openclaw/openclaw-qa-testing
development
VerifiedTrustedCommunity
Run, watch, debug, and extend OpenClaw QA testing with qa-lab and qa-channel. Use when Codex needs to execute the repo-backed QA suite, inspect live QA artifacts, debug failing scenarios, add new QA scenarios, or explain the OpenClaw QA workflow. Prefer the live OpenAI lane with regular openai/gpt-5.4 in fast mode; do not use gpt-5.4-pro or gpt-5.4-mini unless the user explicitly overrides that policy.
357,764SKILL.mdUpdated Apr 10, 2026
openclaw/openclaw-parallels-smoke
development
VerifiedTrustedCommunity
End-to-end Parallels smoke, upgrade, and rerun workflow for OpenClaw across macOS, Windows, and Linux guests. Use when Codex needs to run, rerun, debug, or interpret VM-based install, onboarding, gateway smoke tests, latest-release-to-main upgrade checks, fresh snapshot retests, or optional Discord roundtrip verification under Parallels.
357,764SKILL.mdUpdated Apr 10, 2026