grafana job from prometheus/30.5.0
Github source:
0f9218c
or
master branch
Properties¶
env
¶
http_proxy
¶HTTP proxy to use
https_proxy
¶HTTPS proxy to use
no_proxy
¶List of comma-separated hosts that should skip connecting to the proxy
grafana
¶
alerting
¶
concurrent_render_limit
¶This limit will protect the server from render overloading and make sure notifications are sent out quickly
enabled
¶Enable alerting engine & UI featuresn
error_or_timeout
¶Default setting for new alert rules (alerting, keep_state)
evaluation_timeout_seconds
¶Default setting for alert calculation timeout
execute_alerts
¶Makes it possible to turn off alert rule execution
max_annotation_age
¶Configures for how long alert annotations are stored
max_annotations_to_keep
¶Configures max number of alert annotations that Grafana stores
max_attempts
¶Default setting for max attempts to sending alert notifications
min_interval_seconds
¶Makes it possible to enforce a minimal interval between evaluations, to reduce load on the backend
nodata_or_nullvalues
¶Default setting for how Grafana handles nodata or null values in alerting (alerting, no_data, keep_state, ok)
notification_timeout_seconds
¶Default setting for alert notification timeout
analytics
¶
application_insights_connection_string
¶Application Insights connection string. Specify an URL string to enable this feature
application_insights_endpoint_url
¶Specifies an Application Insights endpoint URL where the endpoint string is wrapped in backticks ``
check_for_plugin_updates
¶Set to false disables checking for new versions of installed plugins from https://grafana.co
check_for_updates
¶Set to false to disable all checks to https://grafana.net
enabled
¶Enable the analytics feature
feedback_links_enabled
¶Controls if the UI contains any links to user feedback forms
google_analytics_4_id
¶Google Analytics 4 tracking code, only enabled if you specify an id here
google_analytics_4_send_manual_page_views
¶When Google Analytics 4 Enhanced event measurement is enabled, we will try to avoid sending duplicate events and let Google Analytics 4 detect navigation changes, etc
google_analytics_ua_id
¶Google Analytics universal tracking code, only enabled if you specify an id here
google_tag_manager_id
¶Google Tag Manager ID
reporting_distributor
¶The name of the distributor of the Grafana instance. Ex hosted-grafana, grafana-labs
reporting_enabled
¶Change this option to false to disable reporting
rudderstack_config_url
¶Rudderstack Config url, optional, used by Rudderstack SDK to fetch source config
rudderstack_data_plane_url
¶Rudderstack data plane url, enabled only if rudderstack_write_key is also set
rudderstack_sdk_url
¶Rudderstack SDK url, optional, only valid if rudderstack_write_key and rudderstack_data_plane_url is also set
rudderstack_write_key
¶Rudderstack write key, enabled only if rudderstack_data_plane_url is also set
annotations
¶
api
¶
max_age
¶Configures how long Grafana stores API annotations
max_annotations_to_keep
¶Configures max number of API annotations that Grafana keeps
cleanupjob_batchsize
¶Configures the batch size for the annotation clean-up job. This setting is used for dashboard, API, and alert annotations
dashboard
¶
max_age
¶Configures how long dashboard annotations are stored
max_annotations_to_keep
¶Configures max number of dashboard annotations that Grafana stores
tags_length
¶Enforces the maximum allowed length of the tags for any newly introduced annotations. It can be between 500 and 4096 inclusive (which is the respective’s column length)
app_mode
¶possible values : production, development
auth
¶
anonymous
¶
enabled
¶enable anonymous access
hide_version
¶mask the Grafana version number for unauthenticated users
org_name
¶specify organization name that should be used for unauthenticated users
org_role
¶specify role for unauthenticated users
api_key_max_seconds_to_live
¶Limit of api_key seconds to live before expiration
azure_auth_enabled
¶Set to true to enable Azure authentication option for HTTP-based datasources
azuread
¶
allow_assign_grafana_admin
¶Allow or not setting the Grafana Admin role from the external provider
allow_sign_up
¶Azure AD auth allow sign up
allowed_domains
¶Azure AD auth allowed domains
allowed_groups
¶Azure AD auth allowed groups
auth_url
¶Azure AD auth url
auto_login
¶Set to true to attempt login automatically, skipping the login screen
client_id
¶Azure AD auth client id
client_secret
¶Azure AD auth client secret
enabled
¶Azure AD auth enabled
force_use_graph_api
¶Set to true to force graph API
name
¶Azure AD auth name
role_attribute_strict
¶Denies user access if no role or an invalid role is returned
scopes
¶Azure AD auth scopes
token_url
¶Azure AD auth token url
basic
¶
enabled
¶Auth basic enabled
disable_login
¶Disable usage of Grafana build-in login solution
disable_login_form
¶Set to true to disable (hide) the login form, useful if you use OAuth, defaults to false
disable_signout_menu
¶Set to true to disable the signout link in the side menu
generic_oauth
¶
allow_assign_grafana_admin
¶Allow or not setting the Grafana Admin role from the external provider
allow_sign_up
¶Generic OAuth allow sign up
allowed_domains
¶Generic OAuth allowed domains
allowed_organizations
¶Generic OAuth allowed organizations
api_url
¶Generic OAuth api url
auth_style
¶Controls which OAuth2 AuthStyle is used when token is requested from OAuth provider. It determines how client_id and client_secret are sent to Oauth provider. Available values are AutoDetect, InParams and InHeader
auth_url
¶Generic OAuth url
auto_login
¶Set to true to attempt login automatically, skipping the login screen
client_id
¶Generic OAuth client id
client_secret
¶Generic OAuth client secret
email_attribute_name
¶Generic OAuth email attribute name
email_attribute_path
¶Generic OAuth email attribute path
empty_scopes
¶Set empty_scopes to true to use an empty scope during authentication
enabled
¶Generic OAuth enabled
groups_attribute_path
¶JMESPath to extract groups from id_token and UserInfo
icon
¶Set OAuth icon
id_token_attribute_name
¶Attribute name to read token from token authorization response
login_attribute_path
¶Generic OAuth login attribute path
name
¶Generic OAuth name
name_attribute_path
¶Generic OAuth name attribute path
role_attribute_path
¶Generic OAuth role attribute path
role_attribute_strict
¶Denies user access if no role or an invalid role is returned
scopes
¶Generic OAuth scopes
team_ids
¶Generic OAuth team ids
team_ids_attribute_path
¶JMESPath to extract teams from id_token and UserInfo
teams_url
¶The JSON used for the path lookup is the HTTP response obtained from querying the Teams endpoint specified via the teams_url configuration option (using /teams as a fallback endpoint)
tls_client_ca
¶Generic OAuth TLS Client CA
tls_client_cert
¶Generic OAuth TLS Client cert
tls_client_key
¶Generic OAuth TLS Client key
tls_skip_verify_insecure
¶Generic OAuth TLS skip verification
token_url
¶Generic OAuth token url
use_pkce
¶IETF’s RFC 7636 introduces “proof key for code exchange” (PKCE) which introduces additional protection against some forms of authorization code interception attacks
github
¶
allow_assign_grafana_admin
¶Allow or not setting the Grafana Admin role from the external provider
allow_sign_up
¶Github auth allow sign up
allowed_domains
¶Github auth allowed domains
allowed_organizations
¶Github auth allowed organizations
api_url
¶Github auth api url
auth_url
¶Github auth url
auto_login
¶Set to true to attempt login automatically, skipping the login screen
client_id
¶Github auth client id
client_secret
¶Github auth client secret
enabled
¶Github auth enabled
role_attribute_path
¶JMESPath expression to extract role from id_token
role_attribute_strict
¶Denies user access if no role or an invalid role is returned
scopes
¶Github auth scopes
team_ids
¶Github auth team ids
token_url
¶Github auth token url
gitlab
¶
allow_assign_grafana_admin
¶Allow or not setting the Grafana Admin role from the external provider
allow_sign_up
¶Gitlab auth allow sign up
allowed_domains
¶Gitlab auth allowed domains
allowed_groups
¶Gitlab auth allowed groups
api_url
¶Gitlab auth api url
auth_url
¶Gitlab auth url
auto_login
¶Set to true to attempt login automatically, skipping the login screen
client_id
¶Gitlab auth client id
client_secret
¶Gitlab auth client secret
enabled
¶Gitlab auth enabled
role_attribute_path
¶Gitlab auth role attribute path
role_attribute_strict
¶Denies user access if no role or an invalid role is returned
scopes
¶Gitlab auth scopes
skip_org_role_sync
¶Prevents the synchronization of organization roles
token_url
¶Gitlab auth token url
allow_sign_up
¶Google auth allow sign up
allowed_domains
¶Google auth allowed domains
api_url
¶Google auth api url
auth_url
¶Google auth url
auto_login
¶Set to true to attempt login automatically, skipping the login screen
client_id
¶Google auth client id
client_secret
¶Google auth client secret
enabled
¶Google auth enabled
hosted_domain
¶Google auth hosted domain
scopes
¶Google auth scopes
skip_org_role_sync
¶Prevents the synchronization of organization roles
token_url
¶Google auth token url
grafanacom
¶
allow_sign_up
¶Grafana.net auth allow sign up
allowed_organizations
¶Grafana.net auth allowed organizations
auto_login
¶Set to true to attempt login automatically, skipping the login screen
client_id
¶Grafana.net auth client id
client_secret
¶Grafana.net auth client secret
enabled
¶Grafana.net auth enabled
scopes
¶Grafana.net auth scopes
skip_org_role_sync
¶Prevents the synchronization of organization roles
grafananet
¶
allow_sign_up
¶Grafana.net auth allow sign up
allowed_organizations
¶Grafana.net auth allowed organizations
client_id
¶Grafana.net auth client id
client_secret
¶Grafana.net auth client secret
enabled
¶Grafana.net auth enabled
scopes
¶Grafana.net auth scopes
jwt
¶
allow_assign_grafana_admin
¶Allow or not setting the Grafana Admin role from the external provider
auto_sign_up
¶Auto-create users if they are not already matched
cache_ttl
¶JWT cache TTL
email_claim
¶Specify a claim to use as an email to sign in
enable_login_token
¶Set true to enable login token
enabled
¶Enable JWT login
expect_claims
¶This can be seen as a required subset of a JWT Claims Set
header_name
¶HTTP header to look into to get a JWT token
jwk_set_file
¶Key set in the same format as in JWKS endpoint but located on disk
jwk_set_url
¶Verify token using a JSON Web Key Set loaded from https endpoint
key_file
¶PEM-encoded key file in PKIX, PKCS #1, PKCS #8 or SEC 1 format.
role_attribute_path
¶JWT auth role attribute path
role_attribute_strict
¶Denies user access if no role or an invalid role is returned
skip_org_role_sync
¶Prevents the synchronization of organization roles
url_login
¶search for a JWT in the URL query parameter auth_token and use it as the authentication token
username_claim
¶Specify a claim to use as a username to sign in
ldap
¶
active_sync_enabled
¶LDAP backround sync (Enterprise only)
allow_sign_up
¶Auth LDAP allow sign up
config
¶LDAP configuration (toml)
enabled
¶Auth LDAP enable
skip_org_role_sync
¶Prevents the synchronization of organization roles
sync_cron
¶LDAP backround sync (Enterprise only)
login_cookie_name
¶Login cookie name
login_maximum_inactive_lifetime_duration
¶The maximum lifetime (duration) an authenticated user can be inactive before being required to login at next visit
login_maximum_lifetime_duration
¶The maximum lifetime (duration) an authenticated user can be logged in since login time before being required to login
oauth_allow_insecure_email_lookup
¶Enable user lookup based on email in addition to using unique ID provided by IdPs.
oauth_auto_login
¶Set to true to attempt login with OAuth automatically, skipping the login screen
oauth_skip_org_role_update_sync
¶Skip forced assignment of OrgID 1 or ‘auto_assign_org_id’ for social logins
oauth_state_cookie_max_age
¶Auth state max age cookie duration
okta
¶
allow_assign_grafana_admin
¶Allow or not setting the Grafana Admin role from the external provider
allow_sign_up
¶Okta auth allow sign up
allowed_domains
¶Okta auth allowed domains
allowed_groups
¶Okta auth allowed groups
api_url
¶Okta auth api url
auth_url
¶Okta auth url
auto_login
¶Set to true to attempt login automatically, skipping the login screen
client_id
¶OktaD auth client id
client_secret
¶Okta auth client secret
enabled
¶Okta auth enabled
icon
¶Set OAuth icon
name
¶Okta auth name
role_attribute_path
¶Okta auth role attribute path
role_attribute_strict
¶Denies user access if no role or an invalid role is returned
scopes
¶Okta auth scopes
skip_org_role_sync
¶Prevents the synchronization of organization roles
token_url
¶Okta auth token url
proxy
¶
auto_sign_up
¶Auth proxy auto sign up
enable_login_token
¶Auth proxy enable login token
enabled
¶Auth proxy enabled
header_name
¶Auth proxy header name
header_property
¶Auth proxy header property
headers
¶Auth proxy headers
headers_encoded
¶Proxy encoded headers
sync_ttl
¶Auth proxy LDAP sync TTL
whitelist
¶Auth proxy whitelist
signout_redirect_url
¶URL to redirect the user to after sign out
sigv4_auth_enabled
¶Set to true to enable SigV4 authentication option for HTTP-based datasources
sigv4_verbose_logging
¶Set to true to enable verbose logging of SigV4 request signing
token_rotation_interval_minutes
¶How often should auth tokens be rotated for authenticated users when being active
aws
¶
allowed_auth_providers
¶Enter a comma-separated list of allowed AWS authentication providers
assume_role_enabled
¶Allow AWS users to assume a role using temporary security credentials
list_metrics_page_limit
¶Specify max no of pages to be returned by the ListMetricPages API
azure
¶
cloud
¶Azure cloud environment where Grafana is hosted: Possible values are AzureCloud, AzureChinaCloud, AzureUSGovernment and AzureGermanCloud
managed_identity_client_id
¶Client ID to use for user-assigned managed identity
managed_identity_enabled
¶Specifies whether Grafana hosted in Azure service with Managed Identity configured (e.g. Azure Virtual Machines instance)
dashboard_previews
¶
crawler
¶
max_crawl_duration
¶Maximum duration of a single crawl
rendering_timeout
¶Timeout passed down to the Image Renderer plugin
scheduler_interval
¶Minimum interval between two subsequent scheduler runs
thread_count
¶Number of dashboards rendered in parallel
dashboards
¶
custom_homepage_json
¶Override the default homepage with a custom dashboard in JSON format (http://docs.grafana.org/reference/dashboard/)
default_home_dashboard_path
¶Path to the default home dashboard. If this value is empty, then Grafana uses StaticRootPath + dashboards/home.json
min_refresh_interval
¶Minimum dashboard refresh interval
versions_to_keep
¶Number dashboard versions to keep (per dashboard)
database
¶
cache_mode
¶(SQLite3 only) Cache mode setting used for connecting to the database
conn_max_lifetime
¶Connection Max Lifetime
host
¶(MySQL & PostgreSQL only) Database Host. If not set, a ‘database’ link is expected
log_queries
¶Set to true to log the sql calls and execution times
max_idle_conn
¶(MySQL & PostgreSQL only) Database max idle connections
max_open_conn
¶(MySQL & PostgreSQL only) Database max open connections
name
¶(MySQL & PostgreSQL only) Database Name
password
¶(MySQL & PostgreSQL only) Database Password
port
¶(MySQL & PostgreSQL only) Database Port
server_cert_name
¶(MySQL only) The common name field of the certificate used by the mysql server. Not necessary if ssl_mode is set to ‘skip-verify’
ssl_mode
¶(MySQL & PostgreSQL only) For Postgres, use either ‘disable’, ‘require’ or ‘verify-full’. For MySQL, use either ‘true’, ‘false’, or ‘skip-verify’
tls_client_ca
¶(MySQL & PostgreSQL only) Database TLS client CA
tls_client_cert
¶(MySQL & PostgreSQL only) Database TLS client cert
tls_client_key
¶(MySQL & PostgreSQL only) Database TLS client key
type
¶Database Type, either ‘mysql’, ‘postgres’ or ‘sqlite3’
- Default
sqlite3
user
¶(MySQL & PostgreSQL only) Database User
wal
¶(SQLite3 only & optional) Setting it to true enables SQLite WAL (Write-Ahead Logging). Possible values are true, false. If not set defaults to false for Grafana
datasources
¶
create
¶List of datasources in YAML format that Grafana will add or update during start up
datasource_limit
¶Set maximum number of datasources
delete
¶List of datasources in YAML format that Grafana will delete before inserting/updating those in create list
date_formats
¶
default_timezone
¶Default timezone for user preferences
full_date
¶Default system date format used in time range picker and other places where full time is displayed
interval_day
¶Interval day (used by graph and other places where we only show small intervals)
interval_hour
¶Interval hour (used by graph and other places where we only show small intervals)
interval_minute
¶Interval minute (used by graph and other places where we only show small intervals)
interval_month
¶Interval month (used by graph and other places where we only show small intervals)
interval_second
¶Interval second (used by graph and other places where we only show small intervals)
interval_year
¶Interval year (used by graph and other places where we only show small intervals)
use_browser_locale
¶Use browser local (experimental feature)
emails
¶
content_types
¶Enter a comma-separated list of content types that should be included in the emails that are sent
templates_pattern
¶Enter a comma separated list of template patterns. Default is emails/.html, emails/.txt
welcome_email_on_sign_up
¶Welcome email on sign up
enterprise
¶
license
¶Enterprise license
explore
¶
enabled
¶Enable the Explore section
expressions
¶
enabled
¶Enable or disable the expressions functionality
external_image_storage
¶
azure
¶
account_key
¶Azure account key
account_name
¶Azure account name
container_name
¶Azure container name
sas_token_expiration_days
¶Number of days for SAS token validity. If specified SAS token will be attached to image URL. Allow storing images in private containers
gcs
¶
bucket
¶GCS bucket
enable_signed_urls
¶If set to true, Grafana creates a signed URL for the image uploaded to Google Cloud Storage
json_key
¶GCS JSON Key
path
¶GCS path
signed_url_expiration
¶Sets the signed URL expiration, which defaults to seven days.
provider
¶Used for uploading images to public servers so they can be included in slack/email messages (s3, webdav, gcs, azure_blob, local)
s3
¶
access_key
¶S3 Access Key
bucket
¶S3 Bucket
bucket_url
¶S3 Bucket URL
endpoint
¶S3 Endpoint
path
¶S3 Bucket Path
path_style_access
¶S3 Path Style Access
region
¶S3 Region
secret_key
¶S3 Secret Key
webdav
¶
password
¶Webdav Password
public_url
¶Webdav public URL
url
¶Webdav URL
username
¶Webdav Username
feature_toggles
¶
enable
¶Enable features, separated by spaces
force_migration
¶Force migration will run migrations that might cause data loss. Default is false
geomap
¶
default_baselayer_config
¶Set the JSON configuration for the default basemap
enable_custom_baselayers
¶Enable or disable loading other base map layers
grafana_com
¶
api_url
¶Api URL
url
¶Url used to to import dashboards directly from Grafana.com
grafana_net
¶
url
¶Url used to to import dashboards directly from Grafana.net
help
¶
enabled
¶Enable the Help section
influxdb
¶
database
¶InfluxDB database to configure as Grafana data source
datasource_input_name
¶Name of the InfluxDB datasource input name
- Default
DS_INFLUXDB
datasource_name
¶Name of the InfluxDB datasource
- Default
influxdb
password
¶InfluxDB password to configure as Grafana data source
url
¶InfluxDB URL to configure as Grafana data source
username
¶InfluxDB user to configure as Grafana data source
instance_name
¶Set the name of the grafana-server instance. Used in logging, internal metrics, and clustering info
live
¶
allowed_origins
¶allowed_origins is a comma-separated list of origins that can establish connection with Grafana Live
ha_engine
¶engine defines an HA (high availability) engine to use for Grafana Live
ha_engine_address
¶ha_engine_address sets a connection address for Live HA engine
max_connections
¶max_connections to Grafana Live WebSocket endpoint per Grafana server instance
log
¶
console
¶
format
¶log line format, valid options are text, console and json
level
¶log level
file
¶
daily_rotate
¶Segment log daily
format
¶log line format, valid options are text, console and json
level
¶log level
log_rotate
¶This enables automated log rotate(switch of following options)
max_days
¶Expired days of log file(delete after max days)
max_lines
¶Max line number of single file
max_size_shift
¶Max size shift of single file
filters
¶Optional settings to set different levels for specific loggers
frontend
¶
api_key
¶Api Key, only applies to Grafana Javascript Agent provider
custom_endpoint
¶Custom HTTP endpoint to send events to. Default will log the events to stdout
enabled
¶Should Sentry javascript agent be initialized
instrumentations_console_enabled
¶Should console instrumentation be enabled, only affects Grafana Javascript Agent
instrumentations_errors_enabled
¶Should error instrumentation be enabled, only affects Grafana Javascript Agent
instrumentations_webvitals_enabled
¶Should webvitals instrumentation be enabled, only affects Grafana Javascript Agent
log_endpoint_burst_limit
¶Max requests accepted per short interval of time for Grafana backend log ingestion endpoint (/log)
log_endpoint_requests_per_second_limit
¶Requests per second limit enforced per an extended period, for Grafana backend log ingestion endpoint (/log).
provider
¶Defines which provider to use sentry or grafana
sample_rate
¶Rate of events to be reported to Sentry between 0 (none) and 1 (all), float
sentry_dsn
¶Sentry DSN if you want to send events to Sentry
level
¶log level. Either ‘trace’, ‘debug’, ‘info’, ‘warn’, ‘error’, ‘critical’
mode
¶Either ‘console’, ‘file’, ‘syslog’. Use space to separate multiple modes
syslog
¶
address
¶Syslog address
facility
¶Syslog facility. user, daemon and local0 through local7 are valid
format
¶log line format, valid options are text, console and json
level
¶log level
network
¶Syslog network type. This can be udp, tcp, or unix
tag
¶Syslog tag
metrics
¶
basic_auth
¶
password
¶Basic auth password for the metrics endpoint
username
¶Basic auth username for the metrics endpoint
disable_total_stats
¶Disable total stats (stattotals*) metrics to be generated
enabled
¶Enable internal metrics
environment_info
¶Metrics environment info adds dimensions to the
grafana_environment_info
metric, which can expose more information about the Grafana instance
- Example
exampleLabel1: exampleValue1 exampleLabel2: exampleValue2
graphite
¶
address
¶Graphite address
prefix
¶Graphite prefix
interval_seconds
¶Publish interval
panels
¶
disable_sanitize_html
¶Disable sanitize HTML
enable_alpha
¶Enable alpha panels
paths
¶
temp_data_lifetime
¶Temporary files in data directory older than given duration will be removed
plugin
¶
grafana_image_renderer
¶
grpc_host
¶Change the listening host of the gRPC server
grpc_port
¶Change the listening port of the gRPC server
rendering_args
¶Additional arguments to pass to the headless browser instance
rendering_chrome_bin
¶You can configure the plugin to use a different browser binary instead of the pre-packaged version of Chromium
rendering_clustering_max_concurrency
¶When rendering_mode = clustered you can define maximum number of browser instances/incognito pages that can execute concurrently
rendering_clustering_mode
¶When rendering_mode = clustered you can instruct how many browsers or incognito pages can execute concurrently
rendering_clustering_timeout
¶When rendering_mode = clustered, you can specify the duration a rendering request can take before it will time out
rendering_dumpio
¶Instruct headless browser instance whether to output its debug and error messages into running process of remote rendering service
rendering_ignore_https_errors
¶Instruct headless browser instance whether to ignore HTTPS errors during navigation
rendering_language
¶Instruct headless browser instance to use a default language when not provided by Grafana
rendering_mode
¶Instruct how headless browser instances are created
rendering_timezone
¶Instruct headless browser instance to use a default timezone when not provided by Grafana
rendering_verbose_logging
¶Instruct headless browser instance whether to capture and log verbose information when rendering an image
rendering_viewport_device_scale_factor
¶Instruct headless browser instance to use a default device scale factor when not provided by Grafana
rendering_viewport_max_device_scale_factor
¶Limit the maximum viewport device scale factor that can be requested
rendering_viewport_max_height
¶Limit the maximum viewport height that can be requested
rendering_viewport_max_width
¶Limit the maximum viewport width that can be requested
plugins
¶
allow_loading_unsigned_plugins
¶Enter a comma-separated list of plugin identifiers to identify plugins that are allowed to be loaded even if they lack a valid signature
app_tls_skip_verify_insecure
¶Skip verify insecure for app tls
enable_alpha
¶Enable alpha plugins
plugin_admin_enabled
¶Enable or disable installing / uninstalling / updating plugins directly from within Grafana.
plugin_admin_external_manage_enabled
¶Set to true if you want to enable external management of plugins. Default is false. This is only applicable to Grafana Cloud users
plugin_catalog_hidden_plugins
¶Enter a comma-separated list of plugin identifiers to hide in the plugin catalog
plugin_catalog_url
¶Custom install/learn more URL for enterprise plugins. Defaults to https://grafana.com/grafana/plugins/
profile
¶
enabled
¶Enable the Profile section
prometheus
¶
dashboard_files
¶Array of dashboard json file locations or glob patterns
dashboard_folders
¶Array of grafana folders and dashboard json file locations or glob patterns
- Example
- disable_deletion: true editable: false files: - /var/vcap/packages/my_dashboards/* name: My Dashboards
datasource_input_name
¶Name of the Prometehus datasource input name
- Default
DS_PROMETHEUS
datasource_name
¶Name of the Prometheus datasource
- Default
prometheus
tls_skip_verify
¶Skip TLS verification
use_external_url
¶If true and prometheus provides one, use the external url to reach prometheus
- Default
true
query_history
¶
enabled
¶Enable the Query history
quota
¶
enabled
¶Enable Usage Quotas
global_alert_rule
¶global limit of alerts
global_api_key
¶global limit of api_keys
global_dashboard
¶global limit of dashboards
global_file
¶global limit of files uploaded to the SQL DB
global_org
¶global limit of orgs
global_session
¶global limit on number of logged in users
global_user
¶Global limit of users
org_alert_rule
¶limit number of alerts per Org
org_api_key
¶limit number of api_keys per Org
org_dashboard
¶limit number of dashboards per Org
org_data_source
¶limit number of data_sources per Org
org_user
¶limit number of users per Org
user_org
¶limit number of orgs a user can create
rbac
¶
permission_cache
¶If enabled, cache permissions in a in memory cache
reset_basic_roles
¶Reset basic roles permissions on boot
remote_cache
¶
connstr
¶Connection string
encryption
¶This enables encryption of values stored in the remote cache
prefix
¶Prefix prepended to all the keys in the remote cache
type
¶Either ‘redis’, ‘memcached’, ‘database’
- Default
database
rendering
¶
callback_url
¶External image rendering callback URL
concurrent_render_request_limit
¶External image rendering concurrent render request limit
render_key_lifetime
¶Determines the lifetime of the render key used by the image renderer to access and render Grafana
renderer_token
¶An auth token that will be sent to and verified by the renderer
server_url
¶External image rendering server URL
search
¶
dashboard_loading_batch_size
¶Defines the number of dashboards loaded at once in a batch during a full reindex
full_reindex_interval
¶Defines the frequency of a full search reindex
index_update_interval
¶Defines the frequency of partial index updates based on recent changes such as dashboard updates
secure_socks_datasource_proxy
¶
client_cert
¶Socks datasource client certificate
client_key
¶Socks datasource client key
enabled
¶Enable feature secure socks5 datasource proxy
proxy_address
¶The address of the socks5 proxy datasources should connect to
root_ca_cert
¶Socks datasource client CA certificate
server_name
¶Socks datasource client server name
security
¶
admin_email
¶Default admin email, created on startup
admin_password
¶default admin password
admin_user
¶default admin user
- Default
admin
allow_embedding
¶Set to true if you want to allow browsers to render Grafana in a
angular_support_enabled
¶Controls if old angular plugins are supported or not. This will be disabled by default in future release
available_encryption_providers
¶list of configured key providers, space separated (Enterprise only): e.g., awskms.v1 azurekv.v1
content_security_policy
¶Enable adding the Content-Security-Policy header to your requests
content_security_policy_report_only
¶Enable adding the Content-Security-Policy-Report-Only header to your requests
content_security_policy_report_only_template
¶Set Content Security Policy Report Only template used when adding the Content-Security-Policy-Report-Only header to your requests
content_security_policy_template
¶Set Content Security Policy template used when adding the Content-Security-Policy header to your requests
cookie_samesite
¶Set cookie SameSite attribute (lax, strict and none)
cookie_secure
¶Set to true if you host Grafana behind HTTPS
cstrict_transport_security_max_age_seconds
¶Sets how long a browser should cache HSTS. Only applied if strict_transport_security is enabled
data_source_proxy_whitelist
¶data source proxy whitelist (ip_or_domain:port separated by spaces)
disable_brute_force_login_protection
¶disable protection against brute force login attempts
disable_gravatar
¶disable gravatar profile images
disable_initial_admin_creation
¶Disable creation of admin user on first start of grafana
secret_key
¶used for signing
strict_transport_security
¶Set to true if you want to enable http strict transport security (HSTS) response header
strict_transport_security_preload
¶Set to true if to enable HSTS preloading option. Only applied if strict_transport_security is enabled
strict_transport_security_subdomains
¶Set to true if to enable the HSTS includeSubDomains option. Only applied if strict_transport_security is enabled
x_content_type_options
¶Set to true to enable the X-Content-Type-Options response header
x_xss_protection
¶Set to true to enable the X-XSS-Protection header, which tells browsers to stop pages from loadingwhen they detect reflected cross-site scripting (XSS) attacks
server
¶
cdn_url
¶Specify a full HTTP URL address to the root of your Grafana CDN assets
custom_response_headers
¶This setting enables you to specify additional headers that the server adds to HTTP(S) responses
- Example
exampleHeader1: exampleValue1 exampleHeader2: exampleValue2
domain
¶The public facing domain name used to access grafana from a browser
enable_gzip
¶Enable gzip
enforce_domain
¶Redirect to correct domain if host header does not match domain
http_addr
¶The ip address to bind to, empty will bind to all interfaces
http_port
¶The http port to bind to
- Default
3000
protocol
¶Protocol (http or https)
read_timeout
¶Sets the maximum time using a duration format (5s/5m/5ms) before timing out read
root_url
¶The full public facing url
router_logging
¶Log web requests
serve_from_sub_path
¶Serve Grafana from subpath specified in root_url setting
socket_gid
¶GID where the socket should be set when protocol=socket
socket_mode
¶Mode where the socket should be set when protocol=socket
ssl_cert
¶SSL certificate (PEM encoded)
ssl_key
¶SSL private key (PEM encoded)
static_root_path
¶The relative working path
service_accounts
¶
token_expiration_day_limit
¶When set, Grafana will not allow the creation of tokens with expiry greater than this setting
smtp
¶
ehlo_identity
¶EHLO identity in SMTP dialog (defaults to instance_name)
enabled
¶SMTP enabled
from_address
¶SMTP from address
from_name
¶SMTP from name
host
¶SMTP host
password
¶SMTP password
skip_verify
¶SMTP skip SSL verification
ssl_cert
¶SMTP SSL certificate
ssl_key
¶SMTP SSL private key
starttls_policy
¶SMTP Start TLS policy
user
¶SMTP user
snapshots
¶
enabled
¶set to false to remove snapshot functionality
external_enabled
¶Extenal snaphot enabled
external_snapshot_name
¶External snapshot name
external_snapshot_url
¶External snapshot URL
public_mode
¶Set to true to enable this Grafana instance act as an external snapshot server and allow unauthenticated requests for creating and deleting snapshots
remove_expired
¶Remove expired snapshots
sql_datasources
¶
max_conn_lifetime_default
¶maximum connection lifetime used when connecting to SQL based data sources
max_idle_conns_default
¶maximum number of idle connections maintained in the connection pool when connecting to SQL based data sources
max_open_conns_default
¶maximum number of open connections maintained in the connection pool when connecting to SQL based data sources
storage
¶
allow_unsanitized_svg_upload
¶Allow uploading SVG files without sanitization
support_bundles
¶
enabled
¶Enable support bundle creation (default: true)
public_keys
¶If set, bundles will be encrypted with the provided public keys separated by whitespace
server_admin_only
¶Only server admins can generate and view support bundles (default: true)
tracing
¶
jaeger
¶
address
¶jaeger destination (ex localhost:6831)
always_included_tag
¶tag that will always be included in when creating new spans
disable_shared_zipkin_spans
¶Setting this to true disables shared RPC spans
sampler_param
¶jaeger samplerconfig param
sampler_type
¶Type specifies the type of the sampler: const, probabilistic, rateLimiting, or remote
sampling_server_url
¶Sampling_server_url is the URL of a sampling manager providing a sampling strategy.
zipkin_propagation
¶Whether or not to use Zipkin span propagation (x-b3- HTTP headers)
opentelemetry
¶
custom_attributes
¶attributes that will always be included in when creating new spans. ex (key1:value1,key2:value2)
jaeger
¶address
¶jaeger destination (ex http://localhost:14268/api/traces)
propagation
¶Propagation specifies the text map propagation format: w3c, jaeger
otlp
¶address
¶otlp destination (ex localhost:4317)
propagation
¶Propagation specifies the text map propagation format: w3c, jaeger
unified_alerting
¶
admin_config_poll_interval
¶Specify the frequency of polling for admin config changes
alertmanager_config_poll_interval
¶Specify the frequency of polling for Alertmanager config changes
disabled_orgs
¶Comma-separated list of organization IDs for which to disable unified alerting
enabled
¶Enable the Unified Alerting sub-system and interface
evaluation_timeout
¶Alert evaluation timeout when fetching data from the datasource
execute_alerts
¶Enable or disable alerting rule execution. The alerting UI remains visible
ha_advertise_address
¶Explicit address/hostname and port to advertise other Grafana instances
ha_gossip_interval
¶The interval between sending gossip messages
ha_listen_address
¶Listen address/hostname and port to receive unified alerting messages for other Grafana instances
ha_peer_timeout
¶Time to wait for an instance to send a notification via the Alertmanager
ha_peers
¶Comma-separated list of initial instances (in a format of host:port) that will form the HA cluster
ha_push_pull_interval
¶The interval between gossip full state syncs
max_attempts
¶Number of times we’ll attempt to evaluate an alert rule before giving up on that evaluation
min_interval
¶Minimum interval to enforce between rule evaluations
reserved_labels
¶
disabled_labels
¶Comma-separated list of reserved labels added by the Grafana Alerting engine that should be disabled
screenshots
¶
capture
¶Enable screenshots in notifications. This option requires the Grafana Image Renderer plugin
capture_timeout
¶The timeout for capturing screenshots
max_concurrent_screenshots
¶The maximum number of screenshots that can be taken at the same time
upload_external_image_storage
¶Uploads screenshots to the local Grafana server or remote storage such as Azure, S3 and GCS
state_history
¶
enabled
¶Enable the state history functionality in Unified Alerting
users
¶
allow_org_create
¶Allow non admin users to create organizations
allow_sign_up
¶disable user signup / registration
auto_assign_org
¶Set to true to automatically assign new users to the default organization (id 1)
auto_assign_org_id
¶Set this value to automatically add new users to the provided organization (if auto_assign_org above is set to true)
auto_assign_org_role
¶Default role new users will be automatically assigned (if disabled above is set to true)
default_language
¶Default UI language (supported IETF language tag, such as en-US)
default_theme
¶Default UI theme (‘dark’ or ‘light’)
editors_can_admin
¶Editors can administrate dashboard, folders and teams they create
external_manage_info
¶External user management info
external_manage_link_name
¶External user management link name
external_manage_link_url
¶External user management link URL
hidden_users
¶Enter a comma-separated list of usernames to hide them in the Grafana UI. These users are shown to Grafana admins and to themselves
home_page
¶Path to a custom home page. Users are only redirected to this if the default home dashboard is used. It should match a frontend route and contain a leading slash
login_hint
¶Background text for the user field on the login page
password_hint
¶Background text for the password field on the login page
seeded_global_users
¶Array of Grafana users to be seeded
- Default
[]- Example
- email: [email protected] login: user name: user name password: userpassword
user_invite_max_lifetime_duration
¶The duration in time a user invitation remains valid before expiring. This setting should be expressed as a duration. Examples: 6h (hours), 2d (days), 1w (week)
verify_email_enabled
¶Require email validation before sign up completes
viewers_can_edit
¶Viewers can edit/inspect dashboard settings in the browser but not save the dashboard
Templates¶
Templates are rendered and placed onto corresponding
instances during the deployment process. This job's templates
will be placed into /var/vcap/jobs/grafana/
directory
(learn more).
bin/grafana-admin-password
(frombin/grafana-admin-password
)bin/grafana-homepage
(frombin/grafana-homepage
)bin/grafana-users
(frombin/grafana-users
)bin/post-start
(frombin/post-start
)bin/pre-start
(frombin/pre-start
)bin/prometheus-dashboards
(frombin/prometheus-dashboards
)config/bpm.yml
(frombpm.yml.erb
)config/database_tls_client_ca.pem
(fromconfig/database_tls_client_ca.pem
)config/database_tls_client_cert.pem
(fromconfig/database_tls_client_cert.pem
)config/database_tls_client_key.pem
(fromconfig/database_tls_client_key.pem
)config/gcs_key.json
(fromconfig/gcs_key.json
)config/generic_oauth_tls_client_ca.pem
(fromconfig/generic_oauth_tls_client_ca.pem
)config/generic_oauth_tls_client_cert.pem
(fromconfig/generic_oauth_tls_client_cert.pem
)config/generic_oauth_tls_client_key.pem
(fromconfig/generic_oauth_tls_client_key.pem
)config/grafana.ini
(fromconfig/grafana.ini
)config/grpc_server_cert.pem
(fromconfig/grpc_server_cert.pem
)config/grpc_server_key.pem
(fromconfig/grpc_server_key.pem
)config/jwt_key.pem
(fromconfig/jwt_key.pem
)config/ldap.toml
(fromconfig/ldap.toml
)config/license.jwt
(fromconfig/license.jwt
)config/provisioning/dashboards/default.yml
(fromconfig/provisioning/dashboards/default.yml
)config/provisioning/dashboards/folders.yml
(fromconfig/provisioning/dashboards/folders.yml
)config/provisioning/datasources/custom.yml
(fromconfig/provisioning/datasources/custom.yml
)config/provisioning/datasources/influxdb.yml
(fromconfig/provisioning/datasources/influxdb.yml
)config/provisioning/datasources/prometheus.yml
(fromconfig/provisioning/datasources/prometheus.yml
)config/saml_certificate.pem
(fromconfig/saml_certificate.pem
)config/saml_ipd_metadata.xml
(fromconfig/saml_ipd_metadata.xml
)config/saml_private_key.pem
(fromconfig/saml_private_key.pem
)config/smtp_cert.pem
(fromconfig/smtp_cert.pem
)config/smtp_key.pem
(fromconfig/smtp_key.pem
)config/ssl_cert.pem
(fromconfig/ssl_cert.pem
)config/ssl_key.pem
(fromconfig/ssl_key.pem
)
Packages¶
Packages are compiled and placed onto corresponding
instances during the deployment process. Packages will be
placed into /var/vcap/packages/
directory.