grafana job from prometheus/30.1.1

Github source: 16efcc6 or master branch

Properties¶

env¶

http_proxy¶

HTTP proxy to use

https_proxy¶

HTTPS proxy to use

no_proxy¶

List of comma-separated hosts that should skip connecting to the proxy

grafana¶

alerting¶

concurrent_render_limit¶

This limit will protect the server from render overloading and make sure notifications are sent out quickly

enabled¶

Enable alerting engine & UI featuresn

error_or_timeout¶

Default setting for new alert rules (alerting, keep_state)

evaluation_timeout_seconds¶

Default setting for alert calculation timeout

execute_alerts¶

Makes it possible to turn off alert rule execution

max_annotation_age¶

Configures for how long alert annotations are stored

max_annotations_to_keep¶

Configures max number of alert annotations that Grafana stores

max_attempts¶

Default setting for max attempts to sending alert notifications

min_interval_seconds¶

Makes it possible to enforce a minimal interval between evaluations, to reduce load on the backend

nodata_or_nullvalues¶

Default setting for how Grafana handles nodata or null values in alerting (alerting, no_data, keep_state, ok)

notification_timeout_seconds¶

Default setting for alert notification timeout

analytics¶

application_insights_connection_string¶

Application Insights connection string. Specify an URL string to enable this feature

application_insights_endpoint_url¶

Specifies an Application Insights endpoint URL where the endpoint string is wrapped in backticks ``

check_for_plugin_updates¶

Set to false disables checking for new versions of installed plugins from https://grafana.co

check_for_updates¶

Set to false to disable all checks to https://grafana.net

enabled¶

Enable the analytics feature

feedback_links_enabled¶

Controls if the UI contains any links to user feedback forms

google_analytics_4_id¶

Google Analytics 4 tracking code, only enabled if you specify an id here

google_analytics_4_send_manual_page_views¶

When Google Analytics 4 Enhanced event measurement is enabled, we will try to avoid sending duplicate events and let Google Analytics 4 detect navigation changes, etc

google_analytics_ua_id¶

Google Analytics universal tracking code, only enabled if you specify an id here

google_tag_manager_id¶

Google Tag Manager ID

reporting_distributor¶

The name of the distributor of the Grafana instance. Ex hosted-grafana, grafana-labs

reporting_enabled¶

Change this option to false to disable reporting

rudderstack_config_url¶

Rudderstack Config url, optional, used by Rudderstack SDK to fetch source config

rudderstack_data_plane_url¶

Rudderstack data plane url, enabled only if rudderstack_write_key is also set

rudderstack_sdk_url¶

Rudderstack SDK url, optional, only valid if rudderstack_write_key and rudderstack_data_plane_url is also set

rudderstack_write_key¶

Rudderstack write key, enabled only if rudderstack_data_plane_url is also set

annotations¶

api¶

max_age¶

Configures how long Grafana stores API annotations

max_annotations_to_keep¶

Configures max number of API annotations that Grafana keeps

cleanupjob_batchsize¶

Configures the batch size for the annotation clean-up job. This setting is used for dashboard, API, and alert annotations

dashboard¶

max_age¶

Configures how long dashboard annotations are stored

max_annotations_to_keep¶

Configures max number of dashboard annotations that Grafana stores

tags_length¶

Enforces the maximum allowed length of the tags for any newly introduced annotations. It can be between 500 and 4096 inclusive (which is the respective’s column length)

app_mode¶

possible values : production, development

auth¶

anonymous¶

enabled¶

enable anonymous access

hide_version¶

mask the Grafana version number for unauthenticated users

org_name¶

specify organization name that should be used for unauthenticated users

org_role¶

specify role for unauthenticated users

api_key_max_seconds_to_live¶

Limit of api_key seconds to live before expiration

azure_auth_enabled¶

Set to true to enable Azure authentication option for HTTP-based datasources

azuread¶

allow_assign_grafana_admin¶

Allow or not setting the Grafana Admin role from the external provider

allow_sign_up¶

Azure AD auth allow sign up

allowed_domains¶

Azure AD auth allowed domains

allowed_groups¶

Azure AD auth allowed groups

auth_url¶

Azure AD auth url

auto_login¶

Set to true to attempt login automatically, skipping the login screen

client_id¶

Azure AD auth client id

client_secret¶

Azure AD auth client secret

enabled¶

Azure AD auth enabled

force_use_graph_api¶

Set to true to force graph API

name¶

Azure AD auth name

role_attribute_strict¶

Denies user access if no role or an invalid role is returned

scopes¶

Azure AD auth scopes

token_url¶

Azure AD auth token url

basic¶

enabled¶

Auth basic enabled

disable_login¶

Disable usage of Grafana build-in login solution

disable_login_form¶

Set to true to disable (hide) the login form, useful if you use OAuth, defaults to false

disable_signout_menu¶

Set to true to disable the signout link in the side menu

generic_oauth¶

allow_assign_grafana_admin¶

Allow or not setting the Grafana Admin role from the external provider

allow_sign_up¶

Generic OAuth allow sign up

allowed_domains¶

Generic OAuth allowed domains

allowed_organizations¶

Generic OAuth allowed organizations

api_url¶

Generic OAuth api url

auth_style¶

Controls which OAuth2 AuthStyle is used when token is requested from OAuth provider. It determines how client_id and client_secret are sent to Oauth provider. Available values are AutoDetect, InParams and InHeader

auth_url¶

Generic OAuth url

auto_login¶

Set to true to attempt login automatically, skipping the login screen

client_id¶

Generic OAuth client id

client_secret¶

Generic OAuth client secret

email_attribute_name¶

Generic OAuth email attribute name

email_attribute_path¶

Generic OAuth email attribute path

empty_scopes¶

Set empty_scopes to true to use an empty scope during authentication

enabled¶

Generic OAuth enabled

groups_attribute_path¶

JMESPath to extract groups from id_token and UserInfo

icon¶

Set OAuth icon

id_token_attribute_name¶

Attribute name to read token from token authorization response

login_attribute_path¶

Generic OAuth login attribute path

name¶

Generic OAuth name

name_attribute_path¶

Generic OAuth name attribute path

role_attribute_path¶

Generic OAuth role attribute path

role_attribute_strict¶

Denies user access if no role or an invalid role is returned

scopes¶

Generic OAuth scopes

team_ids¶

Generic OAuth team ids

team_ids_attribute_path¶

JMESPath to extract teams from id_token and UserInfo

teams_url¶

The JSON used for the path lookup is the HTTP response obtained from querying the Teams endpoint specified via the teams_url configuration option (using /teams as a fallback endpoint)

tls_client_ca¶

Generic OAuth TLS Client CA

tls_client_cert¶

Generic OAuth TLS Client cert

tls_client_key¶

Generic OAuth TLS Client key

tls_skip_verify_insecure¶

Generic OAuth TLS skip verification

token_url¶

Generic OAuth token url

use_pkce¶

IETF’s RFC 7636 introduces “proof key for code exchange” (PKCE) which introduces additional protection against some forms of authorization code interception attacks

github¶

allow_assign_grafana_admin¶

Allow or not setting the Grafana Admin role from the external provider

allow_sign_up¶

Github auth allow sign up

allowed_domains¶

Github auth allowed domains

allowed_organizations¶

Github auth allowed organizations

api_url¶

Github auth api url

auth_url¶

Github auth url

auto_login¶

Set to true to attempt login automatically, skipping the login screen

client_id¶

Github auth client id

client_secret¶

Github auth client secret

enabled¶

Github auth enabled

role_attribute_path¶

JMESPath expression to extract role from id_token

role_attribute_strict¶

Denies user access if no role or an invalid role is returned

scopes¶

Github auth scopes

team_ids¶

Github auth team ids

token_url¶

Github auth token url

gitlab¶

allow_assign_grafana_admin¶

Allow or not setting the Grafana Admin role from the external provider

allow_sign_up¶

Gitlab auth allow sign up

allowed_domains¶

Gitlab auth allowed domains

allowed_groups¶

Gitlab auth allowed groups

api_url¶

Gitlab auth api url

auth_url¶

Gitlab auth url

auto_login¶

Set to true to attempt login automatically, skipping the login screen

client_id¶

Gitlab auth client id

client_secret¶

Gitlab auth client secret

enabled¶

Gitlab auth enabled

role_attribute_path¶

Gitlab auth role attribute path

role_attribute_strict¶

Denies user access if no role or an invalid role is returned

scopes¶

Gitlab auth scopes

skip_org_role_sync¶

Prevents the synchronization of organization roles

token_url¶

Gitlab auth token url

google¶

allow_sign_up¶

Google auth allow sign up

allowed_domains¶

Google auth allowed domains

api_url¶

Google auth api url

auth_url¶

Google auth url

auto_login¶

Set to true to attempt login automatically, skipping the login screen

client_id¶

Google auth client id

client_secret¶

Google auth client secret

enabled¶

Google auth enabled

hosted_domain¶

Google auth hosted domain

scopes¶

Google auth scopes

skip_org_role_sync¶

Prevents the synchronization of organization roles

token_url¶

Google auth token url

grafanacom¶

allow_sign_up¶

Grafana.net auth allow sign up

allowed_organizations¶

Grafana.net auth allowed organizations

auto_login¶

Set to true to attempt login automatically, skipping the login screen

client_id¶

Grafana.net auth client id

client_secret¶

Grafana.net auth client secret

enabled¶

Grafana.net auth enabled

scopes¶

Grafana.net auth scopes

skip_org_role_sync¶

Prevents the synchronization of organization roles

grafananet¶

allow_sign_up¶

Grafana.net auth allow sign up

allowed_organizations¶

Grafana.net auth allowed organizations

client_id¶

Grafana.net auth client id

client_secret¶

Grafana.net auth client secret

enabled¶

Grafana.net auth enabled

scopes¶

Grafana.net auth scopes

jwt¶

allow_assign_grafana_admin¶

Allow or not setting the Grafana Admin role from the external provider

auto_sign_up¶

Auto-create users if they are not already matched

cache_ttl¶

JWT cache TTL

email_claim¶

Specify a claim to use as an email to sign in

enable_login_token¶

Set true to enable login token

enabled¶

Enable JWT login

expect_claims¶

This can be seen as a required subset of a JWT Claims Set

header_name¶

HTTP header to look into to get a JWT token

jwk_set_file¶

Key set in the same format as in JWKS endpoint but located on disk

jwk_set_url¶

Verify token using a JSON Web Key Set loaded from https endpoint

key_file¶

PEM-encoded key file in PKIX, PKCS #1, PKCS #8 or SEC 1 format.

role_attribute_path¶

JWT auth role attribute path

role_attribute_strict¶

Denies user access if no role or an invalid role is returned

skip_org_role_sync¶

Prevents the synchronization of organization roles

url_login¶

search for a JWT in the URL query parameter auth_token and use it as the authentication token

username_claim¶

Specify a claim to use as a username to sign in

ldap¶

active_sync_enabled¶

LDAP backround sync (Enterprise only)

allow_sign_up¶

Auth LDAP allow sign up

config¶

LDAP configuration (toml)

enabled¶

Auth LDAP enable

skip_org_role_sync¶

Prevents the synchronization of organization roles

sync_cron¶

LDAP backround sync (Enterprise only)

login_cookie_name¶

Login cookie name

login_maximum_inactive_lifetime_duration¶

The maximum lifetime (duration) an authenticated user can be inactive before being required to login at next visit

login_maximum_lifetime_duration¶

The maximum lifetime (duration) an authenticated user can be logged in since login time before being required to login

oauth_allow_insecure_email_lookup¶

Enable user lookup based on email in addition to using unique ID provided by IdPs.

oauth_auto_login¶

Set to true to attempt login with OAuth automatically, skipping the login screen

oauth_skip_org_role_update_sync¶

Skip forced assignment of OrgID 1 or ‘auto_assign_org_id’ for social logins

oauth_state_cookie_max_age¶

Auth state max age cookie duration

okta¶

allow_assign_grafana_admin¶

Allow or not setting the Grafana Admin role from the external provider

allow_sign_up¶

Okta auth allow sign up

allowed_domains¶

Okta auth allowed domains

allowed_groups¶

Okta auth allowed groups

api_url¶

Okta auth api url

auth_url¶

Okta auth url

auto_login¶

Set to true to attempt login automatically, skipping the login screen

client_id¶

OktaD auth client id

client_secret¶

Okta auth client secret

enabled¶

Okta auth enabled

icon¶

Set OAuth icon

name¶

Okta auth name

role_attribute_path¶

Okta auth role attribute path

role_attribute_strict¶

Denies user access if no role or an invalid role is returned

scopes¶

Okta auth scopes

skip_org_role_sync¶

Prevents the synchronization of organization roles

token_url¶

Okta auth token url

proxy¶

auto_sign_up¶

Auth proxy auto sign up

enable_login_token¶

Auth proxy enable login token

enabled¶

Auth proxy enabled

header_name¶

Auth proxy header name

header_property¶

Auth proxy header property

headers¶

Auth proxy headers

headers_encoded¶

Proxy encoded headers

sync_ttl¶

Auth proxy LDAP sync TTL

whitelist¶

Auth proxy whitelist

signout_redirect_url¶

URL to redirect the user to after sign out

sigv4_auth_enabled¶

Set to true to enable SigV4 authentication option for HTTP-based datasources

sigv4_verbose_logging¶

Set to true to enable verbose logging of SigV4 request signing

token_rotation_interval_minutes¶

How often should auth tokens be rotated for authenticated users when being active

aws¶

allowed_auth_providers¶

Enter a comma-separated list of allowed AWS authentication providers

assume_role_enabled¶

Allow AWS users to assume a role using temporary security credentials

list_metrics_page_limit¶

Specify max no of pages to be returned by the ListMetricPages API

azure¶

cloud¶

Azure cloud environment where Grafana is hosted: Possible values are AzureCloud, AzureChinaCloud, AzureUSGovernment and AzureGermanCloud

managed_identity_client_id¶

Client ID to use for user-assigned managed identity

managed_identity_enabled¶

Specifies whether Grafana hosted in Azure service with Managed Identity configured (e.g. Azure Virtual Machines instance)

dashboard_previews¶

crawler¶

max_crawl_duration¶

Maximum duration of a single crawl

rendering_timeout¶

Timeout passed down to the Image Renderer plugin

scheduler_interval¶

Minimum interval between two subsequent scheduler runs

thread_count¶

Number of dashboards rendered in parallel

dashboards¶

custom_homepage_json¶

Override the default homepage with a custom dashboard in JSON format (http://docs.grafana.org/reference/dashboard/)

default_home_dashboard_path¶

Path to the default home dashboard. If this value is empty, then Grafana uses StaticRootPath + dashboards/home.json

min_refresh_interval¶

Minimum dashboard refresh interval

versions_to_keep¶

Number dashboard versions to keep (per dashboard)

database¶

cache_mode¶

(SQLite3 only) Cache mode setting used for connecting to the database

conn_max_lifetime¶

Connection Max Lifetime

host¶

(MySQL & PostgreSQL only) Database Host. If not set, a ‘database’ link is expected

log_queries¶

Set to true to log the sql calls and execution times

max_idle_conn¶

(MySQL & PostgreSQL only) Database max idle connections

max_open_conn¶

(MySQL & PostgreSQL only) Database max open connections

name¶

(MySQL & PostgreSQL only) Database Name

password¶

(MySQL & PostgreSQL only) Database Password

port¶

(MySQL & PostgreSQL only) Database Port

server_cert_name¶

(MySQL only) The common name field of the certificate used by the mysql server. Not necessary if ssl_mode is set to ‘skip-verify’

ssl_mode¶

(MySQL & PostgreSQL only) For Postgres, use either ‘disable’, ‘require’ or ‘verify-full’. For MySQL, use either ‘true’, ‘false’, or ‘skip-verify’

tls_client_ca¶

(MySQL & PostgreSQL only) Database TLS client CA

tls_client_cert¶

(MySQL & PostgreSQL only) Database TLS client cert

tls_client_key¶

(MySQL & PostgreSQL only) Database TLS client key

type¶

Database Type, either ‘mysql’, ‘postgres’ or ‘sqlite3’

Default

sqlite3

user¶

(MySQL & PostgreSQL only) Database User

wal¶

(SQLite3 only & optional) Setting it to true enables SQLite WAL (Write-Ahead Logging). Possible values are true, false. If not set defaults to false for Grafana

datasources¶

create¶

List of datasources in YAML format that Grafana will add or update during start up

datasource_limit¶

Set maximum number of datasources

delete¶

List of datasources in YAML format that Grafana will delete before inserting/updating those in create list

date_formats¶

default_timezone¶

Default timezone for user preferences

full_date¶

Default system date format used in time range picker and other places where full time is displayed

interval_day¶

Interval day (used by graph and other places where we only show small intervals)

interval_hour¶

Interval hour (used by graph and other places where we only show small intervals)

interval_minute¶

Interval minute (used by graph and other places where we only show small intervals)

interval_month¶

Interval month (used by graph and other places where we only show small intervals)

interval_second¶

Interval second (used by graph and other places where we only show small intervals)

interval_year¶

Interval year (used by graph and other places where we only show small intervals)

use_browser_locale¶

Use browser local (experimental feature)

emails¶

content_types¶

Enter a comma-separated list of content types that should be included in the emails that are sent

templates_pattern¶

Enter a comma separated list of template patterns. Default is emails/.html, emails/.txt

welcome_email_on_sign_up¶

Welcome email on sign up

enterprise¶

license¶

Enterprise license

explore¶

enabled¶

Enable the Explore section

expressions¶

enabled¶

Enable or disable the expressions functionality

external_image_storage¶

azure¶

account_key¶

Azure account key

account_name¶

Azure account name

container_name¶

Azure container name

sas_token_expiration_days¶

Number of days for SAS token validity. If specified SAS token will be attached to image URL. Allow storing images in private containers

gcs¶

bucket¶

GCS bucket

enable_signed_urls¶

If set to true, Grafana creates a signed URL for the image uploaded to Google Cloud Storage

json_key¶

GCS JSON Key

path¶

GCS path

signed_url_expiration¶

Sets the signed URL expiration, which defaults to seven days.

provider¶

Used for uploading images to public servers so they can be included in slack/email messages (s3, webdav, gcs, azure_blob, local)

s3¶

access_key¶

S3 Access Key

bucket¶

S3 Bucket

bucket_url¶

S3 Bucket URL

endpoint¶

S3 Endpoint

path¶

S3 Bucket Path

path_style_access¶

S3 Path Style Access

region¶

S3 Region

secret_key¶

S3 Secret Key

webdav¶

password¶

Webdav Password

public_url¶

Webdav public URL

url¶

Webdav URL

username¶

Webdav Username

feature_toggles¶

enable¶

Enable features, separated by spaces

force_migration¶

Force migration will run migrations that might cause data loss. Default is false

geomap¶

default_baselayer_config¶

Set the JSON configuration for the default basemap

enable_custom_baselayers¶

Enable or disable loading other base map layers

grafana_com¶

api_url¶

Api URL

url¶

Url used to to import dashboards directly from Grafana.com

grafana_net¶

url¶

Url used to to import dashboards directly from Grafana.net

help¶

enabled¶

Enable the Help section

influxdb¶

database¶

InfluxDB database to configure as Grafana data source

datasource_input_name¶

Name of the InfluxDB datasource input name

Default

DS_INFLUXDB

datasource_name¶

Name of the InfluxDB datasource

Default

influxdb

password¶

InfluxDB password to configure as Grafana data source

url¶

InfluxDB URL to configure as Grafana data source

username¶

InfluxDB user to configure as Grafana data source

instance_name¶

Set the name of the grafana-server instance. Used in logging, internal metrics, and clustering info

live¶

allowed_origins¶

allowed_origins is a comma-separated list of origins that can establish connection with Grafana Live

ha_engine¶

engine defines an HA (high availability) engine to use for Grafana Live

ha_engine_address¶

ha_engine_address sets a connection address for Live HA engine

max_connections¶

max_connections to Grafana Live WebSocket endpoint per Grafana server instance

log¶

console¶

format¶

log line format, valid options are text, console and json

level¶

log level

file¶

daily_rotate¶

Segment log daily

format¶

log line format, valid options are text, console and json

level¶

log level

log_rotate¶

This enables automated log rotate(switch of following options)

max_days¶

Expired days of log file(delete after max days)

max_lines¶

Max line number of single file

max_size_shift¶

Max size shift of single file

filters¶

Optional settings to set different levels for specific loggers

frontend¶

api_key¶

Api Key, only applies to Grafana Javascript Agent provider

custom_endpoint¶

Custom HTTP endpoint to send events to. Default will log the events to stdout

enabled¶

Should Sentry javascript agent be initialized

instrumentations_console_enabled¶

Should console instrumentation be enabled, only affects Grafana Javascript Agent

instrumentations_errors_enabled¶

Should error instrumentation be enabled, only affects Grafana Javascript Agent

instrumentations_webvitals_enabled¶

Should webvitals instrumentation be enabled, only affects Grafana Javascript Agent

log_endpoint_burst_limit¶

Max requests accepted per short interval of time for Grafana backend log ingestion endpoint (/log)

log_endpoint_requests_per_second_limit¶

Requests per second limit enforced per an extended period, for Grafana backend log ingestion endpoint (/log).

provider¶

Defines which provider to use sentry or grafana

sample_rate¶

Rate of events to be reported to Sentry between 0 (none) and 1 (all), float

sentry_dsn¶

Sentry DSN if you want to send events to Sentry

level¶

log level. Either ‘trace’, ‘debug’, ‘info’, ‘warn’, ‘error’, ‘critical’

mode¶

Either ‘console’, ‘file’, ‘syslog’. Use space to separate multiple modes

syslog¶

address¶

Syslog address

facility¶

Syslog facility. user, daemon and local0 through local7 are valid

format¶

log line format, valid options are text, console and json

level¶

log level

network¶

Syslog network type. This can be udp, tcp, or unix

tag¶

Syslog tag

metrics¶

basic_auth¶

password¶

Basic auth password for the metrics endpoint

username¶

Basic auth username for the metrics endpoint

disable_total_stats¶

Disable total stats (stattotals*) metrics to be generated

enabled¶

Enable internal metrics

environment_info¶

Metrics environment info adds dimensions to the grafana_environment_info metric, which can expose more information about the Grafana instance

Example

exampleLabel1: exampleValue1
exampleLabel2: exampleValue2

graphite¶

address¶

Graphite address

prefix¶

Graphite prefix

interval_seconds¶

Publish interval

panels¶

disable_sanitize_html¶

Disable sanitize HTML

enable_alpha¶

Enable alpha panels

paths¶

temp_data_lifetime¶

Temporary files in data directory older than given duration will be removed

plugin¶

grafana_image_renderer¶

grpc_host¶

Change the listening host of the gRPC server

grpc_port¶

Change the listening port of the gRPC server

rendering_args¶

Additional arguments to pass to the headless browser instance

rendering_chrome_bin¶

You can configure the plugin to use a different browser binary instead of the pre-packaged version of Chromium

rendering_clustering_max_concurrency¶

When rendering_mode = clustered you can define maximum number of browser instances/incognito pages that can execute concurrently

rendering_clustering_mode¶

When rendering_mode = clustered you can instruct how many browsers or incognito pages can execute concurrently

rendering_clustering_timeout¶

When rendering_mode = clustered, you can specify the duration a rendering request can take before it will time out

rendering_dumpio¶

Instruct headless browser instance whether to output its debug and error messages into running process of remote rendering service

rendering_ignore_https_errors¶

Instruct headless browser instance whether to ignore HTTPS errors during navigation

rendering_language¶

Instruct headless browser instance to use a default language when not provided by Grafana

rendering_mode¶

Instruct how headless browser instances are created

rendering_timezone¶

Instruct headless browser instance to use a default timezone when not provided by Grafana

rendering_verbose_logging¶

Instruct headless browser instance whether to capture and log verbose information when rendering an image

rendering_viewport_device_scale_factor¶

Instruct headless browser instance to use a default device scale factor when not provided by Grafana

rendering_viewport_max_device_scale_factor¶

Limit the maximum viewport device scale factor that can be requested

rendering_viewport_max_height¶

Limit the maximum viewport height that can be requested

rendering_viewport_max_width¶

Limit the maximum viewport width that can be requested

plugins¶

allow_loading_unsigned_plugins¶

Enter a comma-separated list of plugin identifiers to identify plugins that are allowed to be loaded even if they lack a valid signature

app_tls_skip_verify_insecure¶

Skip verify insecure for app tls

enable_alpha¶

Enable alpha plugins

plugin_admin_enabled¶

Enable or disable installing / uninstalling / updating plugins directly from within Grafana.

plugin_admin_external_manage_enabled¶

Set to true if you want to enable external management of plugins. Default is false. This is only applicable to Grafana Cloud users

plugin_catalog_hidden_plugins¶

Enter a comma-separated list of plugin identifiers to hide in the plugin catalog

plugin_catalog_url¶

Custom install/learn more URL for enterprise plugins. Defaults to https://grafana.com/grafana/plugins/

profile¶

enabled¶

Enable the Profile section

prometheus¶

dashboard_files¶

Array of dashboard json file locations or glob patterns

dashboard_folders¶

Array of grafana folders and dashboard json file locations or glob patterns

Example

- disable_deletion: true
  editable: false
  files:
  - /var/vcap/packages/my_dashboards/*
  name: My Dashboards

datasource_input_name¶

Name of the Prometehus datasource input name

Default

DS_PROMETHEUS

datasource_name¶

Name of the Prometheus datasource

Default

prometheus

tls_skip_verify¶

Skip TLS verification

use_external_url¶

If true and prometheus provides one, use the external url to reach prometheus

Default

true

query_history¶

enabled¶

Enable the Query history

quota¶

enabled¶

Enable Usage Quotas

global_alert_rule¶

global limit of alerts

global_api_key¶

global limit of api_keys

global_dashboard¶

global limit of dashboards

global_file¶

global limit of files uploaded to the SQL DB

global_org¶

global limit of orgs

global_session¶

global limit on number of logged in users

global_user¶

Global limit of users

org_alert_rule¶

limit number of alerts per Org

org_api_key¶

limit number of api_keys per Org

org_dashboard¶

limit number of dashboards per Org

org_data_source¶

limit number of data_sources per Org

org_user¶

limit number of users per Org

user_org¶

limit number of orgs a user can create

rbac¶

permission_cache¶

If enabled, cache permissions in a in memory cache

reset_basic_roles¶

Reset basic roles permissions on boot

remote_cache¶

connstr¶

Connection string

encryption¶

This enables encryption of values stored in the remote cache

prefix¶

Prefix prepended to all the keys in the remote cache

type¶

Either ‘redis’, ‘memcached’, ‘database’

Default

database

rendering¶

callback_url¶

External image rendering callback URL

concurrent_render_request_limit¶

External image rendering concurrent render request limit

render_key_lifetime¶

Determines the lifetime of the render key used by the image renderer to access and render Grafana

renderer_token¶

An auth token that will be sent to and verified by the renderer

server_url¶

External image rendering server URL

search¶

dashboard_loading_batch_size¶

Defines the number of dashboards loaded at once in a batch during a full reindex

full_reindex_interval¶

Defines the frequency of a full search reindex

index_update_interval¶

Defines the frequency of partial index updates based on recent changes such as dashboard updates

secure_socks_datasource_proxy¶

client_cert¶

Socks datasource client certificate

client_key¶

Socks datasource client key

enabled¶

Enable feature secure socks5 datasource proxy

proxy_address¶

The address of the socks5 proxy datasources should connect to

root_ca_cert¶

Socks datasource client CA certificate

server_name¶

Socks datasource client server name

security¶

admin_email¶

Default admin email, created on startup

admin_password¶

default admin password

admin_user¶

default admin user

Default

admin

allow_embedding¶

Set to true if you want to allow browsers to render Grafana in a

angular_support_enabled¶

Controls if old angular plugins are supported or not. This will be disabled by default in future release

available_encryption_providers¶

list of configured key providers, space separated (Enterprise only): e.g., awskms.v1 azurekv.v1

content_security_policy¶

Enable adding the Content-Security-Policy header to your requests

content_security_policy_report_only¶

Enable adding the Content-Security-Policy-Report-Only header to your requests

content_security_policy_report_only_template¶

Set Content Security Policy Report Only template used when adding the Content-Security-Policy-Report-Only header to your requests

content_security_policy_template¶

Set Content Security Policy template used when adding the Content-Security-Policy header to your requests

cookie_samesite¶

Set cookie SameSite attribute (lax, strict and none)

cookie_secure¶

Set to true if you host Grafana behind HTTPS

cstrict_transport_security_max_age_seconds¶

Sets how long a browser should cache HSTS. Only applied if strict_transport_security is enabled

data_source_proxy_whitelist¶

data source proxy whitelist (ip_or_domain:port separated by spaces)

disable_brute_force_login_protection¶

disable protection against brute force login attempts

disable_gravatar¶

disable gravatar profile images

disable_initial_admin_creation¶

Disable creation of admin user on first start of grafana

secret_key¶

used for signing

strict_transport_security¶

Set to true if you want to enable http strict transport security (HSTS) response header

strict_transport_security_preload¶

Set to true if to enable HSTS preloading option. Only applied if strict_transport_security is enabled

strict_transport_security_subdomains¶

Set to true if to enable the HSTS includeSubDomains option. Only applied if strict_transport_security is enabled

x_content_type_options¶

Set to true to enable the X-Content-Type-Options response header

x_xss_protection¶

Set to true to enable the X-XSS-Protection header, which tells browsers to stop pages from loadingwhen they detect reflected cross-site scripting (XSS) attacks

server¶

cdn_url¶

Specify a full HTTP URL address to the root of your Grafana CDN assets

custom_response_headers¶

This setting enables you to specify additional headers that the server adds to HTTP(S) responses

Example

exampleHeader1: exampleValue1
exampleHeader2: exampleValue2

domain¶

The public facing domain name used to access grafana from a browser

enable_gzip¶

Enable gzip

enforce_domain¶

Redirect to correct domain if host header does not match domain

http_addr¶

The ip address to bind to, empty will bind to all interfaces

http_port¶

The http port to bind to

Default

3000

protocol¶

Protocol (http or https)

read_timeout¶

Sets the maximum time using a duration format (5s/5m/5ms) before timing out read

root_url¶

The full public facing url

router_logging¶

Log web requests

serve_from_sub_path¶

Serve Grafana from subpath specified in root_url setting

socket_gid¶

GID where the socket should be set when protocol=socket

socket_mode¶

Mode where the socket should be set when protocol=socket

ssl_cert¶

SSL certificate (PEM encoded)

ssl_key¶

SSL private key (PEM encoded)

static_root_path¶

The relative working path

service_accounts¶

token_expiration_day_limit¶

When set, Grafana will not allow the creation of tokens with expiry greater than this setting

smtp¶

ehlo_identity¶

EHLO identity in SMTP dialog (defaults to instance_name)

enabled¶

SMTP enabled

from_address¶

SMTP from address

from_name¶

SMTP from name

host¶

SMTP host

password¶

SMTP password

skip_verify¶

SMTP skip SSL verification

ssl_cert¶

SMTP SSL certificate

ssl_key¶

SMTP SSL private key

starttls_policy¶

SMTP Start TLS policy

user¶

SMTP user

snapshots¶

enabled¶

set to false to remove snapshot functionality

external_enabled¶

Extenal snaphot enabled

external_snapshot_name¶

External snapshot name

external_snapshot_url¶

External snapshot URL

public_mode¶

Set to true to enable this Grafana instance act as an external snapshot server and allow unauthenticated requests for creating and deleting snapshots

remove_expired¶

Remove expired snapshots

sql_datasources¶

max_conn_lifetime_default¶

maximum connection lifetime used when connecting to SQL based data sources

max_idle_conns_default¶

maximum number of idle connections maintained in the connection pool when connecting to SQL based data sources

max_open_conns_default¶

maximum number of open connections maintained in the connection pool when connecting to SQL based data sources

storage¶

allow_unsanitized_svg_upload¶

Allow uploading SVG files without sanitization

support_bundles¶

enabled¶

Enable support bundle creation (default: true)

public_keys¶

If set, bundles will be encrypted with the provided public keys separated by whitespace

server_admin_only¶

Only server admins can generate and view support bundles (default: true)

tracing¶

jaeger¶

address¶

jaeger destination (ex localhost:6831)

always_included_tag¶

tag that will always be included in when creating new spans

disable_shared_zipkin_spans¶

Setting this to true disables shared RPC spans

sampler_param¶

jaeger samplerconfig param

sampler_type¶

Type specifies the type of the sampler: const, probabilistic, rateLimiting, or remote

sampling_server_url¶

Sampling_server_url is the URL of a sampling manager providing a sampling strategy.

zipkin_propagation¶

Whether or not to use Zipkin span propagation (x-b3- HTTP headers)

opentelemetry¶

custom_attributes¶

attributes that will always be included in when creating new spans. ex (key1:value1,key2:value2)

jaeger¶

address¶

jaeger destination (ex http://localhost:14268/api/traces)

propagation¶

Propagation specifies the text map propagation format: w3c, jaeger

otlp¶

address¶

otlp destination (ex localhost:4317)

propagation¶

Propagation specifies the text map propagation format: w3c, jaeger

unified_alerting¶

admin_config_poll_interval¶

Specify the frequency of polling for admin config changes

alertmanager_config_poll_interval¶

Specify the frequency of polling for Alertmanager config changes

disabled_orgs¶

Comma-separated list of organization IDs for which to disable unified alerting

enabled¶

Enable the Unified Alerting sub-system and interface

evaluation_timeout¶

Alert evaluation timeout when fetching data from the datasource

execute_alerts¶

Enable or disable alerting rule execution. The alerting UI remains visible

ha_advertise_address¶

Explicit address/hostname and port to advertise other Grafana instances

ha_gossip_interval¶

The interval between sending gossip messages

ha_listen_address¶

Listen address/hostname and port to receive unified alerting messages for other Grafana instances

ha_peer_timeout¶

Time to wait for an instance to send a notification via the Alertmanager

ha_peers¶

Comma-separated list of initial instances (in a format of host:port) that will form the HA cluster

ha_push_pull_interval¶

The interval between gossip full state syncs

max_attempts¶

Number of times we’ll attempt to evaluate an alert rule before giving up on that evaluation

min_interval¶

Minimum interval to enforce between rule evaluations

reserved_labels¶

disabled_labels¶

Comma-separated list of reserved labels added by the Grafana Alerting engine that should be disabled

screenshots¶

capture¶

Enable screenshots in notifications. This option requires the Grafana Image Renderer plugin

capture_timeout¶

The timeout for capturing screenshots

max_concurrent_screenshots¶

The maximum number of screenshots that can be taken at the same time

upload_external_image_storage¶

Uploads screenshots to the local Grafana server or remote storage such as Azure, S3 and GCS

state_history¶

enabled¶

Enable the state history functionality in Unified Alerting

users¶

allow_org_create¶

Allow non admin users to create organizations

allow_sign_up¶

disable user signup / registration

auto_assign_org¶

Set to true to automatically assign new users to the default organization (id 1)

auto_assign_org_id¶

Set this value to automatically add new users to the provided organization (if auto_assign_org above is set to true)

auto_assign_org_role¶

Default role new users will be automatically assigned (if disabled above is set to true)

default_language¶

Default UI language (supported IETF language tag, such as en-US)

default_theme¶

Default UI theme (‘dark’ or ‘light’)

editors_can_admin¶

Editors can administrate dashboard, folders and teams they create

external_manage_info¶

External user management info

external_manage_link_name¶

External user management link name

external_manage_link_url¶

External user management link URL

hidden_users¶

Enter a comma-separated list of usernames to hide them in the Grafana UI. These users are shown to Grafana admins and to themselves

home_page¶

Path to a custom home page. Users are only redirected to this if the default home dashboard is used. It should match a frontend route and contain a leading slash

login_hint¶

Background text for the user field on the login page

password_hint¶

Background text for the password field on the login page

seeded_global_users¶

Array of Grafana users to be seeded

Default

[]

Example

- email: [email protected]
  login: user
  name: user name
  password: userpassword

user_invite_max_lifetime_duration¶

The duration in time a user invitation remains valid before expiring. This setting should be expressed as a duration. Examples: 6h (hours), 2d (days), 1w (week)

verify_email_enabled¶

Require email validation before sign up completes

viewers_can_edit¶

Viewers can edit/inspect dashboard settings in the browser but not save the dashboard

Templates¶

Templates are rendered and placed onto corresponding instances during the deployment process. This job's templates will be placed into /var/vcap/jobs/grafana/ directory (learn more).

• bin/grafana-admin-password (from bin/grafana-admin-password)
• bin/grafana-homepage (from bin/grafana-homepage)
• bin/grafana-users (from bin/grafana-users)
• bin/post-start (from bin/post-start)
• bin/pre-start (from bin/pre-start)
• bin/prometheus-dashboards (from bin/prometheus-dashboards)
• config/bpm.yml (from bpm.yml.erb)
• config/database_tls_client_ca.pem (from config/database_tls_client_ca.pem)
• config/database_tls_client_cert.pem (from config/database_tls_client_cert.pem)
• config/database_tls_client_key.pem (from config/database_tls_client_key.pem)
• config/gcs_key.json (from config/gcs_key.json)
• config/generic_oauth_tls_client_ca.pem (from config/generic_oauth_tls_client_ca.pem)
• config/generic_oauth_tls_client_cert.pem (from config/generic_oauth_tls_client_cert.pem)
• config/generic_oauth_tls_client_key.pem (from config/generic_oauth_tls_client_key.pem)
• config/grafana.ini (from config/grafana.ini)
• config/grpc_server_cert.pem (from config/grpc_server_cert.pem)
• config/grpc_server_key.pem (from config/grpc_server_key.pem)
• config/jwt_key.pem (from config/jwt_key.pem)
• config/ldap.toml (from config/ldap.toml)
• config/license.jwt (from config/license.jwt)
• config/provisioning/dashboards/default.yml (from config/provisioning/dashboards/default.yml)
• config/provisioning/dashboards/folders.yml (from config/provisioning/dashboards/folders.yml)
• config/provisioning/datasources/custom.yml (from config/provisioning/datasources/custom.yml)
• config/provisioning/datasources/influxdb.yml (from config/provisioning/datasources/influxdb.yml)
• config/provisioning/datasources/prometheus.yml (from config/provisioning/datasources/prometheus.yml)
• config/saml_certificate.pem (from config/saml_certificate.pem)
• config/saml_ipd_metadata.xml (from config/saml_ipd_metadata.xml)
• config/saml_private_key.pem (from config/saml_private_key.pem)
• config/smtp_cert.pem (from config/smtp_cert.pem)
• config/smtp_key.pem (from config/smtp_key.pem)
• config/ssl_cert.pem (from config/ssl_cert.pem)
• config/ssl_key.pem (from config/ssl_key.pem)

Packages¶

Packages are compiled and placed onto corresponding instances during the deployment process. Packages will be placed into /var/vcap/packages/ directory.

• grafana
• grafana_jq
• grafana_plugins