QueryWise
Log inBook a Demo
GovernanceIntegrationsWorkflows

Workflows & Integrations

7 min read

QueryWise is most useful when its output goes where engineering and finance already work. This page covers the integrations and workflows that move recommendations and alerts out of the dashboard and into your team's tools.

JIRA

Connect at: Settings → Integrations → JIRA

OAuth-based — click connect, authorize the QueryWise OAuth app on your Atlassian site, and pick a default project.

What you can do:

  • Push any recommendation as a JIRA issue, with the title, description, evidence, remediation, and savings estimate as the body.
  • Configure default labels and an issue type per category.
  • Bi-directional status sync: when the JIRA issue closes, the recommendation is marked applied (or rejected, depending on resolution).
  • Bulk push from the recommendations page.

JIRA OAuth tokens are encrypted at rest in the encrypted_tokens column. They're never returned in API responses.

ServiceNow

Connect at: Settings → Integrations → ServiceNow

ServiceNow uses OAuth too, but requires an instance_url parameter (unlike JIRA's centralized auth). The flow is otherwise identical: connect, pick a default table (typically incident or change_request), and start pushing recommendations.

ServiceNow ticket sync runs on the same bi-directional model as JIRA — closing the ticket marks the recommendation applied.

Slack

Connect at: Settings → Integrations → Slack

Two flavors:

  • Incoming webhook — paste your Slack webhook URL, pick a default channel. Alerts are posted as formatted messages with a "View in QueryWise" link.
  • Bot integration — for tenants that want richer interactions; available on enterprise plans.

You can route different alert categories to different channels. Common pattern: #finops-alerts for budget alerts, #data-platform for query/pipeline alerts.

The Slack integration is also where the weekly intelligence briefing posts — a digest of new high-severity recommendations, budget burn changes, and cost anomalies.

Email notifications

Configure at Settings → Notifications:

  • Per-user channel preferences (digest, immediate, off)
  • Per-category routing (alerts, recommendations, reports)
  • Daily digest time

Email is the fallback channel — even when Slack/JIRA/ServiceNow are configured, owner-targeted alerts also go to email unless explicitly disabled.

Auto-apply policies

Auto-apply is for recommendations safe enough to apply without human review. Define policies at Settings → Auto-Apply:

  • Scope — vendor, category, severity range
  • Conditions — confidence threshold, account allowlist
  • Approval — manual / automatic / time-delayed (e.g. "auto-apply after 24h if not rejected")

The default policy ships disabled. We recommend enabling it only for low-risk categories like Snowflake auto-suspend tweaks and unused-index removal — and only after you've watched a quarter's worth of ticket-synced recs land cleanly.

The apply worker logs every action to the audit log with the policy that triggered it.

Budget alerts

Budgets fire alerts when burn crosses configurable thresholds (default: 50%, 75%, 90%, 100%). Each budget can route to:

  • The budget owner (email)
  • A Slack channel
  • A JIRA ticket (created on first cross of 90%)
  • The general alerts feed in Alerts

Budgets can be defined per cost center, per tag value, or as a "global" budget across the tenant.

Cost anomaly alerts

The anomaly detection worker runs every hour and flags spend that's outside the historical envelope. Alerts include:

  • The vendor and service that drove the anomaly
  • The expected vs actual spend for the window
  • Top suspect resources (the resources whose spend changed most)

Anomaly alerts route through the same channels as budget alerts.

Weekly intelligence briefing

Sent to all admin/owner users by default (configurable). Contents:

  • Top 5 new high-severity recommendations
  • Budget burn changes vs last week
  • Cost anomalies detected this week
  • Tag coverage trend
  • AI spend trend

The briefing is also available as a one-off API call: GET /api/v1/reports/weekly-intelligence.

API keys for CI/CD

For programmatic access (e.g. CI pipeline checking budget burn before deploying), generate an API key at Settings → API Keys. Keys are scoped to a role and can be rotated/revoked.

Common pattern: a CI step that hits GET /api/v1/budgets?status=critical and fails the build if any team is over budget.

Where to next

Previous

Tags & Allocation

Next

RBAC & Tenancy

Need help with onboarding?

Design partners get full docs plus hands-on support from our engineering team.

Book a DemoMore Docs