* Enable doc-validator for specific directories
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Fix one linting error to trigger CI
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Update doc-validator to latest release
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Update make-docs procedure
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Use doc-validator version from CI in local make target
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Revert to 1.11.0
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* adds missing descriptions
* Fix titles and headings
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Fix link formats
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Fix easy to resolve anchors
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Remove broken anchor link
This anchor appears to have been broken for a long time.
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Use doc-validator image with support for numbered anchors
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Update make-docs procedure to support doc-validator 2.0.x
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Fix a bunch of broken anchors
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Ignore old whatsnew content
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Update doc-validator to v2.0.x and use reviewdog to report errors
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* removes broken links
---------
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
Co-authored-by: Chris Moyer <chris.moyer@grafana.com>
@ -22,13 +23,13 @@ To identify the factors that are contributing to the latency, you must compare a
Use exemplars to help isolate problems within your data distribution by pinpointing query traces exhibiting high latency within a time interval. Once you localize the latency problem to a few exemplar traces, you can combine it with additional system based information or location properties to perform a root cause analysis faster, leading to quick resolutions to performance issues.
Support for exemplars is available for the Prometheus data source only. Once you enable the functionality, exemplar data is available by default. For more information on exemplar configuration and how to enable exemplars, refer to [configuring exemplars in the Prometheus data source]({{< relref "../../datasources/prometheus/#configure-exemplars" >}}).
Support for exemplars is available for the Prometheus data source only. Once you enable the functionality, exemplar data is available by default. For more information on exemplar configuration and how to enable exemplars, refer to [configuring exemplars in the Prometheus data source]({{< relref "../../datasources/prometheus#configure-exemplars" >}}).
Grafana shows exemplars alongside a metric in the Explore view and in dashboards. Each exemplar displays as a highlighted star. You can hover your cursor over an exemplar to view the unique trace ID, which is a combination of a key value pair. To investigate further, click the blue button next to the `traceID` property.
{{<figuresrc="/media/docs/grafana/exemplars/screenshot-exemplars.png"class="docs-image--no-shadow"max-width="750px"caption="Screenshot showing the detail window of an exemplar">}}
Refer to [View exemplar data]({{< relref "#view-exemplar-data" >}}) for instructions on how to drill down and view exemplar trace details from metrics and logs. To know more about exemplars, refer to the blogpost [Intro to exemplars, which enable Grafana Tempo’s distributed tracing at massive scale](https://grafana.com/blog/2021/03/31/intro-to-exemplars-which-enable-grafana-tempos-distributed-tracing-at-massive-scale/).
Refer to [View exemplar data]({{< relref "#view-exemplar-data" >}}) for instructions on how to drill down and view exemplar trace details from metrics and logs. To know more about exemplars, refer to the blogpost [Intro to exemplars, which enable Grafana Tempo’s distributed tracing at massive scale](/blog/2021/03/31/intro-to-exemplars-which-enable-grafana-tempos-distributed-tracing-at-massive-scale/).
## View exemplar data
@ -36,7 +37,7 @@ When support for exemplar support is enabled for a Prometheus data source, you c
### In Explore
Explore visualizes exemplar traces as highlighted stars alongside metrics data. For more information on how Explore visualizes trace data, refer to [Tracing in Explore]({{< relref "../../explore/trace-integration/" >}}).
Explore visualizes exemplar traces as highlighted stars alongside metrics data. For more information on how Explore visualizes trace data, refer to [Tracing in Explore]({{< relref "../../explore/trace-integration" >}}).
To examine the details of an exemplar trace:
@ -52,7 +53,7 @@ For more information on how to drill down and analyze the trace and span details
### In logs
You can also view exemplar trace details from the Loki logs in Explore. Use regex within the Derived fields links for Loki to extract the `traceID` information. Now when you expand Loki logs, you can see a `traceID` property under the **Detected fields** section. To learn more about how to extract a part of a log message into an internal or external link, refer to [using derived fields in Loki]({{< relref "../../explore/logs-integration/" >}}).
You can also view exemplar trace details from the Loki logs in Explore. Use regex within the Derived fields links for Loki to extract the `traceID` information. Now when you expand Loki logs, you can see a `traceID` property under the **Detected fields** section. To learn more about how to extract a part of a log message into an internal or external link, refer to [using derived fields in Loki]({{< relref "../../explore/logs-integration" >}}).
For more information about histogram visualization options, refer to [Histogram]({{< relref "../../panels-visualizations/visualizations/histogram/" >}}).
For more information about histogram visualization options, refer to [Histogram]({{< relref "../../panels-visualizations/visualizations/histogram" >}}).
Histograms only look at _value distributions_ over a specific time range. The problem with histograms is that you cannot see any trends or changes in the distribution over time. This is where heatmaps become useful.
@ -44,7 +45,7 @@ In this example, you can clearly see what values are more common and how they tr
@ -105,6 +105,6 @@ The combination of Prometheus and Grafana Agent gives you control over the metri
Now that you understand how Prometheus metrics work, what will you build?
- One great next step is to [build a dashboard]({{< relref "../../dashboards/build-dashboards/" >}}) in Grafana and start turning that raw Prometheus telemetry data into insights about what’s going with your services and infrastructure.
- One great next step is to [build a dashboard]({{< relref "../../dashboards/build-dashboards" >}}) in Grafana and start turning that raw Prometheus telemetry data into insights about what’s going with your services and infrastructure.
- Another great step is to learn about [Grafana Mimir](/oss/mimir/), which is essentially a database for Prometheus data. If you’re wondering how to make this work for a large volumes of metrics with a lot of data and fast querying, check out Grafana Mimir.
- If you’re interested in working with Prometheus data in Grafana directly, check out the [Prometheus data source]({{< relref "../../datasources/prometheus/" >}}) documentation, or check out [PromQL basics](https://prometheus.io/docs/prometheus/latest/querying/basics/).
- If you’re interested in working with Prometheus data in Grafana directly, check out the [Prometheus data source]({{< relref "../../datasources/prometheus" >}}) documentation, or check out [PromQL basics](https://prometheus.io/docs/prometheus/latest/querying/basics/).
In [Introduction to time series]({{< relref "timeseries/#time-series-databases" >}}), the concept of _labels_, also called _tags_, is introduced:
In [Introduction to time series]({{< relref "../timeseries#time-series-databases" >}}), the concept of _labels_, also called _tags_, is introduced:
> Another feature of a TSDB is the ability to filter measurements using _tags_. Each data point is labeled with a tag that adds context information, such as where the measurement was taken.
@ -86,10 +86,10 @@ In this case the labels that represent the dimensions will have two keys based o
> **Note:** More than one dimension is currently only supported in the Logs queries within the Azure Monitor service as of version 7.1.
> **Note:** Multiple dimensions are not supported in a way that maps to multiple alerts in Grafana, but rather they are treated as multiple conditions to a single alert. For more information, see See the documentation on [creating alerts with multiple series]({{< relref "../../alerting/alerting-rules/create-grafana-managed-rule/#single-and-multi-dimensional-rule" >}}).
> **Note:** Multiple dimensions are not supported in a way that maps to multiple alerts in Grafana, but rather they are treated as multiple conditions to a single alert. For more information, see See the documentation on [creating alerts with multiple series]({{< relref "../../alerting/alerting-rules/create-grafana-managed-rule#single-and-multi-dimensional-rule" >}}).
### Multiple values
In the case of SQL-like data sources, more than one numeric column can be selected, with or without additional string columns to be used as dimensions. For example, `AVG(Temperature) AS AvgTemp, MAX(Temperature) AS MaxTemp`. This, if combined with multiple dimensions, can result in a lot of series. Selecting multiple values is currently only designed to be used with visualization.
Additional technical information on tabular time series formats and how dimensions are extracted can be found in [the developer documentation on data frames as time series]({{< relref "../../developers/plugins/data-frames/#data-frames-as-time-series" >}}).
Additional technical information on tabular time series formats and how dimensions are extracted can be found in [the developer documentation on data frames as time series]({{< relref "../../developers/plugins/data-frames#data-frames-as-time-series" >}}).
description: Learn how build your first dashboard after you have installed Grafana.
weight: 9
---
# Get started
This section provides guidance on how build your first dashboard after you have installed Grafana. It also provides step-by-step instructions on how to add a Prometheus, InfluxDB, or an MS SQL Server data source. Refer to [Data sources]({{< relref "../administration/data-source-management/" >}}) for a list of all supported data sources.
This section provides guidance on how build your first dashboard after you have installed Grafana. It also provides step-by-step instructions on how to add a Prometheus, InfluxDB, or an MS SQL Server data source. Refer to [Data sources]({{< relref "../administration/data-source-management" >}}) for a list of all supported data sources.
This topic helps you get started with Grafana and build your first dashboard using the built-in `Grafana` data source. To learn more about Grafana, refer to [Introduction to Grafana]({{< relref "../introduction/" >}}).
This topic helps you get started with Grafana and build your first dashboard using the built-in `Grafana` data source. To learn more about Grafana, refer to [Introduction to Grafana]({{< relref "../introduction" >}}).
> **Note:** Grafana also offers a [free account with Grafana Cloud](https://grafana.com/signup/cloud/connect-account?pg=gsdocs) to help getting started even easier and faster. You can install Grafana to self-host or get a free Grafana Cloud account.
> **Note:** Grafana also offers a [free account with Grafana Cloud](/signup/cloud/connect-account?pg=gsdocs) to help getting started even easier and faster. You can install Grafana to self-host or get a free Grafana Cloud account.
#### Install Grafana
Grafana can be installed on many different operating systems. For a list of the minimum hardware and software requirements, as well as instructions on installing Grafana, refer to [Install Grafana]({{< relref "../setup-grafana/installation/" >}}).
Grafana can be installed on many different operating systems. For a list of the minimum hardware and software requirements, as well as instructions on installing Grafana, refer to [Install Grafana]({{< relref "../setup-grafana/installation" >}}).
#### Sign in to Grafana
@ -37,7 +37,7 @@ To sign in to Grafana for the first time:
#### Create a dashboard
If you've already set up a data source that you know how to query, refer to [Create a dashboard]({{< relref "../dashboards/build-dashboards/create-dashboard/" >}}) instead.
If you've already set up a data source that you know how to query, refer to [Create a dashboard]({{< relref "../dashboards/build-dashboards/create-dashboard" >}}) instead.
To create your first dashboard using the built-in `Grafana` data source:
@ -48,7 +48,7 @@ To create your first dashboard using the built-in `Grafana` data source:
1. In the New dashboard/Edit panel view, go to the **Query** tab.
1. Configure your [query]({{< relref "../panels-visualizations/query-transform-data/#add-a-query" >}}) by selecting `-- Grafana --` from the data source selector.
1. Configure your [query]({{< relref "../panels-visualizations/query-transform-data#add-a-query" >}}) by selecting `-- Grafana --` from the data source selector.
This generates the Random Walk dashboard.
@ -66,19 +66,19 @@ Congratulations, you have created your first dashboard and it is displaying resu
#### Next steps
Continue to experiment with what you have built, try the [explore workflow]({{< relref "../explore/" >}}) or another visualization feature. Refer to [Data sources]({{< relref "../datasources/" >}}) for a list of supported data sources and instructions on how to [add a data source]({{< relref "../administration/data-source-management#add-a-data-source" >}}). The following topics will be of interest to you:
Continue to experiment with what you have built, try the [explore workflow]({{< relref "../explore" >}}) or another visualization feature. Refer to [Data sources]({{< relref "../datasources" >}}) for a list of supported data sources and instructions on how to [add a data source]({{< relref "../administration/data-source-management#add-a-data-source" >}}). The following topics will be of interest to you:
- [Panels and visualizations]({{< relref "../panels-visualizations/" >}})
@ -34,7 +34,7 @@ Windows users might need to make additional adjustments. Look for special instru
You can have more than one InfluxDB data source defined in Grafana.
1. Follow the general instructions to [add a data source]({{< relref "../administration/data-source-management#add-a-data-source/" >}}).
1. Follow the general instructions to [add a data source]({{< relref "../administration/data-source-management#add-a-data-source" >}}).
1. Decide if you will use InfluxQL or Flux as your query language.
- [Configure the data source]({{< relref "../datasources/influxdb#configure-the-data-source" >}}) for your chosen query language.
Each query language has its own unique data source settings.
@ -71,8 +71,8 @@ Grafana displays a list of possible series. Click one to select it, and Grafana
Create a simple Flux query.
1. [Add a panel]({{< relref "../dashboards/build-dashboards/create-dashboard/" >}}).
1. In the query editor, select your InfluxDB-Flux data source. For more information, refer to [Queries]({{< relref "../panels-visualizations/query-transform-data/" >}}).
1. [Add a panel]({{< relref "../dashboards/build-dashboards/create-dashboard" >}}).
1. In the query editor, select your InfluxDB-Flux data source. For more information, refer to [Queries]({{< relref "../panels-visualizations/query-transform-data" >}}).
1. Select the **Table** visualization.
1. In the query editor text field, enter `buckets()` and then click outside of the query editor.
@ -92,12 +92,12 @@ You can also create Flux queries in the InfluxDB Explore view.
1. In Grafana, [add a panel]({{< relref "../dashboards/build-dashboards/create-dashboard/" >}}) and then paste your Flux code into the query editor.
1. In Grafana, [add a panel]({{< relref "../dashboards/build-dashboards/create-dashboard" >}}) and then paste your Flux code into the query editor.
1. Click **Apply**. Your new panel should be visible with data from your Flux query.
#### Check InfluxDB metrics in Grafana Explore
In your Grafana instance, go to the [Explore]({{< relref "../explore/" >}}) view and build queries to experiment with the metrics you want to monitor. Here you can also debug issues related to collecting metrics.
In your Grafana instance, go to the [Explore]({{< relref "../explore" >}}) view and build queries to experiment with the metrics you want to monitor. Here you can also debug issues related to collecting metrics.
#### Start building dashboards
@ -105,5 +105,5 @@ There you go! Use Explore and Data Explorer to experiment with your data, and ad
Here are some resources to learn more:
- Grafana documentation: [InfluxDB data source]({{< relref "../datasources/influxdb/" >}})
- Grafana documentation: [InfluxDB data source]({{< relref "../datasources/influxdb" >}})
- InfluxDB documentation: [Comparison of Flux vs InfluxQL](https://docs.influxdata.com/influxdb/v1.8/flux/flux-vs-influxql/)
@ -20,7 +20,7 @@ MS SQL Server can be installed on Windows or Linux operating systems and also on
You can install MS SQL Server on the host running Grafana or on a remote server. To install the software from the [downloads page](https://www.microsoft.com/en-us/sql-server/sql-server-downloads), follow their setup prompts.
If you are on a Windows host but want to use Grafana and MS SQL data source on a Linux environment, refer to the [WSL to set up your Grafana development environment](https://grafana.com/blog/2021/03/03/.how-to-set-up-a-grafana-development-environment-on-a-windows-pc-using-wsl). This will allow you to leverage the resources available in [grafana/grafana](https://github.com/grafana/grafana) GitHub repository. Here you will find a collection of supported data sources, including MS SQL Server, along with test data and pre-configured dashboards for use.
If you are on a Windows host but want to use Grafana and MS SQL data source on a Linux environment, refer to the [WSL to set up your Grafana development environment](/blog/2021/03/03/.how-to-set-up-a-grafana-development-environment-on-a-windows-pc-using-wsl). This will allow you to leverage the resources available in [grafana/grafana](https://github.com/grafana/grafana) GitHub repository. Here you will find a collection of supported data sources, including MS SQL Server, along with test data and pre-configured dashboards for use.
#### Add the MS SQL data source
@ -53,6 +53,6 @@ Optionally, play around this dashboard and customize it to:
Now that you have gained some idea of using the pre-packaged MS SQL data source and some test data, the next step is to setup your own instance of MS SQL Server database and data your development or sandbox area.
To fetch data from your own instance of MS SQL Server, add the data source using instructions in Step 4 of this topic. In Grafana [Explore]({{< relref "../explore/" >}}) build queries to experiment with the metrics you want to monitor.
To fetch data from your own instance of MS SQL Server, add the data source using instructions in Step 4 of this topic. In Grafana [Explore]({{< relref "../explore" >}}) build queries to experiment with the metrics you want to monitor.
Once you have a curated list of queries, create [dashboards]({{< relref "../dashboards/" >}}) to render metrics from the SQL Server database. For troubleshooting, user permissions, known issues, and query examples, refer to [Using Microsoft SQL Server in Grafana]({{< relref "../datasources/mssql/" >}}).
Once you have a curated list of queries, create [dashboards]({{< relref "../dashboards" >}}) to render metrics from the SQL Server database. For troubleshooting, user permissions, known issues, and query examples, refer to [Using Microsoft SQL Server in Grafana]({{< relref "../datasources/mssql" >}}).
@ -82,11 +82,11 @@ You can see that the node_exporter metrics have been delivered to Prometheus. Ne
#### Configure Prometheus for Grafana
When running Prometheus locally, there are two ways to configure Prometheus for Grafana. You can use a hosted Grafana instance at [Grafana Cloud](https://grafana.com/) or run Grafana locally.
When running Prometheus locally, there are two ways to configure Prometheus for Grafana. You can use a hosted Grafana instance at [Grafana Cloud](/) or run Grafana locally.
This guide describes configuring Prometheus in a hosted Grafana instance on Grafana Cloud.
1. Sign up for [https://grafana.com/](https://grafana.com/auth/sign-up/create-user). Grafana gives you a Prometheus instance out of the box.
1. Sign up for [https://grafana.com/](/auth/sign-up/create-user). Grafana gives you a Prometheus instance out of the box.
@ -102,15 +102,15 @@ remote_write:
password: <YourGrafana.comAPIKey>
```
> **Note**: To configure your Prometheus instance to work with Grafana locally instead of Grafana Cloud, install Grafana [here](https://grafana.com/grafana/download) and follow the configuration steps listed [here](https://grafana.com/docs/grafana/latest/datasources/prometheus/#configure-the-data-source).
> **Note**: To configure your Prometheus instance to work with Grafana locally instead of Grafana Cloud, install Grafana [here](/grafana/download) and follow the configuration steps listed [here](/docs/grafana/latest/datasources/prometheus/#configure-the-data-source).
#### Check Prometheus metrics in Grafana Explore view
In your Grafana instance, go to the [Explore]({{< relref "../explore/" >}}) view and build queries to experiment with the metrics you want to monitor. Here you can also debug issues related to collecting metrics from Prometheus. Pay special attention to the [Prometheus-specific features]({{< relref "../explore/#prometheus-specific-features" >}}) to avail custom querying experience for Prometheus.
In your Grafana instance, go to the [Explore]({{< relref "../explore" >}}) view and build queries to experiment with the metrics you want to monitor. Here you can also debug issues related to collecting metrics from Prometheus.
#### Start building dashboards
Now that you have a curated list of queries, create [dashboards]({{< relref "../dashboards/" >}}) to render system metrics monitored by Prometheus. When you install Prometheus and node_exporter or windows_exporter, you will find recommended dashboards for use.
Now that you have a curated list of queries, create [dashboards]({{< relref "../dashboards" >}}) to render system metrics monitored by Prometheus. When you install Prometheus and node_exporter or windows_exporter, you will find recommended dashboards for use.
The following image shows a dashboard with three panels showing some system metrics.
@ -118,5 +118,5 @@ The following image shows a dashboard with three panels showing some system metr
To learn more:
- Grafana documentation: [Prometheus data source]({{< relref "../datasources/prometheus/" >}})
- Grafana documentation: [Prometheus data source]({{< relref "../datasources/prometheus" >}})
- Prometheus documentation: [What is Prometheus?](https://prometheus.io/docs/introduction/overview/)
description: Learn about Grafana OSS, Grafana Enterprise, and Grafana Cloud.
weight: 5
---
# Grafana OSS
# Introduction to Grafana
[Grafana open source software](https://grafana.com/oss/) enables you to query, visualize, alert on, and explore your metrics, logs, and traces wherever they are stored. Grafana OSS provides you with tools to turn your time-series database (TSDB) data into insightful graphs and visualizations. The Grafana OSS plugin framework also enables you to connect other data sources like NoSQL/SQL databases, ticketing tools like Jira or ServiceNow, and CI/CD tooling like GitLab.
[Grafana open source software](/oss/) enables you to query, visualize, alert on, and explore your metrics, logs, and traces wherever they are stored. Grafana OSS provides you with tools to turn your time-series database (TSDB) data into insightful graphs and visualizations. The Grafana OSS plugin framework also enables you to connect other data sources like NoSQL/SQL databases, ticketing tools like Jira or ServiceNow, and CI/CD tooling like GitLab.
After you have [installed Grafana]({{< relref "../setup-grafana/installation/" >}}) and set up your first dashboard using instructions in [Getting started with Grafana]({{< relref "../getting-started/build-first-dashboard.md" >}}), you will have many options to choose from depending on your requirements. For example, if you want to view weather data and statistics about your smart home, then you can create a [playlist]({{< relref "../dashboards/create-manage-playlists/" >}}). If you are the administrator for an enterprise and are managing Grafana for multiple teams, then you can set up [provisioning]({{< relref "../administration/provisioning/" >}}) and [authentication]({{< relref "../setup-grafana/configure-security/configure-authentication/" >}}).
After you have [installed Grafana]({{< relref "../setup-grafana/installation" >}}) and set up your first dashboard using instructions in [Getting started with Grafana]({{< relref "../getting-started/build-first-dashboard" >}}), you will have many options to choose from depending on your requirements. For example, if you want to view weather data and statistics about your smart home, then you can create a [playlist]({{< relref "../dashboards/create-manage-playlists" >}}). If you are the administrator for an enterprise and are managing Grafana for multiple teams, then you can set up [provisioning]({{< relref "../administration/provisioning" >}}) and [authentication]({{< relref "../setup-grafana/configure-security/configure-authentication" >}}).
The following sections provide an overview of Grafana features and links to product documentation to help you learn more. For more guidance and ideas, check out our [Grafana Community forums](https://community.grafana.com/).
## Explore metrics, logs, and traces
Explore your data through ad-hoc queries and dynamic drilldown. Split view and compare different time ranges, queries and data sources side by side. Refer to [Explore]({{< relref "../explore/" >}}) for more information.
Explore your data through ad-hoc queries and dynamic drilldown. Split view and compare different time ranges, queries and data sources side by side. Refer to [Explore]({{< relref "../explore" >}}) for more information.
## Alerts
If you're using Grafana Alerting, then you can have alerts sent through a number of different alert notifiers, including PagerDuty, SMS, email, VictorOps, OpsGenie, or Slack.
Alert hooks allow you to create different notifiers with a bit of code if you prefer some other channels of communication. Visually define [alert rules]({{< relref "../alerting/alerting-rules/" >}}) for your most important metrics.
Alert hooks allow you to create different notifiers with a bit of code if you prefer some other channels of communication. Visually define [alert rules]({{< relref "../alerting/alerting-rules" >}}) for your most important metrics.
## Annotations
@ -38,17 +39,17 @@ Templating allows you to drill down into your data, say, from all data to North
## Configure Grafana
If you're a Grafana administrator, then you'll want to thoroughly familiarize yourself with [Grafana configuration options]({{< relref "../setup-grafana/configure-grafana/" >}}) and the [Grafana CLI]({{< relref "../cli.md" >}}).
If you're a Grafana administrator, then you'll want to thoroughly familiarize yourself with [Grafana configuration options]({{< relref "../setup-grafana/configure-grafana" >}}) and the [Grafana CLI]({{< relref "../cli" >}}).
Configuration covers both config files and environment variables. You can set up default ports, logging levels, email IP addresses, security, and more.
## Import dashboards and plugins
Discover hundreds of [dashboards](https://grafana.com/grafana/dashboards) and [plugins](https://grafana.com/grafana/plugins) in the official library. Thanks to the passion and momentum of community members, new ones are added every week.
Discover hundreds of [dashboards](/grafana/dashboards) and [plugins](/grafana/plugins) in the official library. Thanks to the passion and momentum of community members, new ones are added every week.
## Authentication
Grafana supports different authentication methods, such as LDAP and OAuth, and allows you to map users to organizations. Refer to the [User authentication overview]({{< relref "../setup-grafana/configure-security/configure-authentication/" >}}) for more information.
Grafana supports different authentication methods, such as LDAP and OAuth, and allows you to map users to organizations. Refer to the [User authentication overview]({{< relref "../setup-grafana/configure-security/configure-authentication" >}}) for more information.
In Grafana Enterprise, you can also map users to teams: If your company has its own authentication system, Grafana allows you to map the teams in your internal systems to teams in Grafana. That way, you can automatically give people access to the dashboards designated for their teams. Refer to [Grafana Enterprise]({{< relref "./grafana-enterprise" >}}) for more information.
@ -56,20 +57,20 @@ In Grafana Enterprise, you can also map users to teams: If your company has its
While it's easy to click, drag, and drop to create a single dashboard, power users in need of many dashboards will want to automate the setup with a script. You can script anything in Grafana.
For example, if you're spinning up a new Kubernetes cluster, you can also spin up a Grafana automatically with a script that would have the right server, IP address, and data sources preset and locked in so users cannot change them. It's also a way of getting control over a lot of dashboards. Refer to [Provisioning]({{< relref "../administration/provisioning/" >}}) for more information.
For example, if you're spinning up a new Kubernetes cluster, you can also spin up a Grafana automatically with a script that would have the right server, IP address, and data sources preset and locked in so users cannot change them. It's also a way of getting control over a lot of dashboards. Refer to [Provisioning]({{< relref "../administration/provisioning" >}}) for more information.
## Permissions
When organizations have one Grafana and multiple teams, they often want the ability to both keep things separate and share dashboards. You can create a team of users and then set permissions on [folders and dashboards]({{< relref "../administration/user-management/manage-dashboard-permissions/" >}}), and down to the [data source level]({{< relref "../administration/data-source-management#data-source-permissions" >}}) if you're using [Grafana Enterprise]({{< relref "./grafana-enterprise" >}}).
When organizations have one Grafana and multiple teams, they often want the ability to both keep things separate and share dashboards. You can create a team of users and then set permissions on [folders and dashboards]({{< relref "../administration/user-management/manage-dashboard-permissions" >}}), and down to the [data source level]({{< relref "../administration/data-source-management#data-source-permissions" >}}) if you're using [Grafana Enterprise]({{< relref "./grafana-enterprise" >}}).
## Other Grafana Labs OSS Projects
In addition to Grafana, Grafana Labs also provides the following open source projects:
**Grafana Loki:** Grafana Loki is an open source, set of components that can be composed into a fully featured logging stack. For more information, refer to [Grafana Loki documentation](https://grafana.com/docs/loki/latest/).
**Grafana Loki:** Grafana Loki is an open source, set of components that can be composed into a fully featured logging stack. For more information, refer to [Grafana Loki documentation](/docs/loki/latest/).
**Grafana Tempo:** Grafana Tempo is an open source, easy-to-use and high-volume distributed tracing backend. For more information, refer to [Grafana Tempo documentation](https://grafana.com/docs/tempo/latest/?pg=oss-tempo&plcmt=hero-txt/).
**Grafana Tempo:** Grafana Tempo is an open source, easy-to-use and high-volume distributed tracing backend. For more information, refer to [Grafana Tempo documentation](/docs/tempo/latest/?pg=oss-tempo&plcmt=hero-txt/).
**Grafana Mimir:** Grafana Mimir is an open source software project that provides a scalable long-term storage for Prometheus. For more information about Grafana Mimir, refer to [Grafana Mimir documentation](https://grafana.com/docs/mimir/latest/).
**Grafana Mimir:** Grafana Mimir is an open source software project that provides a scalable long-term storage for Prometheus. For more information about Grafana Mimir, refer to [Grafana Mimir documentation](/docs/mimir/latest/).
**Grafana Phlare:** Grafana Phlare is an open-source software project for aggregating continuous profiling data. Continuous profiling is an observability signal that enables you to understand your workload's resource (CPU, memory, etc.) usage to the exact line number. For more information about using Grafana Phlare, refer to [Grafana Phlare documentation](https://grafana.com/docs/phlare/latest/).
**Grafana Phlare:** Grafana Phlare is an open-source software project for aggregating continuous profiling data. Continuous profiling is an observability signal that enables you to understand your workload's resource (CPU, memory, etc.) usage to the exact line number. For more information about using Grafana Phlare, refer to [Grafana Phlare documentation](/docs/phlare/latest/).
Grafana Enterprise is a commercial edition of Grafana that includes additional features not found in the open source version.
Building on everything you already know and love about Grafana open source, Grafana Enterprise includes [exclusive datasource plugins]({{< relref "#enterprise-data-sources">}}) and [additional features]({{< relref "#enterprise-features">}}). You also get 24x7x365 support and training from the core Grafana team.
Building on everything you already know and love about Grafana open source, Grafana Enterprise includes [exclusive datasource plugins]({{< relref "#enterprise-data-sources">}}) and [additional features]({{< relref "#enterprise-features">}}). You also get 24x7x365 support and training from the core Grafana team.
To learn more about Grafana Enterprise, refer to [our product page](https://grafana.com/enterprise).
To learn more about Grafana Enterprise, refer to [our product page](/enterprise).
## Enterprise features in Grafana Cloud
Many Grafana Enterprise features are also available in [Grafana Cloud](/docs/grafana-cloud) Free, Pro, and Advanced accounts. For details, refer to [the Grafana Cloud features table](https://grafana.com/pricing/#featuresTable).
Many Grafana Enterprise features are also available in [Grafana Cloud](/docs/grafana-cloud) Free, Pro, and Advanced accounts. For details, refer to [the Grafana Cloud features table](/pricing/#featuresTable).
## Authentication
@ -27,69 +27,69 @@ Grafana Enterprise includes integrations with more ways to authenticate your use
### Team sync
[Team sync]({{< relref "../setup-grafana/configure-security/configure-team-sync/" >}}) allows you to set up synchronization between teams in Grafana and teams in your auth provider so that your users automatically end up in the right team.
[Team sync]({{< relref "../setup-grafana/configure-security/configure-team-sync" >}}) allows you to set up synchronization between teams in Grafana and teams in your auth provider so that your users automatically end up in the right team.
With [enhanced LDAP integration]({{< relref "../setup-grafana/configure-security/configure-authentication/enhanced-ldap/" >}}), you can set up active LDAP synchronization.
With [enhanced LDAP integration]({{< relref "../setup-grafana/configure-security/configure-authentication/enhanced-ldap" >}}), you can set up active LDAP synchronization.
### SAML authentication
[SAML authentication]({{< relref "../setup-grafana/configure-security/configure-authentication/saml/" >}}) enables users to authenticate with single sign-on services that use Security Assertion Markup Language (SAML).
[SAML authentication]({{< relref "../setup-grafana/configure-security/configure-authentication/saml" >}}) enables users to authenticate with single sign-on services that use Security Assertion Markup Language (SAML).
### Protected roles
With [protected roles]({{< relref "../setup-grafana/configure-security/configure-authentication/#protected-roles" >}}), you can define user roles that are exempt from being converted from one authentication type to another when changing auth providers.
With [protected roles]({{< relref "../setup-grafana/configure-security/configure-authentication#protected-roles" >}}), you can define user roles that are exempt from being converted from one authentication type to another when changing auth providers.
## Enterprise features
Grafana Enterprise adds the following features:
- [Role-based access control]({{< relref "../administration/roles-and-permissions/access-control/" >}}) to control access with role-based permissions.
- [Role-based access control]({{< relref "../administration/roles-and-permissions/access-control" >}}) to control access with role-based permissions.
- [Data source permissions]({{< relref "../administration/data-source-management#data-source-permissions" >}}) to restrict query access to specific teams and users.
- [Data source query caching]({{< relref "../administration/data-source-management/#query-caching" >}}) to temporarily store query results in Grafana to reduce data source load and rate limiting.
- [Reporting]({{< relref "../dashboards/create-reports/" >}}) to generate a PDF report from any dashboard and set up a schedule to have it emailed to whomever you choose.
- [Export dashboard as PDF]({{< relref "../dashboards/share-dashboards-panels/#export-dashboard-as-pdf" >}})
- [Custom branding]({{< relref "../setup-grafana/configure-grafana/configure-custom-branding/" >}}) to customize Grafana from the brand and logo to the footer links.
- [Usage insights]({{< relref "../dashboards/assess-dashboard-usage/" >}}) to understand how your Grafana instance is used.
- [Data source query caching]({{< relref "../administration/data-source-management#query-caching" >}}) to temporarily store query results in Grafana to reduce data source load and rate limiting.
- [Reporting]({{< relref "../dashboards/create-reports" >}}) to generate a PDF report from any dashboard and set up a schedule to have it emailed to whomever you choose.
- [Export dashboard as PDF]({{< relref "../dashboards/share-dashboards-panels#export-dashboard-as-pdf" >}})
- [Custom branding]({{< relref "../setup-grafana/configure-grafana/configure-custom-branding" >}}) to customize Grafana from the brand and logo to the footer links.
- [Usage insights]({{< relref "../dashboards/assess-dashboard-usage" >}}) to understand how your Grafana instance is used.
- [Recorded queries]({{< relref "../administration/recorded-queries" >}}) to see trends over time for your data sources.
- [Vault integration]({{< relref "../setup-grafana/configure-security/configure-database-encryption/#encrypting-your-database-with-a-key-from-a-key-management-service-kms" >}}) to manage your configuration or provisioning secrets with Vault.
- [Auditing]({{< relref "../setup-grafana/configure-security/audit-grafana/" >}}) tracks important changes to your Grafana instance to help you manage and mitigate suspicious activity and meet compliance requirements.
- [Request security]({{< relref "../setup-grafana/configure-security/configure-request-security/" >}}) makes it possible to restrict outgoing requests from the Grafana server.
- [Vault integration]({{< relref "../setup-grafana/configure-security/configure-database-encryption#encrypting-your-database-with-a-key-from-a-key-management-service-kms" >}}) to manage your configuration or provisioning secrets with Vault.
- [Auditing]({{< relref "../setup-grafana/configure-security/audit-grafana" >}}) tracks important changes to your Grafana instance to help you manage and mitigate suspicious activity and meet compliance requirements.
- [Request security]({{< relref "../setup-grafana/configure-security/configure-request-security" >}}) makes it possible to restrict outgoing requests from the Grafana server.
- [Settings updates at runtime]({{< relref "../setup-grafana/configure-grafana/settings-updates-at-runtime" >}}) allows you to update Grafana settings at runtime without requiring a restart.
## Enterprise data sources
With a Grafana Enterprise license, you also get access to premium data sources, including:
If you are running Grafana in a Docker image, then you configure Grafana using [environment variables]({{< relref "./configure-grafana/#override-configuration-with-environment-variables" >}}) rather than directly editing the configuration file. If you want to save your data, then you also need to designate persistent storage or bind mounts for the Grafana container.
If you are running Grafana in a Docker image, then you configure Grafana using [environment variables]({{< relref "./configure-grafana#override-configuration-with-environment-variables" >}}) rather than directly editing the configuration file. If you want to save your data, then you also need to designate persistent storage or bind mounts for the Grafana container.
> **Note:** These examples use the Grafana Enterprise docker image. You can use the Grafana Open Source edition by changing the docker image to `grafana/grafana-oss`.
@ -59,7 +60,7 @@ The following settings are hard-coded when launching the Grafana Docker containe
## Logging
Logs in the Docker container go to standard out by default, as is common in the Docker world. Change this by setting a different [log mode]({{< relref "./configure-grafana/#mode" >}}).
Logs in the Docker container go to standard out by default, as is common in the Docker world. Change this by setting a different [log mode]({{< relref "./configure-grafana#mode" >}}).
@ -25,7 +25,7 @@ If you installed Grafana using the `deb` or `rpm` packages, then your configurat
### Docker
Refer to [Configure a Grafana Docker image]({{< relref "../configure-docker/" >}}) for information about environmental variables, persistent storage, and building custom Docker images.
Refer to [Configure a Grafana Docker image]({{< relref "../configure-docker" >}}) for information about environmental variables, persistent storage, and building custom Docker images.
The `vault` provider allows you to manage your secrets with [Hashicorp Vault](https://www.hashicorp.com/products/vault).
> Vault provider is only available in Grafana Enterprise v7.1+. For more information, refer to [Vault integration]({{< relref "../configure-security/configure-database-encryption/integrate-with-hashicorp-vault/" >}}) in [Grafana Enterprise]({{< relref "../../introduction/grafana-enterprise" >}}).
> Vault provider is only available in Grafana Enterprise v7.1+. For more information, refer to [Vault integration]({{< relref "../configure-security/configure-database-encryption/integrate-with-hashicorp-vault" >}}) in [Grafana Enterprise]({{< relref "../../introduction/grafana-enterprise" >}}).
<hr/>
@ -173,13 +173,13 @@ Override log path using the command line argument `cfg:default.paths.logs`:
### plugins
Directory where Grafana automatically scans and looks for plugins. For information about manually or automatically installing plugins, refer to [Install Grafana plugins]({{< relref "../../administration/plugin-management/#install-grafana-plugins" >}}).
Directory where Grafana automatically scans and looks for plugins. For information about manually or automatically installing plugins, refer to [Install Grafana plugins]({{< relref "../../administration/plugin-management#install-grafana-plugins" >}}).
**macOS:** By default, the Mac plugin location is: `/usr/local/var/lib/grafana/plugins`.
### provisioning
Folder that contains [provisioning]({{< relref "../../administration/provisioning/" >}}) config files that Grafana will apply on startup. Dashboards will be reloaded when the json files changes.
Folder that contains [provisioning]({{< relref "../../administration/provisioning" >}}) config files that Grafana will apply on startup. Dashboards will be reloaded when the json files changes.
<hr/>
@ -416,7 +416,7 @@ Set to `true` to add metrics and tracing for database queries. The default value
## [remote_cache]
Caches authentication details and session information in the configured database, Redis or Memcached. This setting does not configure [Query Caching in Grafana Enterprise]({{< relref "../../administration/data-source-management/#query-caching" >}}).
Caches authentication details and session information in the configured database, Redis or Memcached. This setting does not configure [Query Caching in Grafana Enterprise]({{< relref "../../administration/data-source-management#query-caching" >}}).
### type
@ -764,7 +764,7 @@ For SQL data sources (MySql, Postgres, MSSQL) you can override the default maxim
Set to `false` to prohibit users from being able to sign up / create
user accounts. Default is `false`. The admin user can still create
users. For more information about creating a user, refer to [Add a user]({{< relref "../../administration/user-management/server-user-management/#add-a-user" >}}).
users. For more information about creating a user, refer to [Add a user]({{< relref "../../administration/user-management/server-user-management#add-a-user" >}}).
### allow_org_create
@ -824,7 +824,7 @@ If you manage users externally you can replace the user invite button for organi
### viewers_can_edit
Viewers can access and use [Explore]({{< relref "../../explore/" >}}) and perform temporary edits on panels in dashboards they have access to. They cannot save their changes. Default is `false`.
Viewers can access and use [Explore]({{< relref "../../explore" >}}) and perform temporary edits on panels in dashboards they have access to. They cannot save their changes. Default is `false`.
### editors_can_admin
@ -845,7 +845,7 @@ This is a comma-separated list of usernames. Users specified here are hidden in
## [auth]
Grafana provides many ways to authenticate users. Refer to the Grafana [Authentication overview]({{< relref "../configure-security/configure-authentication/" >}}) and other authentication documentation for detailed instructions on how to set up and configure authentication.
Grafana provides many ways to authenticate users. Refer to the Grafana [Authentication overview]({{< relref "../configure-security/configure-authentication" >}}) and other authentication documentation for detailed instructions on how to set up and configure authentication.
### login_cookie_name
@ -897,7 +897,7 @@ If you want to change the `oauth_skip_org_role_update_sync` setting to `false`,
> **Warning**: Currently if no organization role mapping is found for a user, Grafana doesn't update the user's organization role.
> With Grafana 10, if `oauth_skip_org_role_update_sync` option is set to `false`, users with no mapping will be
> reset to the default organization role on every login. [See `auto_assign_org_role` option]({{< relref ".#auto_assign_org_role" >}}).
> reset to the default organization role on every login. [See `auto_assign_org_role` option]({{< relref "#auto_assign_org_role" >}}).
### skip_org_role_sync
@ -1001,25 +1001,25 @@ Set to `true` to enable verbose request signature logging when AWS Signature Ver
## [auth.anonymous]
Refer to [Anonymous authentication]({{< relref "../configure-security/configure-authentication/grafana/#anonymous-authentication" >}}) for detailed instructions.
Refer to [Anonymous authentication]({{< relref "../configure-security/configure-authentication/grafana#anonymous-authentication" >}}) for detailed instructions.
<hr/>
## [auth.github]
Refer to [GitHub OAuth2 authentication]({{< relref "../configure-security/configure-authentication/github/" >}}) for detailed instructions.
Refer to [GitHub OAuth2 authentication]({{< relref "../configure-security/configure-authentication/github" >}}) for detailed instructions.
<hr/>
## [auth.gitlab]
Refer to [Gitlab OAuth2 authentication]({{< relref "../configure-security/configure-authentication/gitlab/" >}}) for detailed instructions.
Refer to [Gitlab OAuth2 authentication]({{< relref "../configure-security/configure-authentication/gitlab" >}}) for detailed instructions.
<hr/>
## [auth.google]
Refer to [Google OAuth2 authentication]({{< relref "../configure-security/configure-authentication/google/" >}}) for detailed instructions.
Refer to [Google OAuth2 authentication]({{< relref "../configure-security/configure-authentication/google" >}}) for detailed instructions.
<hr/>
@ -1037,37 +1037,37 @@ Legacy key names, still in the config file so they work in env variables.
## [auth.azuread]
Refer to [Azure AD OAuth2 authentication]({{< relref "../configure-security/configure-authentication/azuread/" >}}) for detailed instructions.
Refer to [Azure AD OAuth2 authentication]({{< relref "../configure-security/configure-authentication/azuread" >}}) for detailed instructions.
<hr/>
## [auth.okta]
Refer to [Okta OAuth2 authentication]({{< relref "../configure-security/configure-authentication/okta/" >}}) for detailed instructions.
Refer to [Okta OAuth2 authentication]({{< relref "../configure-security/configure-authentication/okta" >}}) for detailed instructions.
<hr/>
## [auth.generic_oauth]
Refer to [Generic OAuth authentication]({{< relref "../configure-security/configure-authentication/generic-oauth/" >}}) for detailed instructions.
Refer to [Generic OAuth authentication]({{< relref "../configure-security/configure-authentication/generic-oauth" >}}) for detailed instructions.
<hr/>
## [auth.basic]
Refer to [Basic authentication]({{< relref "../configure-security/configure-authentication/#basic-authentication" >}}) for detailed instructions.
Refer to [Basic authentication]({{< relref "../configure-security/configure-authentication#basic-authentication" >}}) for detailed instructions.
<hr/>
## [auth.proxy]
Refer to [Auth proxy authentication]({{< relref "../configure-security/configure-authentication/auth-proxy/" >}}) for detailed instructions.
Refer to [Auth proxy authentication]({{< relref "../configure-security/configure-authentication/auth-proxy" >}}) for detailed instructions.
<hr/>
## [auth.ldap]
Refer to [LDAP authentication]({{< relref "../configure-security/configure-authentication/ldap/" >}}) for detailed instructions.
Refer to [LDAP authentication]({{< relref "../configure-security/configure-authentication/ldap" >}}) for detailed instructions.
## [aws]
@ -1142,7 +1142,7 @@ By default is the same as used in AAD authentication or can be set to another ap
## [auth.jwt]
Refer to [JWT authentication]({{< relref "../configure-security/configure-authentication/jwt/" >}}) for more information.
Refer to [JWT authentication]({{< relref "../configure-security/configure-authentication/jwt" >}}) for more information.
<hr/>
@ -1408,7 +1408,7 @@ Sets a global limit on number of correlations that can be created. Default is -1
## [unified_alerting]
For more information about the Grafana alerts, refer to [About Grafana Alerting]({{< relref "../../alerting/" >}}).
For more information about the Grafana alerts, refer to [About Grafana Alerting]({{< relref "../../alerting" >}}).
### enabled
@ -1468,21 +1468,21 @@ The interval string is a possibly signed sequence of decimal numbers, followed b
### execute_alerts
Enable or disable alerting rule execution. The default value is `true`. The alerting UI remains visible. This option has a [legacy version in the alerting section]({{< relref "#execute_alerts-1">}}) that takes precedence.
Enable or disable alerting rule execution. The default value is `true`. The alerting UI remains visible. This option has a [legacy version in the alerting section]({{< relref "#execute_alerts-1">}}) that takes precedence.
### evaluation_timeout
Sets the alert evaluation timeout when fetching data from the datasource. The default value is `30s`. This option has a [legacy version in the alerting section]({{< relref "#evaluation_timeout_seconds">}}) that takes precedence.
Sets the alert evaluation timeout when fetching data from the datasource. The default value is `30s`. This option has a [legacy version in the alerting section]({{< relref "#evaluation_timeout_seconds">}}) that takes precedence.
The timeout string is a possibly signed sequence of decimal numbers, followed by a unit suffix (ms, s, m, h, d), e.g. 30s or 1m.
### max_attempts
Sets a maximum number of times we'll attempt to evaluate an alert rule before giving up on that evaluation. The default value is `3`. This option has a [legacy version in the alerting section]({{< relref "#max_attempts-1">}}) that takes precedence.
Sets a maximum number of times we'll attempt to evaluate an alert rule before giving up on that evaluation. The default value is `3`. This option has a [legacy version in the alerting section]({{< relref "#max_attempts-1">}}) that takes precedence.
### min_interval
Sets the minimum interval to enforce between rule evaluations. The default value is `10s` which equals the scheduler interval. Rules will be adjusted if they are less than this value or if they are not multiple of the scheduler interval (10s). Higher values can help with resource management as we'll schedule fewer evaluations over time. This option has [a legacy version in the alerting section]({{< relref "#min_interval_seconds">}}) that takes precedence.
Sets the minimum interval to enforce between rule evaluations. The default value is `10s` which equals the scheduler interval. Rules will be adjusted if they are less than this value or if they are not multiple of the scheduler interval (10s). Higher values can help with resource management as we'll schedule fewer evaluations over time. This option has [a legacy version in the alerting section]({{< relref "#min_interval_seconds">}}) that takes precedence.
The interval string is a possibly signed sequence of decimal numbers, followed by a unit suffix (ms, s, m, h, d), e.g. 30s or 1m.
@ -1492,7 +1492,7 @@ The interval string is a possibly signed sequence of decimal numbers, followed b
## [unified_alerting.screenshots]
For more information about screenshots, refer to [Images in notifications]({{< relref "../../alerting/manage-notifications/images-in-notifications">}}).
For more information about screenshots, refer to [Images in notifications]({{< relref "../../alerting/manage-notifications/images-in-notifications">}}).
### capture
@ -1510,7 +1510,7 @@ Uploads screenshots to the local Grafana server or remote storage such as Azure,
## [unified_alerting.reserved_labels]
For more information about Grafana Reserved Labels, refer to [Labels in Grafana Alerting](https://grafana.com/docs/grafana/next/alerting/fundamentals/annotation-label/how-to-use-labels/)
For more information about Grafana Reserved Labels, refer to [Labels in Grafana Alerting](/docs/grafana/next/alerting/fundamentals/annotation-label/how-to-use-labels/)
### disabled_labels
@ -1522,11 +1522,11 @@ For example: `disabled_labels=grafana_folder`
## [alerting]
For more information about the legacy dashboard alerting feature in Grafana, refer to [the legacy Grafana alerts](https://grafana.com/docs/grafana/v8.5/alerting/old-alerting/).
For more information about the legacy dashboard alerting feature in Grafana, refer to [the legacy Grafana alerts](/docs/grafana/v8.5/alerting/old-alerting/).
### enabled
Set to `true` to [enable legacy dashboard alerting]({{<relref "#unified_alerting">}}). The default value is `false`.
Set to `true` to [enable legacy dashboard alerting]({{<relref "#unified_alerting">}}). The default value is `false`.
### execute_alerts
@ -1614,7 +1614,7 @@ Configures max number of API annotations that Grafana keeps. Default value is 0,
## [explore]
For more information about this feature, refer to [Explore]({{< relref "../../explore/" >}}).
For more information about this feature, refer to [Explore]({{< relref "../../explore" >}}).
### enabled
@ -1646,7 +1646,7 @@ Enable or disable the Query history. Default is `enabled`.
## [metrics]
For detailed instructions, refer to [Internal Grafana metrics]({{< relref "../set-up-grafana-monitoring/" >}}).
For detailed instructions, refer to [Internal Grafana metrics]({{< relref "../set-up-grafana-monitoring" >}}).
### enabled
@ -1983,13 +1983,13 @@ Set to `true` if you want to test alpha plugins that are not yet ready for gener
Enter a comma-separated list of plugin identifiers to identify plugins to load even if they are unsigned. Plugins with modified signatures are never loaded.
We do _not_ recommend using this option. For more information, refer to [Plugin signatures]({{< relref "../../administration/plugin-management/#plugin-signatures" >}}).
We do _not_ recommend using this option. For more information, refer to [Plugin signatures]({{< relref "../../administration/plugin-management#plugin-signatures" >}}).
### plugin_admin_enabled
Available to Grafana administrators only, enables installing / uninstalling / updating plugins directly from the Grafana UI. Set to `true` by default. Setting it to `false` will hide the install / uninstall / update controls.
For more information, refer to [Plugin catalog]({{< relref "../../administration/plugin-management/#plugin-catalog" >}}).
For more information, refer to [Plugin catalog]({{< relref "../../administration/plugin-management#plugin-catalog" >}}).
### plugin_admin_external_manage_enabled
@ -2013,7 +2013,7 @@ Enter a comma-separated list of plugin identifiers to hide in the plugin catalog
The `max_connections` option specifies the maximum number of connections to the Grafana Live WebSocket endpoint per Grafana server instance. Default is `100`.
Refer to [Grafana Live configuration documentation]({{< relref "../set-up-grafana-live/" >}}) if you specify a number higher than default since this can require some operating system and infrastructure tuning.
Refer to [Grafana Live configuration documentation]({{< relref "../set-up-grafana-live" >}}) if you specify a number higher than default since this can require some operating system and infrastructure tuning.
0 disables Grafana Live, -1 means unlimited connections.
Custom branding allows you to replace the Grafana brand and logo with your own corporate brand and logo.
> **Note:** Available in [Grafana Enterprise]({{< relref "../../../introduction/grafana-enterprise/" >}}) and [Grafana Cloud Advanced](/docs/grafana-cloud).
> **Note:** Available in [Grafana Enterprise]({{< relref "../../../introduction/grafana-enterprise" >}}) and [Grafana Cloud Advanced](/docs/grafana-cloud).
Grafana Enterprise has custom branding options in the `grafana.ini` file. As with all configuration options, you can also set them with environment variables.
@ -32,7 +32,7 @@ You can change the following elements:
The configuration file in Grafana Enterprise contains the following options. Each option is defined in the file. For more information about configuring Grafana, refer to [Configuration]({{< relref "../../configure-grafana/" >}}).
The configuration file in Grafana Enterprise contains the following options. Each option is defined in the file. For more information about configuring Grafana, refer to [Configuration]({{< relref "../../configure-grafana" >}}).
This page describes Grafana Enterprise-specific configuration options that you can specify in a `.ini` configuration file or using environment variables. Refer to [Configuration]({{< relref "../" >}}) for more information about available configuration options.
This page describes Grafana Enterprise-specific configuration options that you can specify in a `.ini` configuration file or using environment variables. Refer to [Configuration]({{< relref "../../configure-grafana" >}}) for more information about available configuration options.
## [enterprise]
@ -39,7 +39,7 @@ automatically. Defaults to `true`.
> **Note:** Available in Grafana Enterprise version 8.3 and later.
When set to `aws`, Grafana will validate its license status with Amazon Web Services (AWS) instead of with Grafana Labs. Only use this setting if you purchased an Enterprise license from AWS Marketplace. Defaults to empty, which means that by default Grafana Enterprise will validate using a license issued by Grafana Labs. For details about licenses issued by AWS, refer to [Activate a Grafana Enterprise license purchased through AWS Marketplace]({{< relref "../../../administration/enterprise-licensing/activate-aws-marketplace-license/" >}}).
When set to `aws`, Grafana will validate its license status with Amazon Web Services (AWS) instead of with Grafana Labs. Only use this setting if you purchased an Enterprise license from AWS Marketplace. Defaults to empty, which means that by default Grafana Enterprise will validate using a license issued by Grafana Labs. For details about licenses issued by AWS, refer to [Activate a Grafana Enterprise license purchased through AWS Marketplace]({{< relref "../../../administration/enterprise-licensing/activate-aws-marketplace-license" >}}).
## [white_labeling]
@ -78,7 +78,7 @@ List the link IDs to use here. Grafana will look for matching link configuration
## [usage_insights.export]
By [exporting usage logs]({{< relref "../../configure-security/export-logs/" >}}), you can directly query them and create dashboards of the information that matters to you most, such as dashboard errors, most active organizations, or your top-10 most-used queries.
By [exporting usage logs]({{< relref "../../configure-security/export-logs" >}}), you can directly query them and create dashboards of the information that matters to you most, such as dashboard errors, most active organizations, or your top-10 most-used queries.
### enabled
@ -166,7 +166,7 @@ Name of the TrueType font file with italic style.
## [auditing]
[Auditing]({{< relref "../../configure-security/audit-grafana/" >}}) allows you to track important changes to your Grafana instance. By default, audit logs are logged to file but the auditing feature also supports sending logs directly to Loki.
[Auditing]({{< relref "../../configure-security/audit-grafana" >}}) allows you to track important changes to your Grafana instance. By default, audit logs are logged to file but the auditing feature also supports sending logs directly to Loki.
### enabled
@ -386,7 +386,7 @@ Setting 'enabled' to `true` allows users to configure query caching for data sou
This value is `true` by default.
> **Note:** This setting enables the caching feature, but it does not turn on query caching for any data source. To turn on query caching for a data source, update the setting on the data source configuration page. For more information, refer to the [query caching docs]({{< relref "../../../administration/data-source-management/#enable-and-configure-query-caching" >}}).
> **Note:** This setting enables the caching feature, but it does not turn on query caching for any data source. To turn on query caching for a data source, update the setting on the data source configuration page. For more information, refer to the [query caching docs]({{< relref "../../../administration/data-source-management#enable-and-configure-query-caching" >}}).
You use feature toggles, also known as feature flags, to turn experimental or beta features on and off in Grafana. Although we do not recommend using these features in production, you can turn on feature toggles to try out new functionality in development or test environments.
This page contains a list of available feature toggles. To learn how to turn on feature toggles, refer to our [Configure Grafana documentation]({{< relref "../_index.md/#feature_toggles" >}}). Feature toggles are also available to Grafana Cloud Advanced customers. If you use Grafana Cloud Advanced, you can open a support ticket and specify the feature toggles and stack for which you want them enabled.
This page contains a list of available feature toggles. To learn how to turn on feature toggles, refer to our [Configure Grafana documentation]({{< relref "../_index.md#feature_toggles" >}}). Feature toggles are also available to Grafana Cloud Advanced customers. If you use Grafana Cloud Advanced, you can open a support ticket and specify the feature toggles and stack for which you want them enabled.
## Stable feature toggles
@ -113,7 +113,7 @@ Alpha features might be changed or removed without prior notice.
## Development feature toggles
The following toggles require explicitly setting Grafana's [app mode]({{< relref "../_index.md/#app_mode" >}}) to 'development' before you can enable this feature toggle. These features tend to be experimental.
The following toggles require explicitly setting Grafana's [app mode]({{< relref "../_index.md#app_mode" >}}) to 'development' before you can enable this feature toggle. These features tend to be experimental.
By updating settings at runtime, you can update Grafana settings without needing to restart the Grafana server.
Updates that happen at runtime are stored in the database and override
[settings from other sources]({{< relref "../../configure-grafana/" >}})
[settings from other sources]({{< relref "../../configure-grafana" >}})
(arguments, environment variables, settings file, etc). Therefore, every time a specific setting key is removed at runtime,
the value used for that key is the inherited one from the other sources in the reverse order of precedence
(`arguments > environment variables > settings file`). When no value is provided through any of these options, then the value used will be the application default
@ -26,7 +26,7 @@ Currently, **it only supports updates on the `auth.saml` section.**
## Update settings via the API
You can update settings through the [Admin API]({{< relref "../../../developers/http_api/admin/#update-settings" >}}).
You can update settings through the [Admin API]({{< relref "../../../developers/http_api/admin#update-settings" >}}).
When you submit a settings update via API, Grafana verifies if the given settings updates are allowed and valid. If they are, then Grafana stores the settings in the database and reloads
Grafana services with no need to restart the instance.
@ -93,5 +93,5 @@ HTTP API, then the other instances are synchronized through the database and the
## Control access with role-based access control
If you have [role-based access control]({{< relref "../../../administration/roles-and-permissions/access-control/" >}}) enabled, you can control who can read or update settings.
Refer to the [Admin API]({{< relref "../../../developers/http_api/admin/#update-settings" >}}) for more information.
If you have [role-based access control]({{< relref "../../../administration/roles-and-permissions/access-control" >}}) enabled, you can control who can read or update settings.
Refer to the [Admin API]({{< relref "../../../developers/http_api/admin#update-settings" >}}) for more information.
@ -15,11 +15,11 @@ To prevent this type of exploitation from happening, we recommend that you apply
## Limit IP addresses/hostnames for data source URL
You can configure Grafana to only allow certain IP addresses or hostnames to be used as data source URLs and proxied through the Grafana data source proxy. Refer to [data_source_proxy_whitelist]({{< relref "../configure-grafana/#data_source_proxy_whitelist" >}}) for usage instructions.
You can configure Grafana to only allow certain IP addresses or hostnames to be used as data source URLs and proxied through the Grafana data source proxy. Refer to [data_source_proxy_whitelist]({{< relref "../configure-grafana#data_source_proxy_whitelist" >}}) for usage instructions.
## Request security
The request security configuration option allows users to limit requests from the Grafana server. It targets requests that are generated by users. For more information, refer to [Request security]({{< relref "configure-request-security/" >}}).
The request security configuration option allows users to limit requests from the Grafana server. It targets requests that are generated by users. For more information, refer to [Request security]({{< relref "./configure-request-security" >}}).
> **Note:** Request security is available in Grafana Enterprise v7.4 and later versions.
@ -41,7 +41,7 @@ Users with the Viewer role can enter _any possible query_ in _any_ of the data s
To address this vulnerability, you can restrict data source query access in the following ways:
- Create multiple data sources with some restrictions added in data source configuration that restrict access (like database name or credentials). Then use the [Data Source Permissions]({{< relref "../../administration/data-source-management/#data-source-permissions" >}}) Enterprise feature to restrict user access to the data source in Grafana.
- Create multiple data sources with some restrictions added in data source configuration that restrict access (like database name or credentials). Then use the [Data Source Permissions]({{< relref "../../administration/data-source-management#data-source-permissions" >}}) Enterprise feature to restrict user access to the data source in Grafana.
- Create a separate Grafana organization, and in that organization, create a separate data source. Make sure the data source has some option/user/credentials setting that limits access to a subset of the data. Not all data sources have an option to limit access.
## Implications of enabling anonymous access to dashboards
@ -21,7 +21,7 @@ Auditing allows you to track important changes to your Grafana instance. By defa
Only API requests or UI actions that trigger an API request generate an audit log.
> **Note:** Available in [Grafana Enterprise]({{< relref "../../introduction/grafana-enterprise/" >}}) version 7.3 and later, and [Grafana Cloud Advanced](/docs/grafana-cloud).
> **Note:** Available in [Grafana Enterprise]({{< relref "../../introduction/grafana-enterprise" >}}) version 7.3 and later, and [Grafana Cloud Advanced](/docs/grafana-cloud).
## Audit logs
@ -139,7 +139,7 @@ to the action when the user requests a report's preview to be sent through email
\* Where `AUTH-MODULE` is the name of the authentication module: `grafana`, `saml`,
`ldap`, etc. \
\*\* Includes manual log out, token expired/revoked, and [SAML Single Logout]({{< relref "configure-authentication/saml/#single-logout" >}}).
\*\* Includes manual log out, token expired/revoked, and [SAML Single Logout]({{< relref "./configure-authentication/saml#single-logout" >}}).
#### Service accounts
@ -370,7 +370,7 @@ Furthermore, you can also record `GET` requests. See below how to configure it.
> **Note:** The auditing feature is disabled by default.
Audit logs can be saved into files, sent to a Loki instance or sent to the Grafana default logger. By default, only the file exporter is enabled.
You can choose which exporter to use in the [configuration file]({{< relref "../configure-grafana/" >}}).
You can choose which exporter to use in the [configuration file]({{< relref "../configure-grafana" >}}).
Options are `file`, `loki`, and `logger`. Use spaces to separate multiple modes, such as `file loki`.
@ -437,4 +437,4 @@ If you have multiple Grafana instances sending logs to the same Loki service or
### Console exporter
Audit logs are sent to the Grafana default logger. The audit logs use the `auditing.console` logger and are logged on `debug`-level, learn how to enable debug logging in the [log configuration]({{< relref "../configure-grafana/#log" >}}) section of the documentation. Accessing the audit logs in this way is not recommended for production use.
Audit logs are sent to the Grafana default logger. The audit logs use the `auditing.console` logger and are logged on `debug`-level, learn how to enable debug logging in the [log configuration]({{< relref "../configure-grafana#log" >}}) section of the documentation. Accessing the audit logs in this way is not recommended for production use.
Grafana provides many ways to authenticate users. Some authentication integrations also enable syncing user permissions and org memberships.
The following table shows all supported authentication providers and the features available for them. [Team sync]({{< relref "../configure-team-sync/" >}}) and [active sync]({{< relref "enhanced-ldap/#active-ldap-synchronization" >}}) are only available in Grafana Enterprise.
| Provider | Support | Role mapping | Team sync<br>_(Enterprise only)_ | Active sync<br>_(Enterprise only)_ |
The following table shows all supported authentication providers and the features available for them. [Team sync]({{< relref "../configure-team-sync" >}}) and [active sync]({{< relref "./enhanced-ldap#active-ldap-synchronization" >}}) are only available in Grafana Enterprise.
| Provider | Support | Role mapping | Team sync<br>_(Enterprise only)_ | Active sync<br>_(Enterprise only)_ |
> **Note:** Available in [Grafana Enterprise]({{< relref "../../../introduction/grafana-enterprise/" >}}) and [Grafana Cloud Advanced]({{< ref "../../../introduction/grafana-cloud" >}}).
> **Note:** Available in [Grafana Enterprise]({{< relref "../../../introduction/grafana-enterprise" >}}) and [Grafana Cloud Advanced]({{< relref "../../../introduction/grafana-cloud" >}}).
By default, after you configure an authorization provider, Grafana will adopt existing users into the new authentication scheme. For example, if you have created a user with basic authentication having the login `jsmith@example.com`, then set up SAML authentication where `jsmith@example.com` is an account, the user's authentication type will be changed to SAML if they perform a SAML sign-in.
You use the `X-WEBAUTH-GROUPS` header to send the team information for each user. Specifically, the set of Grafana's group IDs that the user belongs to.
First, we need to set up the mapping between your authentication provider and Grafana. Follow [these instructions]({{< relref "../../configure-team-sync/#enable-synchronization-for-a-team" >}}) to add groups to a team within Grafana.
First, we need to set up the mapping between your authentication provider and Grafana. Follow [these instructions]({{< relref "../../configure-team-sync#synchronize-a-grafana-team-with-an-external-group" >}}) to add groups to a team within Grafana.
Once that's done. You can verify your mappings by querying the API.
The Azure AD authentication allows you to use an Azure Active Directory tenant as an identity provider for Grafana. You can use Azure AD Application Roles to assign users and groups to Grafana roles from the Azure Portal. This topic has the following sections:
- [Azure AD OAuth2 authentication](#azure-ad-oauth2-authentication)
- [Azure AD OAuth2 authentication](#configure-azure-ad-oauth2-authentication)
- [Create the Azure AD application](#create-the-azure-ad-application)
- [Enable Azure AD OAuth in Grafana](#enable-azure-ad-oauth-in-grafana)
@ -125,7 +125,7 @@ If the setting is set to `false`, the user is assigned the role of `Admin` of th
## Enable Azure AD OAuth in Grafana
1. Add the following to the [Grafana configuration file]({{< relref "../../../configure-grafana/#config-file-locations" >}}):
1. Add the following to the [Grafana configuration file]({{< relref "../../../configure-grafana#configuration-file-location" >}}):
```
[auth.azuread]
@ -152,7 +152,7 @@ GF_AUTH_AZUREAD_CLIENT_ID
GF_AUTH_AZUREAD_CLIENT_SECRET
```
**Note:** Verify that the Grafana [root_url]({{< relref "../../../configure-grafana/#root-url" >}}) is set in your Azure Application Redirect URLs.
**Note:** Verify that the Grafana [root_url]({{< relref "../../../configure-grafana#root_url" >}}) is set in your Azure Application Redirect URLs.
### Configure refresh token
@ -207,7 +207,7 @@ the correct teams.
You can reference Azure AD groups by group object ID, like `8bab1c86-8fba-33e5-2089-1d1c80ec267d`.
To learn more, refer to the [Team Sync]({{< relref "../../configure-team-sync/" >}}) documentation.
To learn more, refer to the [Team Sync]({{< relref "../../configure-team-sync" >}}) documentation.
## Common troubleshooting
@ -255,7 +255,7 @@ their organization membership will be reset to the default organization.
## Skip organization role sync
If Azure AD authentication is not intended to sync user roles and organization membership and prevent the sync of org roles from AzureAD, set `skip_org_role_sync` to `true`. This is useful if you want to manage the organization roles for your users from within Grafana or that your organization roles are synced from another provider.
See [configure-grafana]({{< relref "../../../configure-grafana#authazuread-skip-org-role-sync" >}}) for more details.
See [Configure Grafana]({{< relref "../../../configure-grafana#authazuread" >}}) for more details.
The enhanced LDAP integration adds additional functionality on top of the [LDAP integration]({{< relref "ldap/" >}}) available in the open source edition of Grafana.
The enhanced LDAP integration adds additional functionality on top of the [LDAP integration]({{< relref "../ldap" >}}) available in the open source edition of Grafana.
> **Note:** Available in [Grafana Enterprise]({{< relref "../../../../introduction/grafana-enterprise/" >}}) and [Grafana Cloud Advanced](/docs/grafana-cloud).
> **Note:** Available in [Grafana Enterprise]({{< relref "../../../../introduction/grafana-enterprise" >}}) and [Grafana Cloud Advanced](/docs/grafana-cloud).
> If you are a Grafana Cloud customer, please [open a support ticket in the Cloud Portal](/profile/org#support) to request this feature.
> To control user access with role-based permissions, refer to [role-based access control]({{< relref "../../../../administration/roles-and-permissions/access-control/" >}}).
> To control user access with role-based permissions, refer to [role-based access control]({{< relref "../../../../administration/roles-and-permissions/access-control" >}}).
## LDAP group synchronization for teams
@ -34,7 +34,7 @@ Grafana keeps track of all synchronized users in teams, and you can see which us
This mechanism allows Grafana to remove an existing synchronized user from a team when its LDAP group membership changes. This mechanism also allows you to manually add
a user as member of a team, and it will not be removed when the user signs in. This gives you flexibility to combine LDAP group memberships and Grafana team memberships.
[Learn more about team sync.]({{< relref "../../configure-team-sync/" >}})
[Learn more about team sync.]({{< relref "../../configure-team-sync" >}})
<divclass="clearfix"></div>
@ -67,7 +67,7 @@ sync_cron = "0 1 * * *" # This is default value (At 1 am every day)
active_sync_enabled = true # enabled by default
```
Single bind configuration (as in the [Single bind example]({{< relref "ldap/#single-bind-example" >}})) is not supported with active LDAP synchronization because Grafana needs user information to perform LDAP searches.
Single bind configuration (as in the [Single bind example]({{< relref "../ldap#single-bind-example" >}})) is not supported with active LDAP synchronization because Grafana needs user information to perform LDAP searches.
For the synchronization to work, the `servers.search_filter` and `servers.attributes.username` in the ldap.toml config file must match. By default, the `servers.attributes.username` is `cn`, so if you use another attribute as the search filter, you must also update the username attribute.
@ -62,7 +62,7 @@ You may allow users to sign-up via GitHub authentication by setting the
user successfully authenticating via GitHub authentication will be
automatically signed up.
You can also use [variable expansion]({{< relref "../../../configure-grafana/#variable-expansion" >}}) to reference environment variables and local files in your GitHub auth configuration.
You can also use [variable expansion]({{< relref "../../../configure-grafana#variable-expansion" >}}) to reference environment variables and local files in your GitHub auth configuration.
### GitHub refresh token
@ -130,12 +130,12 @@ You can use GitHub OAuth to map roles. During mapping, Grafana checks for the pr
For the path lookup, Grafana uses JSON obtained from querying GitHub's API [`/api/user`](https://docs.github.com/en/rest/users/users#get-the-authenticated-user=) endpoint and a `groups` key containing all of the user's teams (retrieved from `/api/user/teams`).
The result of evaluating the `role_attribute_path` JMESPath expression must be a valid Grafana role, for example, `Viewer`, `Editor` or `Admin`. For more information about roles and permissions in Grafana, refer to [Roles and permissions]({{< relref "../../../../administration/roles-and-permissions/" >}}).
The result of evaluating the `role_attribute_path` JMESPath expression must be a valid Grafana role, for example, `Viewer`, `Editor` or `Admin`. For more information about roles and permissions in Grafana, refer to [Roles and permissions]({{< relref "../../../../administration/roles-and-permissions" >}}).
> **Warning**: Currently if no organization role mapping is found for a user, Grafana doesn't
> update the user's organization role. This is going to change in Grafana 10. To avoid overriding manually set roles,
> enable the `skip_org_role_sync` option in the [auth.github] section.
> See [configure-grafana]({{< relref "../../../configure-grafana#authgithub-skip-org-role-sync" >}}) for more information.
> See [Configure Grafana]({{< relref "../../../configure-grafana#authgithub" >}}) for more information.
On first login, ifthe`role_attribute_path` property does not return a role, then the user is assigned the role
specified by [the `auto_assign_org_role` option]({{< relref "../../../configure-grafana#auto_assign_org_role" >}}).
@ -202,7 +202,7 @@ Your GitHub teams can be referenced in two ways:
Example: `@grafana/developers`
[Learn more about Team Sync]({{< relref "../../configure-team-sync/" >}})
[Learn more about Team Sync]({{< relref "../../configure-team-sync" >}})
You can use GitLab OAuth to map roles. During mapping, Grafana checks for the presence of a role using the [JMESPath](http://jmespath.org/examples.html) specified via the `role_attribute_path` configuration option.
For the path lookup, Grafana uses JSON obtained from querying GitLab's API [`/api/v4/user`](https://docs.gitlab.com/ee/api/users.html#list-current-user-for-normal-users) endpoint and a `groups` key containing all of the user's teams. The result of evaluating the `role_attribute_path` JMESPath expression must be a valid Grafana role, for example, `Viewer`, `Editor` or `Admin`. For more information about roles and permissions in Grafana, refer to [Roles and permissions]({{< relref "../../../../administration/roles-and-permissions/" >}}).
For the path lookup, Grafana uses JSON obtained from querying GitLab's API [`/api/v4/user`](https://docs.gitlab.com/ee/api/users.html#list-current-user-for-normal-users) endpoint and a `groups` key containing all of the user's teams. The result of evaluating the `role_attribute_path` JMESPath expression must be a valid Grafana role, for example, `Viewer`, `Editor` or `Admin`. For more information about roles and permissions in Grafana, refer to [Roles and permissions]({{< relref "../../../../administration/roles-and-permissions" >}}).
> **Warning**: Currently if no organization role mapping is found for a user, Grafana doesn't
> update the user's organization role. This is going to change in Grafana 10. To avoid overriding manually set roles,
> enable the `skip_org_role_sync` option.
> See [configure-grafana]({{< relref "../../../configure-grafana#authgitlab-skip-org-role-sync" >}}) for more information.
> See [Configure Grafana]({{< relref "../../../configure-grafana#authgitlab" >}}) for more information.
On first login, ifthe`role_attribute_path` property does not return a role, then the user is assigned the role
specified by [the `auto_assign_org_role` option]({{< relref "../../../configure-grafana#auto_assign_org_role" >}}).
@ -224,7 +224,7 @@ the correct teams.
Your GitLab groups can be referenced in the same way as `allowed_groups`, like `example` or `foo/bar`.
[Learn more about Team Sync]({{< relref "../../configure-team-sync/" >}})
[Learn more about Team Sync]({{< relref "../../configure-team-sync" >}})
@ -27,7 +27,7 @@ First, you need to create a Google OAuth Client:
## Enable Google OAuth in Grafana
Specify the Client ID and Secret in the [Grafana configuration file]({{< relref "../../../configure-grafana/#config-file-locations" >}}). For example:
Specify the Client ID and Secret in the [Grafana configuration file]({{< relref "../../../configure-grafana#configuration-file-location" >}}). For example:
You can make Grafana accessible without any login required by enabling anonymous access in the configuration file. For more information, refer to [Implications of allowing anonymous access to dashboards]({{< relref "../#implications-of-enabling-anonymous-access-to-dashboards" >}}).
You can make Grafana accessible without any login required by enabling anonymous access in the configuration file. For more information, refer to [Anonymous authentication]({{< relref "../../configure-authentication#anonymous-authentication" >}}).
Keycloak OAuth2 authentication allows users to log in to Grafana using their Keycloak credentials. This guide explains how to set up Keycloak as an authentication provider in Grafana.
Refer to [Generic OAuth authentication](../generic-oauth) for extra configuration options available for this provider.
Refer to [Generic OAuth authentication]({{< relref "../generic-oauth" >}}) for extra configuration options available for this provider.
You may have to set the `root_url` option of `[server]` for the callback URL to be
correct. For example in case you are serving Grafana behind a proxy.
@ -88,9 +88,9 @@ viewer
## Teamsync
> **Note:** Available in [Grafana Enterprise](../../../../introduction/grafana-enterprise) and [Grafana Cloud Advanced](/docs/grafana-cloud/).
> **Note:** Available in [Grafana Enterprise]({{< relref "../../../../introduction/grafana-enterprise" >}}) and [Grafana Cloud Advanced](/docs/grafana-cloud/).
[Teamsync](../../configure-team-sync/) is a feature that allows you to map groups from your identity provider to Grafana teams. This is useful if you want to give your users access to specific dashboards or folders based on their group membership.
[Teamsync]({{< relref "../../configure-team-sync" >}}) is a feature that allows you to map groups from your identity provider to Grafana teams. This is useful if you want to give your users access to specific dashboards or folders based on their group membership.
To enable teamsync, you need to add a `groups` mapper to the client configuration in Keycloak.
This will add the `groups` claim to the id_token. You can then use the `groups` claim to map groups to teams in Grafana.
The LDAP integration in Grafana allows your Grafana users to login with their LDAP credentials. You can also specify mappings between LDAP
group memberships and Grafana Organization user roles.
> [Enhanced LDAP authentication]({{< relref "../enhanced-ldap/" >}}) is available in [Grafana Cloud Advanced](/docs/grafana-cloud/) and in [Grafana Enterprise]({{< relref "../../../../introduction/grafana-enterprise/" >}}).
> [Enhanced LDAP authentication]({{< relref "../enhanced-ldap" >}}) is available in [Grafana Cloud Advanced](/docs/grafana-cloud/) and in [Grafana Enterprise]({{< relref "../../../../introduction/grafana-enterprise" >}}).
> Refer to [Role-based access control]({{< relref "../../../../administration/roles-and-permissions/access-control/" >}}) to understand how you can control access with role-based permissions.
> Refer to [Role-based access control]({{< relref "../../../../administration/roles-and-permissions/access-control" >}}) to understand how you can control access with role-based permissions.
## Supported LDAP Servers
@ -24,7 +24,7 @@ This means that you should be able to configure LDAP integration using any compl
## Enable LDAP
In order to use LDAP integration you'll first need to enable LDAP in the [main config file]({{< relref "../../../configure-grafana/" >}}) as well as specify the path to the LDAP
In order to use LDAP integration you'll first need to enable LDAP in the [main config file]({{< relref "../../../configure-grafana" >}}) as well as specify the path to the LDAP
specific configuration file (default: `/etc/grafana/ldap.toml`).
After enabling LDAP, the default behavior is for Grafana users to be created automatically upon successful LDAP authentication. If you prefer for only existing Grafana users to be able to sign in, you can change `allow_sign_up` to `false` in the `[auth.ldap]` section.
@ -397,7 +397,7 @@ Please inspect your Active Directory configuration and documentation to find the
## Troubleshooting
To troubleshoot and get more log info enable LDAP debug logging in the [main config file]({{< relref "../../../configure-grafana/" >}}).
To troubleshoot and get more log info enable LDAP debug logging in the [main config file]({{< relref "../../../configure-grafana" >}}).
Grafana can attempt to do role mapping through Okta OAuth. In order to achieve this, Grafana checks for the presence of a role using the [JMESPath](http://jmespath.org/examples.html) specified via the `role_attribute_path` configuration option.
Grafana uses JSON obtained from querying the `/userinfo` endpoint for the path lookup. The result after evaluating the `role_attribute_path` JMESPath expression needs to be a valid Grafana role, i.e. `Viewer`, `Editor` or `Admin`. For more information about roles and permissions in Grafana, refer to [Roles and permissions]({{< relref "../../../../administration/roles-and-permissions/" >}}).
Grafana uses JSON obtained from querying the `/userinfo` endpoint for the path lookup. The result after evaluating the `role_attribute_path` JMESPath expression needs to be a valid Grafana role, i.e. `Viewer`, `Editor` or `Admin`. For more information about roles and permissions in Grafana, refer to [Roles and permissions]({{< relref "../../../../administration/roles-and-permissions" >}}).
> **Warning**: Currently if no organization role mapping is found for a user, Grafana doesn't
> update the user's organization role. This is going to change in Grafana 10. To avoid overriding manually set roles,
> enable the `skip_org_role_sync` option.
> See [configure-grafana]({{< relref "../../../configure-grafana#authokta-skip-org-role-sync" >}}) for more information.
> See [Configure Grafana]({{< relref "../../../configure-grafana#authokta" >}}) for more information.
On first login, ifthe`role_attribute_path` property does not return a role, then the user is assigned the role
specified by [the `auto_assign_org_role` option]({{< relref "../../../configure-grafana#auto_assign_org_role" >}}).
@ -107,17 +107,17 @@ It denies user access if no role or an invalid role is returned.
Read about how to [add custom claims](https://developer.okta.com/docs/guides/customize-tokens-returned-from-okta/add-custom-claim/) to the user info in Okta. Also, check Generic OAuth page for [JMESPath examples]({{< relref "generic-oauth/#jmespath-examples" >}}).
Read about how to [add custom claims](https://developer.okta.com/docs/guides/customize-tokens-returned-from-okta/add-custom-claim/) to the user info in Okta. Also, check Generic OAuth page for [JMESPath examples]({{< relref "../generic-oauth#jmespath-examples" >}}).
#### Map server administrator privileges
> Available in Grafana v9.2 and later versions.
If the application role received by Grafana is `GrafanaAdmin`, Grafana grants the user server administrator privileges.
This is useful if you want to grant server administrator privileges to a subset of users.
If the application role received by Grafana is `GrafanaAdmin`, Grafana grants the user server administrator privileges.
This is useful if you want to grant server administrator privileges to a subset of users.
Grafana also assigns the user the `Admin` role of the default organization.
The setting `allow_assign_grafana_admin` under `[auth.okta]` must be set to `true` for this to work.
The setting `allow_assign_grafana_admin` under `[auth.okta]` must be set to `true` for this to work.
If the setting is set to `false`, the user is assigned the role of `Admin` of the default organization, but not server administrator privileges.
```ini
@ -148,4 +148,4 @@ the correct teams.
Okta groups can be referenced by group name, like `Admins`.
[Learn more about Team Sync]({{< relref "../../configure-team-sync/" >}})
[Learn more about Team Sync]({{< relref "../../configure-team-sync" >}})
# Configure SAML authentication using the Grafana user interface
> **Note:** Available in [Grafana Enterprise]({{< relref "../../../introduction/grafana-enterprise/" >}}) version 10.0 and later, and [Grafana Cloud Pro and Advanced](/docs/grafana-cloud/).
> **Note:** Available in [Grafana Enterprise]({{< relref "../../../../introduction/grafana-enterprise" >}}) version 10.0 and later, and [Grafana Cloud Pro and Advanced](/docs/grafana-cloud/).
You can configure SAML authentication in Grafana through the user interface (UI) or the Grafana configuration file. For instructions on how to set up SAML using the Grafana configuration file, refer to [Configure SAML authentication using the configuration file]({{< relref "../saml/" >}}).
You can configure SAML authentication in Grafana through the user interface (UI) or the Grafana configuration file. For instructions on how to set up SAML using the Grafana configuration file, refer to [Configure SAML authentication using the configuration file]({{< relref "../saml" >}}).
The Grafana SAML UI provides the following advantages over configuring SAML in the Grafana configuration file:
@ -18,7 +18,7 @@ The Grafana SAML UI provides the following advantages over configuring SAML in t
- It doesn't require Grafana to be restarted after a configuration update
- Access to the SAML UI only requires access to authentication settings, so it can be used by users with limited access to Grafana's configuration
> **Note:** Any configuration changes made through the Grafana user interface (UI) will take precedence over settings specified in the Grafana configuration file or through environment variables. This means that if you modify any configuration settings in the UI, they will override any corresponding settings set via environment variables or defined in the configuration file. For more information on how Grafana determines the order of precedence for its settings, please refer to the [Settings update at runtime]({{< relref "../../configure-grafana/settings-updates-at-runtime/" >}}).
> **Note:** Any configuration changes made through the Grafana user interface (UI) will take precedence over settings specified in the Grafana configuration file or through environment variables. This means that if you modify any configuration settings in the UI, they will override any corresponding settings set via environment variables or defined in the configuration file. For more information on how Grafana determines the order of precedence for its settings, please refer to the [Settings update at runtime]({{< relref "../../../configure-grafana/settings-updates-at-runtime" >}}).
> **Note:** Disabling the UI does not affect any configuration settings that were previously set up through the UI. Those settings will continue to function as intended even with the UI disabled.
@ -26,13 +26,13 @@ The Grafana SAML UI provides the following advantages over configuring SAML in t
To follow this guide, you need:
- Knowledge of SAML authentication. Refer to [SAML authentication in Grafana]({{< relref "../saml/" >}}) for an overview of Grafana's SAML integration.
- Knowledge of SAML authentication. Refer to [SAML authentication in Grafana]({{< relref "../saml" >}}) for an overview of Grafana's SAML integration.
- Permissions `settings:read` and `settings:write` with scope `settings:auth.saml:*` that allow you to read and update SAML authentication settings.
These permissions are granted by `fixed:authentication.config:writer` role.
By default, this role is granted to Grafana server administrator in self-hosted instances and to Organization admins in Grafana Cloud instances.
- Grafana instance running Grafana version 10.0 or later with [Grafana Enterprise]({{< relref "../../../introduction/grafana-enterprise/" >}}) or [Grafana Cloud Pro or Advanced](/docs/grafana-cloud/) license.
- Grafana instance running Grafana version 10.0 or later with [Grafana Enterprise]({{< relref "../../../../introduction/grafana-enterprise" >}}) or [Grafana Cloud Pro or Advanced](/docs/grafana-cloud/) license.
## Steps
@ -43,19 +43,19 @@ Follow these steps to configure and enable SAML integration:
For assistance, consult the following table for additional guidance about certain fields:
| **Allow signup** | If enabled, you can create new users through the SAML login. If disabled, then only existing Grafana users can log in with SAML. |
| **Auto login** | If enabled, Grafana will attempt to automatically log in with SAML skipping the login screen. |
| **Single logout** | The SAML single logout feature enables users to log out from all applications associated with the current IdP session established using SAML SSO. For more information, refer to [SAML single logout documentation]]({{<relref"../saml/#single-logout">}}). |
| **Identity provider initiated login** | Enables users to log in to Grafana directly from the SAML IdP. For more information, refer to [IdP initiated login documentation]({{< relref "../saml/#idp-initiated-single-sign-on-sso" >}}). |
| **Allow signup** | If enabled, you can create new users through the SAML login. If disabled, then only existing Grafana users can log in with SAML. |
| **Auto login** | If enabled, Grafana will attempt to automatically log in with SAML skipping the login screen. |
| **Single logout** | The SAML single logout feature enables users to log out from all applications associated with the current IdP session established using SAML SSO. For more information, refer to [SAML single logout documentation]]({{<relref"../saml#single-logout">}}). |
| **Identity provider initiated login** | Enables users to log in to Grafana directly from the SAML IdP. For more information, refer to [IdP initiated login documentation]({{< relref "../saml#idp-initiated-single-sign-on-sso" >}}). |
3. Click **Next: Key and certificate**.
1. Provide a certificate and a private key that will be used by the service provider (Grafana) and the SAML IdP.
Use the [PKCS #8](https://en.wikipedia.org/wiki/PKCS_8) format to issue the private key.
For more information, refer to an [example on how to generate SAML credentials]({{< relref "../saml/#example-of-how-to-generate-saml-credentials" >}}).
For more information, refer to an [example on how to generate SAML credentials]({{< relref "../saml#example-of-how-to-generate-saml-credentials" >}}).
1. In the **Sign requests** field, specify whether you want the outgoing requests to be signed, and, if so, which signature algorithm should be used.
@ -63,18 +63,18 @@ Follow these steps to configure and enable SAML integration:
1. Click **Next: Connect Grafana with Identity Provider** and complete the section.
1. Click **Next: User mapping**.
1. If you wish to [map user information from SAML assertions]({{< relref "../saml/#assertion-mapping" >}}), complete the **Assertion attributes mappings** section.
1. If you wish to [map user information from SAML assertions]({{< relref "../saml#assertion-mapping" >}}), complete the **Assertion attributes mappings** section.
You also need to configure the **Groups attribute** field if you want to use team sync. Team sync automatically maps users to Grafana teams based on their SAML group membership.
Learn more about [team sync]({{< relref "../../configure-team-sync/" >}}) and [configuring team sync for SAML]({{< relref "../saml/#configure-team-sync" >}}).
Learn more about [team sync]({{< relref "../../configure-team-sync" >}}) and [configuring team sync for SAML]({{< relref "../saml#configure-team-sync" >}}).
1. If you want to automatically assign users' roles based on their SAML roles, complete the **Role mapping** section.
First, you need to configure the **Role attribute** field to specify which SAML attribute should be used to retrieve SAML role information.
Then enter the SAML roles that you want to map to Grafana roles in **Role mapping** section. If you want to map multiple SAML roles to a Grafana role, separate them by a comma and a space. For example, `Editor: editor, developer`.
Role mapping will automatically update user's [basic role]({{< relref "../../../../administration/roles-and-permissions/access-control/#basic-roles" >}}) based on their SAML roles every time the user logs in to Grafana.
Learn more about [SAML role synchronization]({{< relref "../saml/#configure-role-sync" >}}).
Role mapping will automatically update user's [basic role]({{< relref "../../../../administration/roles-and-permissions/access-control#basic-roles" >}}) based on their SAML roles every time the user logs in to Grafana.
Learn more about [SAML role synchronization]({{< relref "../saml#configure-role-sync" >}}).
1. If you have multiple organizations and want to automatically add users to organizations, complete the **Org mapping section**.
@ -83,7 +83,7 @@ Follow these steps to configure and enable SAML integration:
If you want users to have different roles in different organizations, you can additionally specify a role. For example, `Org mapping: Engineering:2:Editor` will map users who belong to `Engineering` organizations in SAML to Grafana organization with ID 2 and assign them Editor role.
Organization mapping will automatically update user's organization memberships (and roles, if they have been configured) based on their SAML organization every time the user logs in to Grafana.
Learn more about [SAML organization mapping]({{< relref "../saml/#configure-organization-mapping" >}}).
Learn more about [SAML organization mapping]({{< relref "../saml#configure-organization-mapping" >}}).
1. If you want to limit the access to Grafana based on user's SAML organization membership, fill in the **Allowed organizations** field.
1. Click **Next: Test and enable** and then click **Save and enable**.
# Configure SAML authentication using the configuration file
> **Note:** Available in [Grafana Enterprise]({{< relref "../../../../introduction/grafana-enterprise/" >}}) and [Grafana Cloud Pro and Advanced](/docs/grafana-cloud).
> **Note:** Available in [Grafana Enterprise]({{< relref "../../../../introduction/grafana-enterprise" >}}) and [Grafana Cloud Pro and Advanced](/docs/grafana-cloud).
SAML authentication integration allows your Grafana users to log in by using an external SAML 2.0 Identity Provider (IdP). To enable this, Grafana becomes a Service Provider (SP) in the authentication flow, interacting with the IdP to exchange user information.
You can configure SAML authentication in Grafana through the user interface (UI) or the Grafana configuration file. For instructions on how to set up SAML through Grafana's UI, refer to [Configure SAML authentication using the Grafana user interface]({{< relref "../saml-ui/" >}}).
You can configure SAML authentication in Grafana through the user interface (UI) or the Grafana configuration file. For instructions on how to set up SAML through Grafana's UI, refer to [Configure SAML authentication using the Grafana user interface]({{< relref "../saml-ui" >}}).
Both methods offer the same configuration options, but you might prefer using the Grafana configuration file if you want to keep all of Grafana's authentication settings in one place. Grafana Cloud users do not have access to Grafana configuration file, so they should configure SAML through Grafana's UI.
> **Note:** Configuration in the UI takes precedence over the configuration in the Grafana configuration file. SAML settings from the UI will override any SAML configuration set in the Grafana configuration file.
@ -55,15 +55,15 @@ By default, SP-initiated requests are enabled. For instructions on how to enable
### Edit SAML options in the Grafana config file
1. In the `[auth.saml]` section in the Grafana configuration file, set [`enabled`]({{< relref "../../../configure-grafana/enterprise-configuration/#enabled" >}}) to `true`.
1. In the `[auth.saml]` section in the Grafana configuration file, set [`enabled`]({{< relref "../../../configure-grafana/enterprise-configuration#enabled" >}}) to `true`.
1. Configure the [certificate and private key]({{< relref "#certificate-and-private-key" >}}).
1. On the Okta application page where you have been redirected after application created, navigate to the **Sign On** tab and find **Identity Provider metadata** link in the **Settings** section.
1. Set the [`idp_metadata_url`]({{< relref "../../../configure-grafana/enterprise-configuration/#idp_metadata_url" >}}) to the URL obtained from the previous step. The URL should look like `https://<your-org-id>.okta.com/app/<application-id>/sso/saml/metadata`.
1. Set the [`idp_metadata_url`]({{< relref "../../../configure-grafana/enterprise-configuration#idp_metadata_url" >}}) to the URL obtained from the previous step. The URL should look like `https://<your-org-id>.okta.com/app/<application-id>/sso/saml/metadata`.
1. Set the following options to the attribute names configured at the **step 10** of the SAML integration setup. You can find this attributes on the **General** tab of the application page (**ATTRIBUTE STATEMENTS** and **GROUP ATTRIBUTE STATEMENTS** in the **SAML Settings** section).
1. Save the configuration file and and then restart the Grafana server.
When you are finished, the Grafana configuration might look like this example:
@ -88,7 +88,7 @@ assertion_attribute_groups = Group
To use the SAML integration, in the `auth.saml` section of in the Grafana custom configuration file, set `enabled` to `true`.
Refer to [Configuration]({{< relref "../../../configure-grafana/" >}}) for more information about configuring Grafana.
Refer to [Configuration]({{< relref "../../../configure-grafana" >}}) for more information about configuring Grafana.
## Certificate and private key
@ -137,7 +137,7 @@ Grafana supports user authentication through Okta, which is useful when you want
**Before you begin:**
- To configure SAML integration with Okta, create integration inside the Okta organization first. [Add integration in Okta](https://help.okta.com/en/prod/Content/Topics/Apps/apps-overview-add-apps.htm)
- Ensure you have permission to administer SAML authentication. For more information about roles and permissions in Grafana, refer to [Roles and permissions]({{< relref "../../../../administration/roles-and-permissions/" >}}).
- Ensure you have permission to administer SAML authentication. For more information about roles and permissions in Grafana, refer to [Roles and permissions]({{< relref "../../../../administration/roles-and-permissions" >}}).
**To set up SAML with Okta:**
@ -170,7 +170,7 @@ Grafana supports user authentication through Okta, which is useful when you want
## Configure SAML authentication in Grafana
The table below describes all SAML configuration options. Continue reading below for details on specific options. Like any other Grafana configuration, you can apply these options as [environment variables]({{< relref "../../../configure-grafana/#override-configuration-with-environment-variables" >}}).
The table below describes all SAML configuration options. Continue reading below for details on specific options. Like any other Grafana configuration, you can apply these options as [environment variables]({{< relref "../../../configure-grafana#override-configuration-with-environment-variables" >}}).
> **Note:** Team sync support for SAML is available in Grafana version 7.0 and later.
To use SAML Team sync, set [`assertion_attribute_groups`]({{< relref "../../../configure-grafana/enterprise-configuration/#assertion-attribute-groups" >}}) to the attribute name where you store user groups. Then Grafana will use attribute values extracted from SAML assertion to add user into the groups with the same name configured on the External group sync tab.
To use SAML Team sync, set [`assertion_attribute_groups`]({{< relref "../../../configure-grafana/enterprise-configuration#assertion_attribute_groups" >}}) to the attribute name where you store user groups. Then Grafana will use attribute values extracted from SAML assertion to add user into the groups with the same name configured on the External group sync tab.
> **Note:** Teamsync allows you sync users from SAML to Grafana teams. It does not automatically create teams in Grafana. You need to create teams in Grafana before you can use this feature.
@ -343,22 +343,22 @@ The following `External Group ID`s would be valid for input in the desired team'
- `admins_group`
- `division_1`
[Learn more about Team Sync]({{< relref "../../configure-team-sync/" >}})
[Learn more about Team Sync]({{< relref "../../configure-team-sync" >}})
### Configure role sync
> **Note:** Available in Grafana version 7.0 and later.
Role sync allows you to map user roles from an identity provider to Grafana. To enable role sync, configure role attribute and possible values for the Editor, Admin, and Grafana Admin roles. For more information about user roles, refer to [Roles and permissions]({{< relref "../../../../administration/roles-and-permissions/" >}}).
Role sync allows you to map user roles from an identity provider to Grafana. To enable role sync, configure role attribute and possible values for the Editor, Admin, and Grafana Admin roles. For more information about user roles, refer to [Roles and permissions]({{< relref "../../../../administration/roles-and-permissions" >}}).
1. In the configuration file, set [`assertion_attribute_role`]({{< relref "../../../configure-grafana/enterprise-configuration/#assertion-attribute-role" >}}) option to the attribute name where the role information will be extracted from.
1. Set the [`role_values_editor`]({{< relref "../../../configure-grafana/enterprise-configuration/#role-values-editor" >}}) option to the values mapped to the `Editor` role.
1. Set the [`role_values_admin`]({{< relref "../../../configure-grafana/enterprise-configuration/#role-values-admin" >}}) option to the values mapped to the organization `Admin` role.
1. Set the [`role_values_grafana_admin`]({{< relref "../../../configure-grafana/enterprise-configuration/#role-values-grafana-admin" >}}) option to the values mapped to the `Grafana Admin` role.
1. In the configuration file, set [`assertion_attribute_role`]({{< relref "../../../configure-grafana/enterprise-configuration#assertion_attribute_role" >}}) option to the attribute name where the role information will be extracted from.
1. Set the [`role_values_editor`]({{< relref "../../../configure-grafana/enterprise-configuration#role_values_editor" >}}) option to the values mapped to the `Editor` role.
1. Set the [`role_values_admin`]({{< relref "../../../configure-grafana/enterprise-configuration#role_values_admin" >}}) option to the values mapped to the organization `Admin` role.
1. Set the [`role_values_grafana_admin`]({{< relref "../../../configure-grafana/enterprise-configuration#role_values_grafana_admin" >}}) option to the values mapped to the `Grafana Admin` role.
If a user role doesn't match any of configured values, then the `Viewer` role will be assigned.
For more information about roles and permissions in Grafana, refer to [Roles and permissions]({{< relref "../../../../administration/roles-and-permissions/" >}}).
For more information about roles and permissions in Grafana, refer to [Roles and permissions]({{< relref "../../../../administration/roles-and-permissions" >}}).
Example configuration:
@ -389,8 +389,8 @@ skip_org_role_sync = true
Organization mapping allows you to assign users to particular organization in Grafana depending on attribute value obtained from identity provider.
1. In configuration file, set [`assertion_attribute_org`]({{< relref "../../../configure-grafana/enterprise-configuration/#assertion-attribute-org" >}}) to the attribute name you store organization info in. This attribute can be an array if you want a user to be in multiple organizations.
1. Set [`org_mapping`]({{< relref "../../../configure-grafana/enterprise-configuration/#org-mapping" >}}) option to the comma-separated list of `Organization:OrgId` pairs to map organization from IdP to Grafana organization specified by id. If you want users to have different roles in multiple organizations, you can set this option to a comma-separated list of `Organization:OrgId:Role` mappings.
1. In configuration file, set [`assertion_attribute_org`]({{< relref "../../../configure-grafana/enterprise-configuration#assertion_attribute_org" >}}) to the attribute name you store organization info in. This attribute can be an array if you want a user to be in multiple organizations.
1. Set [`org_mapping`]({{< relref "../../../configure-grafana/enterprise-configuration#org_mapping" >}}) option to the comma-separated list of `Organization:OrgId` pairs to map organization from IdP to Grafana organization specified by id. If you want users to have different roles in multiple organizations, you can set this option to a comma-separated list of `Organization:OrgId:Role` mappings.
For example, use following configuration to assign users from `Engineering` organization to the Grafana organization with id `2` as Editor and users from `Sales` - to the org with id `3` as Admin, based on `Org` assertion attribute value:
@ -420,7 +420,7 @@ You can use `*` as the Grafana organization in the mapping if you want all users
> **Note:** Available in Grafana version 7.0 and later.
With the [`allowed_organizations`]({{< relref "../../../configure-grafana/enterprise-configuration/#allowed-organizations" >}}) option you can specify a list of organizations where the user must be a member of at least one of them to be able to log in to Grafana.
With the [`allowed_organizations`]({{< relref "../../../configure-grafana/enterprise-configuration#allowed_organizations" >}}) option you can specify a list of organizations where the user must be a member of at least one of them to be able to log in to Grafana.
To put values containing spaces in the list, use the following JSON syntax:
To troubleshoot and get more log information, enable SAML debug logging in the configuration file. Refer to [Configuration]({{< relref "../../../configure-grafana/#filters" >}}) for more information.
To troubleshoot and get more log information, enable SAML debug logging in the configuration file. Refer to [Configuration]({{< relref "../../../configure-grafana#filters" >}}) for more information.
```bash
[log]
@ -507,7 +507,7 @@ The keys you provide should look like:
When the user logs in using SAML and gets presented with "origin not allowed", the user might be issuing the login from an IdP (identity provider) service or the user is behind a reverse proxy. This potentially happens as Grafana's CSRF checks deem the requests to be invalid. For more information [CSRF](https://owasp.org/www-community/attacks/csrf).
To solve this issue, you can configure either the [`csrf_trusted_origins`]({{< relref "../../../configure-grafana/#csrf-trusted-origins" >}}) or [`csrf_additional_headers`]({{< relref "../../../configure-grafana/#csrf_additional_headers" >}}) option in the SAML configuration.
To solve this issue, you can configure either the [`csrf_trusted_origins`]({{< relref "../../../configure-grafana#csrf_trusted_origins" >}}) or [`csrf_additional_headers`]({{< relref "../../../configure-grafana#csrf_additional_headers" >}}) option in the SAML configuration.
Grafana’s database contains secrets, which are used to query data sources, send alert notifications, and perform other functions within Grafana.
Grafana encrypts these secrets before they are written to the database, by using a symmetric-key encryption algorithm called Advanced Encryption Standard (AES). These secrets are signed using a [secret key]({{< relref "../../configure-grafana/#secret_key" >}}) that you can change when you configure a new Grafana instance.
Grafana encrypts these secrets before they are written to the database, by using a symmetric-key encryption algorithm called Advanced Encryption Standard (AES). These secrets are signed using a [secret key]({{< relref "../../configure-grafana#secret_key" >}}) that you can change when you configure a new Grafana instance.
> **Note:** Grafana v9.0 and newer use [envelope encryption](#envelope-encryption) by default, which adds a layer of indirection to the encryption process that introduces an [**implicit breaking change**](#implicit-breaking-change) for older versions of Grafana.
For further details about how to operate a Grafana instance with envelope encryption, see the [Operational work]({{< relref "./#operational-work" >}}) section.
For further details about how to operate a Grafana instance with envelope encryption, see the [Operational work]({{< relref "#operational-work" >}}) section.
> **Note:** In Grafana Enterprise, you can also [encrypt secrets in AES-GCM (Galois/Counter Mode)]({{< relref "#changing-your-encryption-mode-to-aes-gcm" >}}) instead of the default AES-CFB (Cipher FeedBack mode).
## Envelope encryption
> **Note:** Since Grafana v9.0, you can turn envelope encryption off by adding the feature toggle `disableEnvelopeEncryption` to your [Grafana configuration]({{< relref "../../configure-grafana/#feature_toggles" >}}).
> **Note:** Since Grafana v9.0, you can turn envelope encryption off by adding the feature toggle `disableEnvelopeEncryption` to your [Grafana configuration]({{< relref "../../configure-grafana#feature_toggles" >}}).
Instead of encrypting all secrets with a single key, Grafana uses a set of keys called data encryption keys (DEKs) to encrypt them. These data encryption keys are themselves encrypted with a single key encryption key (KEK), configured through the `secret_key` attribute in your
[Grafana configuration]({{< relref "../../configure-grafana/#secret_key" >}}) or with a [key management service (KMS) integration](#kms-integration).
[Grafana configuration]({{< relref "../../configure-grafana#secret_key" >}}) or by [Encrypting your database with a key from a key management service (KMS)](#encrypting-your-database-with-a-key-from-a-key-management-service-kms).
### Implicit breaking change
Envelope encryption introduces an implicit breaking change to versions of Grafana prior to v9.0, because it changes how secrets stored in the Grafana database are encrypted. Grafana administrators can upgrade to Grafana v9.0 with no action required from the database encryption perspective, but must be extremely careful if they need to roll an upgrade back to Grafana v8.5 or earlier because secrets created or modified after upgrading to Grafana v9.0 can’t be decrypted by previous versions.
Grafana v8.5 implemented envelope encryption behind an optional feature toggle. Grafana administrators who need to downgrade to Grafana v8.5 can enable envelope encryption as a workaround by adding the feature toggle `envelopeEncryption` to the [Grafana configuration]({{< relref "../../configure-grafana/#feature_toggles" >}}).
Grafana v8.5 implemented envelope encryption behind an optional feature toggle. Grafana administrators who need to downgrade to Grafana v8.5 can enable envelope encryption as a workaround by adding the feature toggle `envelopeEncryption` to the [Grafana configuration]({{< relref "../../configure-grafana#feature_toggles" >}}).
## Operational work
@ -39,7 +39,7 @@ From the database encryption perspective, Grafana administrators can:
- [**Re-encrypt secrets**](#re-encrypt-secrets): re-encrypt secrets with envelope encryption and a fresh data key.
- [**Roll back secrets**](#roll-back-secrets): decrypt secrets encrypted with envelope encryption and re-encrypt them with legacy encryption.
- [**Re-encrypt data keys**](#re-encrypt-data-keys): re-encrypt data keys with a fresh key encryption key and a [KMS integration](#kms-integration).
- [**Re-encrypt data keys**](#re-encrypt-data-keys): re-encrypt data keys with a fresh key encryption key and a KMS integration.
- [**Rotate data keys**](#rotate-data-keys): disable active data keys and stop using them for encryption in favor of a fresh one.
### Re-encrypt secrets
@ -49,19 +49,19 @@ You can re-encrypt secrets in order to:
- Move already existing secrets' encryption forward from legacy to envelope encryption.
- Re-encrypt secrets after a [data keys rotation](#rotate-data-keys).
To re-encrypt secrets, use the [Grafana CLI]({{< relref "../../../cli/" >}}) by running the `grafana cli admin secrets-migration re-encrypt` command or the `/encryption/reencrypt-secrets` endpoint of the Grafana [Admin API]({{< relref "../../../developers/http_api/admin/#roll-back-secrets" >}}). It's safe to run more than once, more recommended under maintenance mode.
To re-encrypt secrets, use the [Grafana CLI]({{< relref "../../../cli" >}}) by running the `grafana cli admin secrets-migration re-encrypt` command or the `/encryption/reencrypt-secrets` endpoint of the Grafana [Admin API]({{< relref "../../../developers/http_api/admin#roll-back-secrets" >}}). It's safe to run more than once, more recommended under maintenance mode.
### Roll back secrets
You can roll back secrets encrypted with envelope encryption to legacy encryption. This might be necessary to downgrade to Grafana versions prior to v9.0 after an unsuccessful upgrade.
To roll back secrets, use the [Grafana CLI]({{< relref "../../../cli/" >}}) by running the `grafana cli admin secrets-migration rollback` command or the `/encryption/rollback-secrets` endpoint of the Grafana [Admin API]({{< relref "../../../developers/http_api/admin/#re-encrypt-secrets" >}}). It's safe to run more than once, more recommended under maintenance mode.
To roll back secrets, use the [Grafana CLI]({{< relref "../../../cli" >}}) by running the `grafana cli admin secrets-migration rollback` command or the `/encryption/rollback-secrets` endpoint of the Grafana [Admin API]({{< relref "../../../developers/http_api/admin#re-encrypt-secrets" >}}). It's safe to run more than once, more recommended under maintenance mode.
### Re-encrypt data keys
You can re-encrypt data keys encrypted with a specific key encryption key (KEK). This allows you to either re-encrypt existing data keys with a new KEK version (see [KMS integration](#kms-integration) rotation) or to re-encrypt them with a completely different KEK.
You can re-encrypt data keys encrypted with a specific key encryption key (KEK). This allows you to either re-encrypt existing data keys with a new KEK version or to re-encrypt them with a completely different KEK.
To re-encrypt data keys, use the [Grafana CLI]({{< relref "../../../cli/" >}}) by running the `grafana cli admin secrets-migration re-encrypt-data-keys` command or the `/encryption/reencrypt-data-keys` endpoint of the Grafana [Admin API]({{< relref "../../../developers/http_api/admin/#re-encrypt-data-encryption-keys" >}}). It's safe to run more than once, more recommended under maintenance mode.
To re-encrypt data keys, use the [Grafana CLI]({{< relref "../../../cli" >}}) by running the `grafana cli admin secrets-migration re-encrypt-data-keys` command or the `/encryption/reencrypt-data-keys` endpoint of the Grafana [Admin API]({{< relref "../../../developers/http_api/admin#re-encrypt-data-encryption-keys" >}}). It's safe to run more than once, more recommended under maintenance mode.
### Rotate data keys
@ -73,7 +73,7 @@ New data keys for encryption operations are generated on demand.
> secrets still encrypted with them. To completely stop using
> rotated data keys for both encryption and decryption, see [secrets re-encryption](#re-encrypt-secrets).
To rotate data keys, use the `/encryption/rotate-data-keys` endpoint of the Grafana [Admin API]({{< relref "../../../developers/http_api/admin/#rotate-data-encryption-keys" >}}). It's safe to call more than once, more recommended under maintenance mode.
To rotate data keys, use the `/encryption/rotate-data-keys` endpoint of the Grafana [Admin API]({{< relref "../../../developers/http_api/admin#rotate-data-encryption-keys" >}}). It's safe to call more than once, more recommended under maintenance mode.
## Encrypting your database with a key from a key management service (KMS)
@ -83,10 +83,10 @@ You can choose to encrypt secrets stored in the Grafana database using a key fro
Grafana integrates with the following key management services:
@ -13,7 +13,7 @@ You can use an encryption key from AWS Key Management Service to encrypt secrets
**Prerequisites:**
- An AWS account with permission to view and create KMS keys and programmatic credentials to access those keys
- Access to the Grafana [configuration]({{< relref "../../../configure-grafana/#config-file-locations" >}}) file
- Access to the Grafana [configuration]({{< relref "../../../configure-grafana#configuration-file-location" >}}) file
1. Create a symmetric API key either from the AWS Management Console or by using the AWS KMS API.
<br><br>For detailed instructions, refer to [Creating keys](https://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html).
@ -24,7 +24,7 @@ You can use an encryption key from AWS Key Management Service to encrypt secrets
3. Create a [programmatic credential](https://docs.aws.amazon.com/general/latest/gr/aws-sec-cred-types.html#access-keys-and-secret-access-keys) (access key ID and secret access key), which has permission to view the key that you created.
<br><br>In AWS, you can control access to your KMS keys by using [key policies](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html), [IAM policies](https://docs.aws.amazon.com/kms/latest/developerguide/iam-policies.html), and [grants](https://docs.aws.amazon.com/kms/latest/developerguide/grants.html). You can also create [temporary credentials](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html), which must provide a session token along with an access key ID and a secret access key.
4. From within Grafana, turn on [envelope encryption]({{< relref "/#envelope-encryption" >}}).
4. From within Grafana, turn on envelope encryption.
5. Add your AWS KMS details to the Grafana configuration file; depending on your operating system, it is usually named `grafana.ini`:
<br><br>a. Add a new section to the configuration file, with a name in the format of `[security.encryption.awskms.<KEY-NAME>]`, where `<KEY-NAME>` is any name that uniquely identifies this key among other provider keys.
<br><br>b. Fill in the section with the following values:
@ -71,7 +71,7 @@ You can use an encryption key from AWS Key Management Service to encrypt secrets
**> Note:** The encryption key that is stored in the `secret_key` field is still used by Grafana’s legacy alerting system to encrypt secrets, for decrypting existing secrets, or it is used as the default provider when external providers are not configured. Do not change or remove that value when adding a new KMS provider.
8. (Optional) From the command line and the root directory of Grafana, re-encrypt all of the secrets within the Grafana database with the new key using the following command:
@ -13,7 +13,7 @@ You can use an encryption key from Azure Key Vault to encrypt secrets in the Gra
**Prerequisites:**
- An Azure account with permission to view and create Key Vault keys and programmatic credentials to access those keys
- Access to the Grafana [configuration]({{< relref "../../../configure-grafana/#config-file-locations" >}}) file
- Access to the Grafana [configuration]({{< relref "../../../configure-grafana#configuration-file-location" >}}) file
1. [Create a vault](https://docs.microsoft.com/en-us/azure/key-vault/general/quick-create-portal#create-a-vault).
@ -25,7 +25,7 @@ You can use an encryption key from Azure Key Vault to encrypt secrets in the Gra
5. In the Key Permissions section, set encrypt and decrypt permissions, and click **Save**.
6. From within Grafana, turn on [envelope encryption]({{< relref "./#envelope-encryption" >}}).
6. From within Grafana, turn on envelope encryption.
7. Add your Azure Key Vault details to the Grafana configuration file; depending on your operating system, is usually named `grafana.ini`:
<br><br>a. Add a new section to the configuration file, with a name in the format of `[security.encryption.azurekv.<KEY-NAME>]`, where `<KEY-NAME>` is any name that uniquely identifies this key among other provider keys.
@ -69,7 +69,7 @@ You can use an encryption key from Azure Key Vault to encrypt secrets in the Gra
**> Note:** The encryption key stored in the `secret_key` field is still used by Grafana’s legacy alerting system to encrypt secrets. Do not change or remove that value.
10. (Optional) From the command line and the root directory of Grafana Enterprise, re-encrypt all of the secrets within the Grafana database with the new key using the following command:
@ -13,7 +13,7 @@ You can use an encryption key from Google Cloud Key Management Service to encryp
**Prerequisites:**
- A Google Cloud account with permission to list and create KMS keys and service accounts to access those keys
- Access to the Grafana [configuration]({{< relref "../../../configure-grafana/#config-file-locations" >}}) file
- Access to the Grafana [configuration]({{< relref "../../../configure-grafana#configuration-file-location" >}}) file
1. [Create a key ring](https://cloud.google.com/kms/docs/creating-keys#kms-create-key-ring-console) in Google Cloud KMS.
@ -23,7 +23,7 @@ You can use an encryption key from Google Cloud Key Management Service to encryp
4. [Create a service account key and save its JSON file](https://cloud.google.com/iam/docs/creating-managing-service-account-keys#creating) to you computer, for example, as `~/.config/gcloud/sample-project-credentials.json`.
5. From within Grafana, turn on [envelope encryption]({{< relref "/#envelope-encryption" >}}).
5. From within Grafana, turn on envelope encryption.
6. Add your Google Cloud KMS details to the Grafana configuration file; depending on your operating system, is usually named `grafana.ini`:
<br><br>a. Add a new section to the configuration file, with a name in the format of `[security.encryption.azurekv.<KEY-NAME>]`, where `<KEY-NAME>` is any name that uniquely identifies this key among other provider keys.
@ -58,7 +58,7 @@ You can use an encryption key from Google Cloud Key Management Service to encryp
**> Note:** The encryption key stored in the `secret_key` field is still used by Grafana’s legacy alerting system to encrypt secrets. Do not change or remove that value.
9. (Optional) From the command line and the root directory of Grafana Enterprise, re-encrypt all of the secrets within the Grafana database with the new key using the following command:
@ -13,7 +13,7 @@ You can use an encryption key from Hashicorp Vault to encrypt secrets in the Gra
**Prerequisites:**
- Permissions to manage Hashicorp Vault to enable secrets engines and issue tokens.
- Access to the Grafana [configuration]({{< relref "../../../configure-grafana/#config-file-locations" >}}) file
- Access to the Grafana [configuration]({{< relref "../../../configure-grafana#configuration-file-location" >}}) file
1. [Enable the transit secrets engine](https://www.vaultproject.io/docs/secrets/transit#setup) in Hashicorp Vault.
@ -21,7 +21,7 @@ You can use an encryption key from Hashicorp Vault to encrypt secrets in the Gra
3. [Create a periodic service token](https://learn.hashicorp.com/tutorials/vault/tokens#periodic-service-tokens).
4. From within Grafana, turn on [envelope encryption]({{< relref "/#envelop-encryption" >}}).
4. From within Grafana, turn on envelope encryption.
5. Add your Hashicorp Vault details to the Grafana configuration file; depending on your operating system, is usually named `grafana.ini`:
<br><br>a. Add a new section to the configuration file, with a name in the format of `[security.encryption.hashicorpvault.<KEY-NAME>]`, where `<KEY-NAME>` is any name that uniquely identifies this key among other provider keys.
@ -65,7 +65,7 @@ You can use an encryption key from Hashicorp Vault to encrypt secrets in the Gra
**> Note:** The encryption key stored in the `secret_key` field is still used by Grafana’s legacy alerting system to encrypt secrets. Do not change or remove that value.
8. (Optional) From the command line and the root directory of Grafana Enterprise, re-encrypt all of the secrets within the Grafana database with the new key using the following command:
If you manage your secrets with [Hashicorp Vault](https://www.hashicorp.com/products/vault), you can use them for [Configuration]({{< relref "../../../configure-grafana/" >}}) and [Provisioning]({{< relref "../../../../administration/provisioning/" >}}).
If you manage your secrets with [Hashicorp Vault](https://www.hashicorp.com/products/vault), you can use them for [Configuration]({{< relref "../../../configure-grafana" >}}) and [Provisioning]({{< relref "../../../../administration/provisioning" >}}).
> **Note:** Available in [Grafana Enterprise]({{< relref "../../../../introduction/grafana-enterprise/" >}}) and [Grafana Cloud Advanced](/docs/grafana-cloud).
> **Note:** Available in [Grafana Enterprise]({{< relref "../../../../introduction/grafana-enterprise" >}}) and [Grafana Cloud Advanced](/docs/grafana-cloud).
> **Note:** If you have Grafana [set up for high availability]({{< relref "../../../set-up-for-high-availability/" >}}), then we advise not to use dynamic secrets for provisioning files.
> **Note:** If you have Grafana [set up for high availability]({{< relref "../../../set-up-for-high-availability" >}}), then we advise not to use dynamic secrets for provisioning files.
> Each Grafana instance is responsible for renewing its own leases. Your data source leases might expire when one of your Grafana servers shuts down.
## Configuration
@ -55,7 +55,7 @@ token = s.sAZLyI0r7sFLMPq6MWtoOhAN # replace with your key
## Using the Vault expander
After you configure Vault, you must set the configuration or provisioning files you wish to
use Vault. Vault configuration is an extension of configuration's [variable expansion]({{< relref "../../../configure-grafana/#variable-expansion" >}}) and follows the
use Vault. Vault configuration is an extension of configuration's [variable expansion]({{< relref "../../../configure-grafana#variable-expansion" >}}) and follows the
`$__vault{<argument>}` syntax.
The argument to Vault consists of three parts separated by a colon:
The following examples show you how to set your [configuration]({{< relref "../../../configure-grafana/" >}}) or [provisioning]({{< relref "../../../../administration/provisioning/" >}}) files to use Vault to retrieve configuration values.
The following examples show you how to set your [configuration]({{< relref "../../../configure-grafana" >}}) or [provisioning]({{< relref "../../../../administration/provisioning" >}}) files to use Vault to retrieve configuration values.
#### Configuration
The following is a partial example for using Vault to set up a Grafana configuration file's email and database credentials.
Refer to [Configuration]({{< relref "../../../configure-grafana/" >}}) for more information.
Refer to [Configuration]({{< relref "../../../configure-grafana" >}}) for more information.
@ -19,7 +19,7 @@ Request security allows you to limit requests from the Grafana server by targeti
This can be used to limit access to internal systems that the server Grafana runs on can access but that users of Grafana should not be able to access. This feature does not affect traffic from the Grafana users browser.
> **Note:** Available in [Grafana Enterprise]({{< relref "../../introduction/grafana-enterprise/" >}}) version 7.4 and later, and [Grafana Cloud Pro and Advanced](/docs/grafana-cloud/).
> **Note:** Available in [Grafana Enterprise]({{< relref "../../introduction/grafana-enterprise" >}}) version 7.4 and later, and [Grafana Cloud Pro and Advanced](/docs/grafana-cloud/).
> **Note:** Although request security works with backend plugins, you can create a backend plugin that bypasses this security.
Security hardening enables you to apply additional security, which can help stop certain vulnerabilities from being exploited by a malicious attacker.
> **Note:** These settings are available in the [grafana.ini configuration file]({{< relref "../../configure-grafana/#configuration-file-location" >}}). To apply changes to the configuration file, restart the Grafana server.
> **Note:** These settings are available in the [grafana.ini configuration file]({{< relref "../../configure-grafana#configuration-file-location" >}}). To apply changes to the configuration file, restart the Grafana server.
Team sync lets you set up synchronization between your auth providers teams and teams in Grafana. This enables LDAP, OAuth, or SAML users who are members of certain teams or groups to automatically be added or removed as members of certain teams in Grafana.
> **Note:** Available in [Grafana Enterprise]({{< relref "../../introduction/grafana-enterprise/" >}}) and [Grafana Cloud Advanced](/docs/grafana-cloud/).
> **Note:** Available in [Grafana Enterprise]({{< relref "../../introduction/grafana-enterprise" >}}) and [Grafana Cloud Advanced](/docs/grafana-cloud/).
Grafana keeps track of all synchronized users in teams, and you can see which users have been synchronized in the team members list, see `LDAP` label in screenshot.
This mechanism allows Grafana to remove an existing synchronized user from a team when its group membership changes. This mechanism also enables you to manually add a user as member of a team, and it will not be removed when the user signs in. This gives you flexibility to combine LDAP group memberships and Grafana team memberships.
@ -27,13 +27,13 @@ This mechanism allows Grafana to remove an existing synchronized user from a tea
@ -60,7 +60,7 @@ Logs of usage insights contain the following fields, where the fields followed b
## Configuration
To export your logs, enable the usage insights feature and [configure]({{< relref "../../setup-grafana/configure-grafana/" >}}) an export location in the configuration file:
To export your logs, enable the usage insights feature and [configure]({{< relref "../../setup-grafana/configure-grafana" >}}) an export location in the configuration file:
```ini
[usage_insights.export]
@ -90,7 +90,7 @@ tls = true
tenant_id =
```
Using `logger` will print usage insights to your [Grafana server log]({{< relref "../../setup-grafana/configure-grafana/#log" >}}).
Using `logger` will print usage insights to your [Grafana server log]({{< relref "../../setup-grafana/configure-grafana#log" >}}).
There is no option for configuring the `logger` storage type.
# Configure Grafana secret scanning and notifications
With Grafana, you can use the GitHub Secret Scanning service to determine if your [service account tokens]({{< relref "../../administration/service-accounts/" >}}) have been leaked on GitHub.
With Grafana, you can use the GitHub Secret Scanning service to determine if your [service account tokens]({{< relref "../../administration/service-accounts" >}}) have been leaked on GitHub.
When GitHub Secret Scanning detects a Grafana secret, its hash is stored in Grafana Labs' secret scanning service.
@ -43,7 +43,7 @@ Grafana has revoked this token",
## Before you begin
- Ensure all your API keys have been migrated to service accounts.
For more information about service account migration, refer to [Migrate API keys to Grafana service accounts]({{< relref "../../administration/api-keys/#migrate-api-keys-to-grafana-service-accounts" >}}).
For more information about service account migration, refer to [Migrate API keys to Grafana service accounts]({{< relref "../../administration/api-keys#migrate-api-keys-to-grafana-service-accounts" >}}).
Grafana supports automatic rendering of panels as PNG images. This allows Grafana to automatically generate images of your panels to include in alert notifications, [PDF export]({{< relref "../../dashboards/create-reports/#export-dashboard-as-pdf" >}}), and [Reporting]({{< relref "../../dashboards/create-reports/" >}}). PDF Export and Reporting are available only in [Grafana Enterprise]({{< relref "../../introduction/grafana-enterprise" >}}).
Grafana supports automatic rendering of panels as PNG images. This allows Grafana to automatically generate images of your panels to include in alert notifications, [PDF export]({{< relref "../../dashboards/create-reports#export-dashboard-as-pdf" >}}), and [Reporting]({{< relref "../../dashboards/create-reports" >}}). PDF Export and Reporting are available only in [Grafana Enterprise]({{< relref "../../introduction/grafana-enterprise" >}}).
> **Note:** Image rendering of dashboards is not supported at this time.
While an image is being rendered, the PNG image is temporarily written to the file system. When the image is rendered, the PNG image is temporarily written to the `png` folder in the Grafana `data` folder.
A background job runs every 10 minutes and removes temporary images. You can configure how long an image should be stored before being removed by configuring the [temp_data_lifetime]({{< relref "../configure-grafana/#temp_data_lifetime" >}}) setting.
A background job runs every 10 minutes and removes temporary images. You can configure how long an image should be stored before being removed by configuring the [temp_data_lifetime]({{< relref "../configure-grafana#temp_data_lifetime" >}}) setting.
You can also render a PNG by clicking hovering over the panel to display the actions menu in the top right corner, and then clicking **Share > Direct link rendered image** in the Link tab.
## Alerting and render limits
Alert notifications can include images, but rendering many images at the same time can overload the server where the renderer is running. For instructions of how to configure this, see [concurrent_render_limit]({{< relref "../configure-grafana/#concurrent_render_limit" >}}).
Alert notifications can include images, but rendering many images at the same time can overload the server where the renderer is running. For instructions of how to configure this, see [concurrent_render_limit]({{< relref "../configure-grafana#concurrent_render_limit" >}}).
## Install Grafana Image Renderer plugin
> **Note:** Starting from Grafana v7.0.0, all PhantomJS support has been removed. Please use the Grafana Image Renderer plugin or remote rendering service.
To install the plugin, refer to the [Grafana Image Renderer Installation instructions](https://grafana.com/grafana/plugins/grafana-image-renderer#installation).
To install the plugin, refer to the [Grafana Image Renderer Installation instructions](/grafana/plugins/grafana-image-renderer#installation).
## Configuration
The Grafana Image Renderer plugin has a number of configuration options that are used in plugin or remote rendering modes.
In plugin mode, you can specify them directly in the [Grafana configuration file]({{< relref "../configure-grafana/#plugingrafana-image-renderer" >}}).
In plugin mode, you can specify them directly in the [Grafana configuration file]({{< relref "../configure-grafana#plugingrafana-image-renderer" >}}).
In remote rendering mode, you can specify them in a `.json` [configuration file](#configuration-file) or, for some of them, you can override the configuration defaults using environment variables.
@ -80,7 +80,7 @@ AUTH_TOKEN=-
}
```
See the [Grafana configuration]({{< relref "../configure-grafana/#renderer_token" >}}) for how to configure the token in Grafana.
See the [Grafana configuration]({{< relref "../configure-grafana#renderer_token" >}}) for how to configure the token in Grafana.
### Rendering mode
@ -148,7 +148,7 @@ RENDERING_MODE=reusable
#### Optimize the performance, CPU and memory usage of the image renderer
The performance and resources consumption of the different modes depend a lot on the number of concurrent requests your service is handling. To understand how many concurrent requests your service is handling, [monitor your image renderer service]({{< relref "monitoring/" >}}).
The performance and resources consumption of the different modes depend a lot on the number of concurrent requests your service is handling. To understand how many concurrent requests your service is handling, [monitor your image renderer service]({{< relref "./monitoring" >}}).
With no concurrent requests, the different modes show very similar performance and CPU / memory usage.
@ -197,7 +197,7 @@ HTTP_PORT=0
#### Enable Prometheus metrics
You can enable [Prometheus](https://prometheus.io/) metrics endpoint `/metrics` using the environment variable `ENABLE_METRICS`. Node.js and render request duration metrics are included, see [output example](./monitoring/#prometheus-metrics-endpoint-output-example) for details.
You can enable [Prometheus](https://prometheus.io/) metrics endpoint `/metrics` using the environment variable `ENABLE_METRICS`. Node.js and render request duration metrics are included, see [Enable Prometheus metrics endpoint]({{< relref "./monitoring#enable-prometheus-metrics-endpoint" >}}) for details.
Default is `false`.
@ -279,7 +279,7 @@ RENDERING_DUMPIO=true
If you already have [Chrome](https://www.google.com/chrome/) or [Chromium](https://www.chromium.org/)
installed on your system, then you can use this instead of the pre-packaged version of Chromium.
> **Note:** Please note that this is not recommended, since you may encounter problems if the installed version of Chrome/Chromium is not compatible with the [Grafana Image renderer plugin](https://grafana.com/grafana/plugins/grafana-image-renderer).
> **Note:** Please note that this is not recommended, since you may encounter problems if the installed version of Chrome/Chromium is not compatible with the [Grafana Image renderer plugin](/grafana/plugins/grafana-image-renderer).
You need to make sure that the Chrome/Chromium executable is available for the Grafana/image rendering service process.
Rendering images requires a lot of memory, mainly because Grafana creates browser instances in the background for the actual rendering. Monitoring your service can help you allocate the right amount of resources to your rendering service and set the right [rendering mode]({{< relref "./#rendering-mode" >}}).
Rendering images requires a lot of memory, mainly because Grafana creates browser instances in the background for the actual rendering. Monitoring your service can help you allocate the right amount of resources to your rendering service and set the right [rendering mode]({{< relref "../../image-rendering#rendering-mode" >}}).
## Enable Prometheus metrics endpoint
Configure this service to expose a Prometheus metrics endpoint. For information on how to configure and monitor this service using Prometheus as a data source, refer to [Grafana Image Rendering Service dashboard](https://grafana.com/grafana/dashboards/12203).
Configure this service to expose a Prometheus metrics endpoint. For information on how to configure and monitor this service using Prometheus as a data source, refer to [Grafana Image Rendering Service dashboard](/grafana/dashboards/12203).
As a last resort, if you already have [Chrome](https://www.google.com/chrome/) or [Chromium](https://www.chromium.org/)
installed on your system, then you can configure the [Grafana Image renderer plugin](../#custom-chromechromium) to use this
installed on your system, then you can configure the Grafana Image renderer plugin to use this
instead of the pre-packaged version of Chromium.
> **Note:** Please note that this is not recommended, since you may encounter problems if the installed version of Chrome/Chromium is not
> compatible with the [Grafana Image renderer plugin](https://grafana.com/grafana/plugins/grafana-image-renderer).
> compatible with the [Grafana Image renderer plugin](/grafana/plugins/grafana-image-renderer).
To override the path to the Chrome/Chromium executable in plugin mode, set an environment variable and make sure that it's available for the Grafana process. For example:
@ -56,7 +56,7 @@ Grafana supports the following databases:
By default Grafana uses an embedded SQLite database, which is stored in the Grafana installation location.
> **Note:** SQLite works well if your environment is small, but is not recommended when your environment starts growing. For more information about the limitations of SQLite, refer to [Appropriate Uses For SQLite](https://www.sqlite.org/whentouse.html). If you want high availability, you must use a MySQL or PostgreSQL database. For information about how to define the database configuration parameters inside the `grafana.ini` file, refer to [[database]](https://grafana.com/docs/grafana/latest/setup-grafana/configure-grafana/#database).
> **Note:** SQLite works well if your environment is small, but is not recommended when your environment starts growing. For more information about the limitations of SQLite, refer to [Appropriate Uses For SQLite](https://www.sqlite.org/whentouse.html). If you want high availability, you must use a MySQL or PostgreSQL database. For information about how to define the database configuration parameters inside the `grafana.ini` file, refer to [[database]](/docs/grafana/latest/setup-grafana/configure-grafana/#database).
Grafana supports the versions of these databases that are officially supported by the project at the time a version of Grafana is released. When a Grafana version becomes unsupported, Grafana Labs might also drop support for that database version. See the links above for the support policies for each project.
> **Note:** Grafana Enterprise is the recommended and default edition. It is available for free and includes all the features of the OSS edition. You can also upgrade to the [full Enterprise feature set](https://grafana.com/products/enterprise/?utm_source=grafana-install-page), which has support for [Enterprise plugins](https://grafana.com/grafana/plugins/?enterprise=1&utcm_source=grafana-install-page).
> **Note:** Grafana Enterprise is the recommended and default edition. It is available for free and includes all the features of the OSS edition. You can also upgrade to the [full Enterprise feature set](/products/enterprise/?utm_source=grafana-install-page), which has support for [Enterprise plugins](/grafana/plugins/?enterprise=1&utcm_source=grafana-install-page).
Complete the following steps to install Grafana from the APT repository:
@ -70,7 +70,7 @@ If you choose not to install Grafana using APT, you can download and install Gra
Complete the following steps to install Grafana using DEB or the standalone binaries:
1. Navigate to the [Grafana download page](https://grafana.com/grafana/download).
1. Navigate to the [Grafana download page](/grafana/download).
1. Select the Grafana version you want to install.
- The most recent Grafana version is selected by default.
- The **Version** field displays only tagged releases. If you want to install a nightly build, click **Nightly Builds** and then select a version.
@ -82,4 +82,4 @@ Complete the following steps to install Grafana using DEB or the standalone bina
## Next steps
- [Start the Grafana server]({{< relref "../../start-restart-grafana/" >}})
- [Start the Grafana server]({{< relref "../../start-restart-grafana" >}})
@ -16,7 +16,7 @@ You can install and run Grafana using the official Docker images. Our docker ima
Each edition is available in two variants: Alpine and Ubuntu. See below.
For documentation regarding the configuration of a docker image, refer to [configure a Grafana Docker image](https://grafana.com/docs/grafana/latest/administration/configure-docker/).
For documentation regarding the configuration of a docker image, refer to [configure a Grafana Docker image](/docs/grafana/latest/administration/configure-docker/).
This topic also contains important information about [migrating from earlier Docker image versions](#migrate-from-previous-docker-containers-versions).
@ -76,7 +76,7 @@ For a list of available tags, check out [grafana/grafana-oss](https://hub.docker
## Install plugins in the Docker container
You can install official and community plugins listed on the Grafana [plugins page](https://grafana.com/grafana/plugins) or from a custom URL.
You can install official and community plugins listed on the Grafana [plugins page](/grafana/plugins) or from a custom URL.
### Install official and community Grafana plugins
> Only available in Grafana v6.5 and later. This is experimental.
The [Grafana Image Renderer plugin]({{< relref "../../image-rendering/#grafana-image-renderer-plugin" >}}) does not currently work if it is installed in a Grafana Docker image. You can build a custom Docker image by using the `GF_INSTALL_IMAGE_RENDERER_PLUGIN` build argument. This installs additional dependencies needed for the Grafana Image Renderer plugin to run.
The [Grafana Image Renderer plugin]({{< relref "../../image-rendering" >}}) does not currently work if it is installed in a Grafana Docker image. You can build a custom Docker image by using the `GF_INSTALL_IMAGE_RENDERER_PLUGIN` build argument. This installs additional dependencies needed for the Grafana Image Renderer plugin to run.
Example of how to build and run:
@ -183,7 +183,7 @@ The Grafana Docker image runs with the `root` group (id 0) instead of the `grafa
### Migrate to v6.5 or later
Grafana Docker image now comes in two variants, one [Alpine](http://alpinelinux.org) based and one [Ubuntu](https://ubuntu.com/) based, see [Image Variants](#image-variants) for details.
Grafana Docker image now comes in two variants, one [Alpine](http://alpinelinux.org) based and one [Ubuntu](https://ubuntu.com/) based.
Refer to the [Getting Started]({{< relref "../../../getting-started/build-first-dashboard/" >}}) guide for information about logging in, setting up data sources, and so on.
Refer to the [Getting Started]({{< relref "../../../getting-started/build-first-dashboard" >}}) guide for information about logging in, setting up data sources, and so on.
## Configure Docker image
Refer to [Configure a Grafana Docker image]({{< relref "../../configure-docker/" >}}) page for details on options for customizing your environment, logging, database, and so on.
Refer to [Configure a Grafana Docker image]({{< relref "../../configure-docker" >}}) page for details on options for customizing your environment, logging, database, and so on.
## Configure Grafana
Refer to the [Configuration]({{< relref "../../configure-grafana/" >}}) page for details on options for customizing your environment, logging, database, and so on.
Refer to the [Configuration]({{< relref "../../configure-grafana" >}}) page for details on options for customizing your environment, logging, database, and so on.
> **Note:** Grafana Enterprise is the recommended and default edition. It is available for free and includes all the features of the OSS edition. You can also upgrade to the [full Enterprise feature set](https://grafana.com/products/enterprise/?utm_source=grafana-install-page), which has support for [Enterprise plugins](https://grafana.com/grafana/plugins/?enterprise=1&utcm_source=grafana-install-page).
> **Note:** Grafana Enterprise is the recommended and default edition. It is available for free and includes all the features of the OSS edition. You can also upgrade to the [full Enterprise feature set](/products/enterprise/?utm_source=grafana-install-page), which has support for [Enterprise plugins](/grafana/plugins/?enterprise=1&utcm_source=grafana-install-page).
To install Grafana using a YUM repository, complete the following steps:
@ -70,7 +70,7 @@ If you install Grafana manually using YUM or RPM, then you must manually update
**Note:** The RPM files are signed. You can verify the signature with this [public GPG key](https://rpm.grafana.com/gpg.key).
1. On the [Grafana download page](https://grafana.com/grafana/download), select the Grafana version you want to install.
1. On the [Grafana download page](/grafana/download), select the Grafana version you want to install.
- The most recent Grafana version is selected by default.
- The **Version** field displays only finished releases. If you want to install a beta version, click **Nightly Builds** and then select a version.
1. Select an **Edition**.
@ -87,7 +87,7 @@ If you install Grafana manually using YUM or RPM, then you must manually update
Complete the following steps to install Grafana using the standalone binaries:
1. Navigate to the [Grafana download page](https://grafana.com/grafana/download).
1. Navigate to the [Grafana download page](/grafana/download).
1. Select the Grafana version you want to install.
- The most recent Grafana version is selected by default.
- The **Version** field displays only tagged releases. If you want to install a nightly build, click **Nightly Builds** and then select a version.
@ -99,4 +99,4 @@ Complete the following steps to install Grafana using the standalone binaries:
## Next steps
Refer to [Start the Grafana server]({{< relref "../../start-restart-grafana/" >}}).
Refer to [Start the Grafana server]({{< relref "../../start-restart-grafana" >}}).
> **Note:** Grafana Enterprise is the recommended and default edition. It is available for free and includes all the features of the OSS edition. You can also upgrade to the [full Enterprise feature set](https://grafana.com/products/enterprise/?utm_source=grafana-install-page), which has support for [Enterprise plugins](https://grafana.com/grafana/plugins/?enterprise=1&utcm_source=grafana-install-page).
> **Note:** Grafana Enterprise is the recommended and default edition. It is available for free and includes all the features of the OSS edition. You can also upgrade to the [full Enterprise feature set](/products/enterprise/?utm_source=grafana-install-page), which has support for [Enterprise plugins](/grafana/plugins/?enterprise=1&utcm_source=grafana-install-page).
To install Grafana using a YUM repository, complete the following steps:
@ -50,7 +50,7 @@ If you install Grafana manually using YUM or RPM, then you must manually update
**Note:** The RPM files are signed. You can verify the signature with this [public GPG key](https://rpm.grafana.com/gpg.key).
1. On the [Grafana download page](https://grafana.com/grafana/download), select the Grafana version you want to install.
1. On the [Grafana download page](/grafana/download), select the Grafana version you want to install.
- The most recent Grafana version is selected by default.
- The **Version** field displays only finished releases. If you want to install a beta version, click **Nightly Builds** and then select a version.
1. Select an **Edition**.
@ -69,7 +69,7 @@ If you install Grafana manually using YUM or RPM, then you must manually update
Complete the following steps to install Grafana using the standalone binaries:
1. Navigate to the [Grafana download page](https://grafana.com/grafana/download).
1. Navigate to the [Grafana download page](/grafana/download).
1. Select the Grafana version you want to install.
- The most recent Grafana version is selected by default.
- The **Version** field displays only tagged releases. If you want to install a nightly build, click **Nightly Builds** and then select a version.
@ -81,4 +81,4 @@ Complete the following steps to install Grafana using the standalone binaries:
## Next steps
Refer to [Start the Grafana server]({{< relref "../../start-restart-grafana/" >}}).
Refer to [Start the Grafana server]({{< relref "../../start-restart-grafana" >}}).
You install Grafana using the Windows installer or using the standalone Windows binary file.
1. Navigate to the [Grafana download page](https://grafana.com/grafana/download).
1. Navigate to the [Grafana download page](/grafana/download).
1. Select the Grafana version you want to install.
- The most recent Grafana version is selected by default.
- The **Version** field displays only tagged releases. If you want to install a nightly build, click **Nightly Builds** and then select a version.
@ -36,7 +36,7 @@ You install Grafana using the Windows installer or using the standalone Windows
Start Grafana by executing `grafana-server.exe`, located in the `bin` directory, preferably from the command line. If you want to run Grafana as a Windows service, then download
[NSSM](https://nssm.cc/). It is very easy to add Grafana as a Windows service using that tool.
1. To run Grafana, open your browser and go to the Grafana port (http://localhost:3000/ is default) and then follow the instructions in [Getting Started]({{< relref "../../../getting-started/build-first-dashboard/" >}}).
1. To run Grafana, open your browser and go to the Grafana port (http://localhost:3000/ is default) and then follow the instructions in [Getting Started]({{< relref "../../../getting-started/build-first-dashboard" >}}).
> **Note:** The default Grafana port is `3000`. This port might require extra permissions on Windows. If it does not appear in the default port, you can change the port number.
@ -56,4 +56,4 @@ Start Grafana by executing `grafana-server.exe`, located in the `bin` directory,
## Next steps
- [Start the Grafana server]({{< relref "../../start-restart-grafana/" >}})
- [Start the Grafana server]({{< relref "../../start-restart-grafana" >}})
@ -45,7 +45,7 @@ For data source plugin channels, Grafana uses `ds` scope. Namespace in the case
For example, a data source channel looks like this: `ds/<DATASOURCE_UID>/<CUSTOM_PATH>`.
Refer to the tutorial about [building a streaming data source backend plugin](https://grafana.com/tutorials/build-a-streaming-data-source-plugin/) for more details.
Refer to the tutorial about [building a streaming data source backend plugin](/tutorials/build-a-streaming-data-source-plugin/) for more details.
The basic streaming example included in Grafana core streams frames with some generated data to a panel. To look at it create a new panel and point it to the `-- Grafana --` data source. Next, choose `Live Measurements` and select the `plugin/testdata/random-20Hz-stream` channel.
@ -53,7 +53,7 @@ The basic streaming example included in Grafana core streams frames with some ge
A new API endpoint `/api/live/push/:streamId` allows accepting metrics data in Influx format from Telegraf. These metrics are transformed into Grafana data frames and published to channels.
Refer to the tutorial about [streaming metrics from Telegraf to Grafana](https://grafana.com/tutorials/stream-metrics-from-telegraf-to-grafana/) for more information.
Refer to the tutorial about [streaming metrics from Telegraf to Grafana](/tutorials/stream-metrics-from-telegraf-to-grafana/) for more information.
## Grafana Live channel
@ -95,7 +95,7 @@ Grafana Live uses persistent connections (WebSocket at the moment) to deliver re
WebSocket is a persistent connection that starts with an HTTP Upgrade request (using the same HTTP port as the rest of Grafana) and then switches to a TCP mode where WebSocket frames can travel in both directions between a client and a server. Each logged-in user opens a WebSocket connection – one per browser tab.
The number of maximum WebSocket connections users can establish with Grafana is limited to 100 by default. See [max_connections]({{< relref "configure-grafana/#max_connections" >}}) option.
The number of maximum WebSocket connections users can establish with Grafana is limited to 100 by default. See [max_connections]({{< relref "./configure-grafana#max_connections" >}}) option.
In case you want to increase this limit, ensure that your server and infrastructure allow handling more connections. The following sections discuss several common problems which could happen when managing persistent connections, in particular WebSocket connections.
@ -103,9 +103,9 @@ In case you want to increase this limit, ensure that your server and infrastruct
To avoid hijacking of WebSocket connection Grafana Live checks the Origin request header sent by a client in an HTTP Upgrade request. Requests without Origin header pass through without any origin check.
By default, Live accepts connections with Origin header that matches configured [root_url]({{< relref "configure-grafana/#root_url" >}}) (which is a public Grafana URL).
By default, Live accepts connections with Origin header that matches configured [root_url]({{< relref "./configure-grafana#root_url" >}}) (which is a public Grafana URL).
It is possible to provide a list of additional origin patterns to allow WebSocket connections from. This can be achieved using the [allowed_origins]({{< relref "configure-grafana/#allowed_origins" >}}) option of Grafana Live configuration.
It is possible to provide a list of additional origin patterns to allow WebSocket connections from. This can be achieved using the [allowed_origins]({{< relref "./configure-grafana#allowed_origins" >}}) option of Grafana Live configuration.
#### Resource usage
@ -211,7 +211,7 @@ ha_engine = redis
ha_engine_address = 127.0.0.1:6379
```
For additional information, refer to the [ha_engine]({{< relref "configure-grafana/#ha_engine" >}}) and [ha_engine_address]({{< relref "configure-grafana/#ha_engine_address" >}}) options.
For additional information, refer to the [ha_engine]({{< relref "./configure-grafana#ha_engine" >}}) and [ha_engine_address]({{< relref "./configure-grafana#ha_engine_address" >}}) options.
@ -20,13 +20,13 @@ Grafana can emit Jaeger or OpenTelemetry Protocol (OTLP) traces for its HTTP API
All HTTP endpoints are logged evenly (annotations, dashboard, tags, and so on).
When a trace ID is propagated, it is reported with operation 'HTTP /datasources/proxy/:id/\*'.
Refer to [Configuration's OpenTelemetry section]({{< relref "configure-grafana/#tracingopentelemetry" >}}) for a reference of tracing options available in Grafana.
Refer to [Configuration's OpenTelemetry section]({{< relref "./configure-grafana#tracingopentelemetry" >}}) for a reference of tracing options available in Grafana.
## View Grafana internal metrics
Grafana collects some metrics about itself internally. Grafana supports pushing metrics to Graphite or exposing them to be scraped by Prometheus.
For more information about configuration options related to Grafana metrics, refer to [metrics]({{< relref "configure-grafana/#metrics" >}}) and [metrics.graphite]({{< relref "configure-grafana/#metricsgraphite" >}}) in [Configuration]({{< relref "configure-grafana/" >}}).
For more information about configuration options related to Grafana metrics, refer to [metrics]({{< relref "./configure-grafana#metrics" >}}) and [metrics.graphite]({{< relref "./configure-grafana#metricsgraphite" >}}) in [Configuration]({{< relref "./configure-grafana" >}}).
### Available metrics
@ -111,7 +111,7 @@ These instructions assume you have already added Graphite as a data source in Gr
### Pull metrics from Grafana backend plugin into Prometheus
Any installed [backend plugin]({{< relref "../developers/plugins/backend/" >}}) exposes a metrics endpoint through Grafana that you can configure Prometheus to scrape.
Any installed [backend plugin]({{< relref "../developers/plugins/backend" >}}) exposes a metrics endpoint through Grafana that you can configure Prometheus to scrape.
These instructions assume you have already added Prometheus as a data source in Grafana.
@ -134,7 +134,7 @@ These instructions assume you have already added Prometheus as a data source in
basic_auth_password =
```
1. Restart Grafana. Grafana now exposes metrics at `http://localhost:3000/metrics/plugins/<plugin id>`, e.g. http://localhost:3000/metrics/plugins/grafana-github-datasource if you have the [Grafana GitHub datasource](https://grafana.com/grafana/plugins/grafana-github-datasource/) installed.
1. Restart Grafana. Grafana now exposes metrics at `http://localhost:3000/metrics/plugins/<plugin id>`, e.g. http://localhost:3000/metrics/plugins/grafana-github-datasource if you have the [Grafana GitHub datasource](/grafana/plugins/grafana-github-datasource/) installed.
1. Add the job to your prometheus.yml file.
Example:
@ -152,4 +152,4 @@ These instructions assume you have already added Prometheus as a data source in
1. Restart Prometheus. Your new job should appear on the Targets tab.
1. In Grafana, hover your mouse over the **Configuration** (gear) icon on the left sidebar and then click **Data Sources**.
1. Select the **Prometheus** data source.
1. Import a Golang application metrics dashboard - for example [Go Processes](https://grafana.com/grafana/dashboards/6671).
1. Import a Golang application metrics dashboard - for example [Go Processes](/grafana/dashboards/6671).
title: Set up Grafana HTTPS for secure web traffic
description: Learn how to set up Grafana HTTPS for secure web traffic.
menuTitle: Set up HTTPS
weight: 900
---
@ -237,7 +238,7 @@ To configure Grafana HTTPS and restart Grafana, complete the following steps.
> **Note**: The standard port for SSL traffic is 443, which you can use instead of Grafana's default port 3000. This change might require additional operating system privileges or configuration to bind to lower-numbered privileged ports.
1. [Restart the Grafana server]({{< relref "./start-restart-grafana/#linux" >}}) using `systemd`, `init.d`, or the binary as appropriate for your environment.
1. [Restart the Grafana server]({{< relref "./start-restart-grafana#linux" >}}) using `systemd`, `init.d`, or the binary as appropriate for your environment.
@ -20,7 +20,7 @@ This section describes technical changes associated with this release of Grafana
### Plugins
Grafana now requires all plugins to be signed. If a plugin is not signed Grafana will not load/start it. This is an additional security measure to make sure plugin files and binaries haven't been tampered with. All Grafana Labs authored plugins, including Enterprise plugins, are now signed. It's possible to allow unsigned plugins using a configuration setting, but is something we strongly advise against doing. For more information about this setting, refer to [allow loading unsigned plugins]({{< relref "../../administration/#allow_loading_unsigned_plugins" >}}).
Grafana now requires all plugins to be signed. If a plugin is not signed Grafana will not load/start it. This is an additional security measure to make sure plugin files and binaries haven't been tampered with. All Grafana Labs authored plugins, including Enterprise plugins, are now signed. It's possible to allow unsigned plugins using a configuration setting, but is something we strongly advise against doing. For more information about this setting, refer to [allow loading unsigned plugins]({{< relref "../../setup-grafana/configure-grafana#allow_loading_unsigned_plugins" >}}).
### Grafana Live
@ -30,11 +30,11 @@ When WebSocket connection is established, Grafana checks the request Origin head
To handle many concurrent WebSocket connections you may need to tune your OS settings or infrastructure. Grafana Live is enabled by default and supports 100 concurrent WebSocket connections max to avoid possible problems with the file descriptor OS limit. As soon as your setup meets the requirements to scale the number of persistent connections this limit can be increased. You also have an option to disable Grafana Live.
Refer to [Grafana Live configuration]({{< relref "../../setup-grafana/set-up-grafana-live/" >}}) documentation for more information.
Refer to [Grafana Live configuration]({{< relref "../../setup-grafana/set-up-grafana-live" >}}) documentation for more information.
### Postgres, MySQL, Microsoft SQL Server data sources
Grafana v8.0 changes the underlying data structure to [data frames]({{< relref "../../developers/plugins/data-frames/" >}}) for the Postgres, MySQL, Microsoft SQL Server data sources. As a result, a _Time series_ query result gets returned in a [wide format]({{< relref "../../developers/plugins/data-frames/#wide-format" >}}). To make the visualizations work as they did before, you might have to do some manual migrations.
Grafana v8.0 changes the underlying data structure to [data frames]({{< relref "../../developers/plugins/data-frames" >}}) for the Postgres, MySQL, Microsoft SQL Server data sources. As a result, a _Time series_ query result gets returned in a [wide format]({{< relref "../../developers/plugins/data-frames#wide-format" >}}). To make the visualizations work as they did before, you might have to do some manual migrations.
For any existing panels/visualizations using a _Time series_ query, where the time column is only needed for filtering the time range, for example, using the bar gauge or pie chart panel, we recommend that you use a _Table query_ instead and exclude the time column as a field in the response.
Refer to this [issue comment](https://github.com/grafana/grafana/issues/35534#issuecomment-861519658) for detailed instructions and workarounds.
@ -57,6 +57,6 @@ ORDER BY time
There are two possible workarounds to resolve this problem:
1. In Grafana v8.0.3, use an alias of the string column selected as `metric`. for example, `hostname as metric`.
2. Use the [Standard field definitions' display name]({{< relref "../../panels-visualizations/configure-standard-options/#display-name" >}}) to format the alias. For the preceding example query, you would use `${__field.labels.hostname}` option.
2. Use the [Standard field definitions' display name]({{< relref "../../panels-visualizations/configure-standard-options#display-name" >}}) to format the alias. For the preceding example query, you would use `${__field.labels.hostname}` option.
For more information, refer to the our relational databases documentation of [Postgres]({{< relref "../../datasources/postgres/#time-series-queries" >}}), [MySQL]({{< relref "../../datasources/mysql/#time-series-queries" >}}), [Microsoft SQL Server]({{< relref "../../datasources/mssql/#time-series-queries" >}}).
For more information, refer to the our relational databases documentation of [Postgres]({{< relref "../../datasources/postgres#time-series-queries" >}}), [MySQL]({{< relref "../../datasources/mysql#time-series-queries" >}}), [Microsoft SQL Server]({{< relref "../../datasources/mssql/query-editor#time-series-query-examples" >}}).
@ -22,6 +22,6 @@ This section describes technical changes associated with this release of Grafana
As of Grafana v8.1, we no longer support unencrypted storage of passwords and basic auth passwords.
> **Note:** Since Grafana v6.2, new or updated data sources store passwords and basic auth passwords encrypted. See [upgrade note]({{< relref "#ensure-encryption-of-data-source-secrets" >}}) for more information. However, unencrypted passwords and basic auth passwords were also allowed.
> **Note:** Since Grafana v6.2, new or updated data sources store passwords and basic auth passwords encrypted. However, unencrypted passwords and basic auth passwords were also allowed.
To migrate to encrypted storage, follow the instructions from the [v6.2 upgrade notes]({{< relref "#ensure-encryption-of-data-source-secrets" >}}). You can also use a `grafana-cli` command to migrate all of your data sources to use encrypted storage of secrets. See [migrate data and encrypt passwords]({{< relref "../../cli/#migrate-data-and-encrypt-passwords" >}}) for further instructions.
To migrate to encrypted storage, use a `grafana-cli` command to migrate all of your data sources to use encrypted storage of secrets. See [migrate data and encrypt passwords]({{< relref "../../cli#migrate-data-and-encrypt-passwords" >}}) for further instructions.
@ -24,7 +24,7 @@ Fine-grained access control is now called "Role-based access control (RBAC)". As
- Built-in roles are now called basic roles. They now consist of permissions, not roles.
- The Terraform `builtin_role_assignment` resource is deprecated. Please use [grafana_role](https://registry.terraform.io/providers/grafana/grafana/latest/docs/resources/role) resource instead.
- Grafana provisioning has a new schema. Please refer to [Provisioning RBAC with Grafana](https://grafana.com/docs/grafana/latest/administration/roles-and-permissions/access-control/rbac-grafana-provisioning/) to learn more about provisioning.
- Grafana provisioning has a new schema. Please refer to [Provisioning RBAC with Grafana](/docs/grafana/latest/administration/roles-and-permissions/access-control/rbac-grafana-provisioning/) to learn more about provisioning.
- Basic roles no longer support permission inheritance. Previously, when permissions of a Viewer basic role were modified, it was propagated to the Editor and Admin basic roles. With the Grafana 9.0 release, this is not the case anymore.
- Several role-based access control actions have been renamed. All database entries that use legacy action names will be migrated to use the new names, but provisioning files and scripts will have to be updated by the user. This change also means that if Grafana is downgraded from 9.0 to a lower version, some role-based access control permissions will not be resolved correctly.
@ -59,11 +59,11 @@ The rename by regex transformation has been improved to allow global patterns of
### Clock Panel
We have updated [clock panel](https://grafana.com/grafana/plugins/grafana-clock-panel/) to version `2.0.0` to make it compatible with Grafana 9. The previous version `1.3.1` will cause the Grafana 9 to [crash](https://github.com/grafana/clock-panel/issues/106) when being used in a dashboard, we encourage you to update the panel before migrating to Grafana 9.
We have updated [clock panel](/grafana/plugins/grafana-clock-panel/) to version `2.0.0` to make it compatible with Grafana 9. The previous version `1.3.1` will cause the Grafana 9 to [crash](https://github.com/grafana/clock-panel/issues/106) when being used in a dashboard, we encourage you to update the panel before migrating to Grafana 9.
### Polystat Panel
We have updated [polystat panel](https://grafana.com/grafana/plugins/grafana-polystat-panel/) to version `1.2.10` to make it compatible with Grafana 9. The previous versions `1.2.8` and below will render empty in Grafana 9. We encourage you to update the panel before or immediately after migrating to Grafana 9.
We have updated [polystat panel](/grafana/plugins/grafana-polystat-panel/) to version `1.2.10` to make it compatible with Grafana 9. The previous versions `1.2.8` and below will render empty in Grafana 9. We encourage you to update the panel before or immediately after migrating to Grafana 9.
### Envelope encryption enabled by default
@ -82,7 +82,7 @@ The recommendation here is to enable `envelopeEncryption` for older versions, or
before upgrading to v9.0. However, the latter is probably going to be removed in one of the next releases, so we hugely
encourage to move on with envelope encryption.
Find [here]({{< relref "../../setup-grafana/configure-security/configure-database-encryption/" >}}) more details and some
Find [here]({{< relref "../../setup-grafana/configure-security/configure-database-encryption" >}}) more details and some
possible workarounds in case you end up in an undesired situation.
Beginning in v9.2, Grafana has a [supported database versions policy]({{< relref "../../setup-grafana/installation/#supported-databases" >}}). As of this release, MySQL versions from 5.7, postgres versions from v10, and SQLite 3 are supported databases.
Beginning in v9.2, Grafana has a [supported database versions policy]({{< relref "../../setup-grafana/installation#supported-databases" >}}). As of this release, MySQL versions from 5.7, postgres versions from v10, and SQLite 3 are supported databases.
Beginning in v9.5, the InfluxDB data source deprecates the `database` field in provisioning files.
The `dbName` field under `jsonData` must be used to store the database information.
For more information and examples, please refer to [InfluxDB Provisioning]({{< relref "../../datasources/influxdb/#provision-the-data-source" >}}).
For more information and examples, please refer to [InfluxDB Provisioning]({{< relref "../../datasources/influxdb#provision-the-data-source" >}}).
### Dashboard previews deprecation notice
We are deprecating the [Dashboard previews]({{< relref "../../search/dashboard-previews" >}}) feature and will remove it in Grafana v10. We've started exploring alternative ways of adding visual previews using the Scenes framework, and we'll share more information about it in the future.
We are deprecating the dashboard previews feature and will remove it in Grafana v10. We've started exploring alternative ways of adding visual previews using the Scenes framework, and we'll share more information about it in the future.
### Migrate your API keys to service accounts
We are upgrading Grafana [API keys]({{< relref "../../administration/api-keys/" >}}) to service accounts. Service accounts are a superset of API keys that include token rotation and compatibility with [Role-based access control]({{< relref "../../administration/roles-and-permissions/access-control/" >}}). In a future release, we'll automatically migrate all existing API keys to service accounts. All of your existing tokens will continue to work; they will simply be migrated to service accounts. You can preempt this change by migrating your existing API keys to service accounts using Grafana's UI or API. Learn how to do this in the [API keys documentation]({{< relref "../../administration/api-keys/#migrate-api-keys-to-grafana-service-accounts" >}}).
We are upgrading Grafana [API keys]({{< relref "../../administration/api-keys" >}}) to service accounts. Service accounts are a superset of API keys that include token rotation and compatibility with [Role-based access control]({{< relref "../../administration/roles-and-permissions/access-control" >}}). In a future release, we'll automatically migrate all existing API keys to service accounts. All of your existing tokens will continue to work; they will simply be migrated to service accounts. You can preempt this change by migrating your existing API keys to service accounts using Grafana's UI or API. Learn how to do this in the [API keys documentation]({{< relref "../../administration/api-keys#migrate-api-keys-to-grafana-service-accounts" >}}).
description: Learn about new and changed features in Grafana.
---
# What's new in Grafana
For release highlights, deprecations, and breaking changes in Grafana releases, refer to these "What's new" pages for each version.
> **Note:** For Grafana versions prior to v9.2, additional information might also be available in the archive of [release notes]({{< relref "../release-notes/" >}}).
> **Note:** For Grafana versions prior to v9.2, additional information might also be available in the archive of [release notes]({{< relref "../release-notes" >}}).
For a complete list of every change, with links to pull requests and related issues when available, see the [Changelog](https://github.com/grafana/grafana/blob/main/CHANGELOG.md).
## Grafana 9
- [What's new in 9.5]({{< relref "whats-new-in-v9-5/" >}})
- [What's new in 9.4]({{< relref "whats-new-in-v9-4/" >}})
- [What's new in 9.3]({{< relref "whats-new-in-v9-3/" >}})
- [What's new in 9.2]({{< relref "whats-new-in-v9-2/" >}})
- [What's new in 9.1]({{< relref "whats-new-in-v9-1/" >}})
- [What's new in 9.0]({{< relref "whats-new-in-v9-0/" >}})
- [What's new in 9.5]({{< relref "./whats-new-in-v9-5" >}})
- [What's new in 9.4]({{< relref "./whats-new-in-v9-4" >}})
- [What's new in 9.3]({{< relref "./whats-new-in-v9-3" >}})
- [What's new in 9.2]({{< relref "./whats-new-in-v9-2" >}})
- [What's new in 9.1]({{< relref "./whats-new-in-v9-1" >}})
- [What's new in 9.0]({{< relref "./whats-new-in-v9-0" >}})
## Grafana 8
- [What's new in 8.5]({{< relref "whats-new-in-v8-5/" >}})
- [What's new in 8.4]({{< relref "whats-new-in-v8-4/" >}})
- [What's new in 8.3]({{< relref "whats-new-in-v8-3/" >}})
- [What's new in 8.2]({{< relref "whats-new-in-v8-2/" >}})
- [What's new in 8.1]({{< relref "whats-new-in-v8-1/" >}})
- [What's new in 8.0]({{< relref "whats-new-in-v8-0/" >}})
- [What's new in 8.5]({{< relref "./whats-new-in-v8-5" >}})
- [What's new in 8.4]({{< relref "./whats-new-in-v8-4" >}})
- [What's new in 8.3]({{< relref "./whats-new-in-v8-3" >}})
- [What's new in 8.2]({{< relref "./whats-new-in-v8-2" >}})
- [What's new in 8.1]({{< relref "./whats-new-in-v8-1" >}})
- [What's new in 8.0]({{< relref "./whats-new-in-v8-0" >}})
@ -22,7 +22,7 @@ This major release of Grafana is the next step in our Observability story. It in
The Grafana 7.0 stable release is scheduled for the 18th of May. In the meantime, if you want to know more about what we've been up to and what is coming, sign up for our online GrafanaCon conference.
[{{< figure src="/assets/img/blog/GrafanaCONline.jpg" max-width="800px" lightbox="false" caption="GrafanaCONline May 13-29" >}}](https://grafana.com/about/events/grafanacon/2020/?source=blog)
[{{< figure src="/assets/img/blog/GrafanaCONline.jpg" max-width="800px" lightbox="false" caption="GrafanaCONline May 13-29" >}}](/about/events/grafanacon/2020/?source=blog)
The main highlights are:
@ -35,7 +35,7 @@ The main highlights are:
- [**Plugins** New plugins platform.]({{< relref "#plugins-platform" >}})
- [**Tutorials** New tutorials section.]({{< relref "#new-tutorials" >}})
- [**Cloudwatch** Support for Cloudwatch Logs in Explore and the Logs panel.]({{< relref "#cloudwatch-logs" >}})
- [**Time zones** Time zone support]({{< relref "#time-zone-support" >}})
## New panel editor and unified data model
@ -48,7 +48,7 @@ In previous versions of Grafana, each visualization had slightly different ways
We have yet to migrate all core panels to this new architecture so in 7.0 there will be some inconsistencies in the UI between panels. This will be fixed soon in future releases as we update all the core panels and help the community update the community panel plugins.
Learn more about this feature in [Panel editor]({{< relref "../panels-visualizations/panel-editor-overview/" >}}).
Learn more about this feature in [Panel editor]({{< relref "../panels-visualizations/panel-editor-overview" >}}).
## New tracing UI
@ -64,15 +64,15 @@ In the future we will add more workflows and integrations so that correlating be
The data you want to visualize can come from many different places and it is usually not in exactly the right form. Users can now transform non-time series data into tables (e.g., JSON files or even simple lookup tables) in seconds without any customization or additional overhead. They can then combine non-time series data with any other data in Grafana; data from an external database or a panel that already exists in one of their current dashboards.
By chaining a simple set of point and click [transformations]({{< relref "../panels-visualizations/query-transform-data/transform-data/#transformation-functions" >}}), users will be able join, pivot, filter, re-name and do calculations to get the results they need. Perfect for operations across queries or data sources missing essential data transformations.
By chaining a simple set of point and click [transformations]({{< relref "../panels-visualizations/query-transform-data/transform-data#transformation-functions" >}}), users will be able join, pivot, filter, re-name and do calculations to get the results they need. Perfect for operations across queries or data sources missing essential data transformations.
[Transformations]({{< relref "../panels-visualizations/query-transform-data/transform-data/" >}}) also adds the ability to do math across queries. Lots of data sources do not support this natively, so being able to do it in Grafana is a powerful feature.
[Transformations]({{< relref "../panels-visualizations/query-transform-data/transform-data" >}}) also adds the ability to do math across queries. Lots of data sources do not support this natively, so being able to do it in Grafana is a powerful feature.
For users with large dashboards or with heavy queries, being able to reuse the query result from one panel in another panel can be a huge performance gain for slow queries (e.g log or sql queries). From the data source menu in the query editor, you can choose the `--dashboard--` option and then choose the query result from another panel on the same dashboard.
The [Google Sheets data source](https://grafana.com/grafana/plugins/grafana-googlesheets-datasource) that was published a few weeks ago works really well together with the transformations feature.
The [Google Sheets data source](/grafana/plugins/grafana-googlesheets-datasource) that was published a few weeks ago works really well together with the transformations feature.
We are also introducing a new shared data model for both time series and table data that we call [DataFrame]({{< relref "../developers/plugins/data-frames/#data-frames" >}}). A DataFrame is like a table with columns but we refer to columns as fields. A time series is a DataFrame with two fields (time & value).
We are also introducing a new shared data model for both time series and table data that we call [DataFrame]({{< relref "../developers/plugins/data-frames#data-frames" >}}). A DataFrame is like a table with columns but we refer to columns as fields. A time series is a DataFrame with two fields (time & value).
**Transformations shipping in 7.0**
@ -84,7 +84,7 @@ We are also introducing a new shared data model for both time series and table d
- **Outer join:** Joins many time series/tables by a field. This can be used to outer join multiple time series on the _time_ field to show many time series in one table.
- **Add field from calculation:** This is a powerful transformation that allows you perform many different types of math operations and add the result as a new field. Can be used to calculate the difference between two series or fields and add the result to a new field. Or multiply one field with another and add the result to a new field.
Learn more about this feature in [Transformations]({{< relref "../panels-visualizations/query-transform-data/transform-data/#transformation-functions" >}}).
Learn more about this feature in [Transformations]({{< relref "../panels-visualizations/query-transform-data/transform-data#transformation-functions" >}}).
## Field options and overrides
@ -94,7 +94,7 @@ Up until now the overrides were available only for Graph and Table panel(via Col
This feature enables even more powerful visualizations and fine grained control over how the data is displayed.
Learn more about this feature in [Field overrides]({{< relref "../panels-visualizations/configure-overrides/" >}}).
Learn more about this feature in [Field overrides]({{< relref "../panels-visualizations/configure-overrides" >}}).
## Inspect panels and export data to CSV
@ -102,7 +102,7 @@ Learn more about this feature in [Field overrides]({{< relref "../panels-visuali
Another new feature of Grafana 7.0 is the panel inspector. Inspect allows you to view the raw data for any Grafana panel as well as export that data to a CSV file. With Panel inspect you will also be able to perform simple raw data transformations like join, view query stats or detailed execution data.
Learn more about this feature in [Panel Inspector]({{< relref "../panels-visualizations/panel-inspector/#inspect-query-request-and-response-data" >}}).
Learn more about this feature in [Panel Inspector]({{< relref "../panels-visualizations/panel-inspector#inspect-query-request-and-response-data" >}}).
<divclass="clearfix"></div>
@ -126,9 +126,9 @@ Grafana 7.0 adds logging support to one of our most popular cloud provider data
## Plugins platform
The [platform for plugins]({{< relref "../developers/plugins/" >}}) has been completely re-imagined and provides ready-made components and tooling to help both inexperienced and experienced developers get up and running more quickly. The tooling, documentation, and new components will improve plugin quality and reduce long-term maintenance. We are already seeing that a high quality plugin with the Grafana look and feel can be written in much fewer lines of code than previously.
The [platform for plugins]({{< relref "../developers/plugins" >}}) has been completely re-imagined and provides ready-made components and tooling to help both inexperienced and experienced developers get up and running more quickly. The tooling, documentation, and new components will improve plugin quality and reduce long-term maintenance. We are already seeing that a high quality plugin with the Grafana look and feel can be written in much fewer lines of code than previously.
Learn more about developing plugins in the new framework in [Build a plugin]({{< relref "../developers/plugins/" >}}).
Learn more about developing plugins in the new framework in [Build a plugin]({{< relref "../developers/plugins" >}}).
### Front end plugins platform
@ -136,28 +136,28 @@ In Grafana 7.0 we are maturing our panel and front-end datasource plugins platfo
Plugins can use the same React components that the Grafana team uses to build Grafana. Using these components means the Grafana team will support and improve them continually and make your plugin as polished as the rest of Grafana’s UI. The new [`@grafana/ui` components library](https://developers.grafana.com/ui) is documented with Storybook (visual documentation) and is available on NPM.
The `@grafana/data`, `@grafana/runtime`, `@grafana/e2e packages` (also available via NPM) aim to simplify the way plugins are developed. We want to deliver a set of [reliable APIs](https://grafana.com/docs/grafana/v7.0/packages_api/) for plugin developers.
The `@grafana/data`, `@grafana/runtime`, `@grafana/e2e packages` (also available via NPM) aim to simplify the way plugins are developed. We want to deliver a set of [reliable APIs](/docs/grafana/v7.0/packages_api/) for plugin developers.
With [@grafana/toolkit](https://www.npmjs.com/package/@grafana/toolkit) we are delivering a simple CLI that helps plugin authors quickly scaffold, develop and test their plugins without worrying about configuration details. A plugin author no longer needs to be a grunt or webpack expert to build their plugin.
### Support for backend plugins
Grafana now officially supports [backend plugins]({{< relref "../developers/plugins/backend/" >}}) and the first type of plugin to be introduced is a backend component for data source plugins. You can optionally add a backend component to your data source plugin and implement the query logic there to automatically enable alerting in Grafana for your plugin. In the 7.0 release, we introduce the [Grafana Plugin SDK for Go]({{< relref "../developers/plugins/backend/grafana-plugin-sdk-for-go/" >}}) that enables and simplifies building a backend plugin in [Go](https://golang.org/).
Grafana now officially supports [backend plugins]({{< relref "../developers/plugins/backend" >}}) and the first type of plugin to be introduced is a backend component for data source plugins. You can optionally add a backend component to your data source plugin and implement the query logic there to automatically enable alerting in Grafana for your plugin. In the 7.0 release, we introduce the [Grafana Plugin SDK for Go]({{< relref "../developers/plugins/backend/grafana-plugin-sdk-for-go" >}}) that enables and simplifies building a backend plugin in [Go](https://golang.org/).
Plugins can be monitored with the new metrics and health check capabilities. The new Resources capability means backend components can return non-time series data like JSON or static resources like images and opens up Grafana for new use cases.
With this release, we are deprecating the unofficial first version of backend plugins which will be removed in a future release.
To learn more, start with the [overview]({{< relref "../developers/plugins/backend/" >}}). Next, in this [tutorial](https://grafana.com/tutorials/build-a-data-source-backend-plugin/) you'll learn how to build a backend for a data source plugin and enable it for use with [Grafana Alerting]({{< relref "../alerting/" >}}). Make sure to keep an eye out for additional documentation and tutorials that will be published after the Grafana v7.0 release.
To learn more, start with the [overview]({{< relref "../developers/plugins/backend" >}}). Next, in this [tutorial](/tutorials/build-a-data-source-backend-plugin/) you'll learn how to build a backend for a data source plugin and enable it for use with [Grafana Alerting]({{< relref "../alerting" >}}). Make sure to keep an eye out for additional documentation and tutorials that will be published after the Grafana v7.0 release.
## New tutorials
To help you get started with Grafana, we’ve launched a brand new tutorials platform. We’ll continue to expand the platform with more tutorials, but here are some of the ones you can try out now:
- [Create users and teams](/tutorials/create-users-and-teams/)
- [Build a panel plugin](/tutorials/build-a-panel-plugin/)
- [Build a data source plugin](/tutorials/build-a-data-source-plugin/)
## Rollup indicator for Metrictank queries
@ -171,25 +171,25 @@ Depending on the cardinality of the data and the time range MetricTank may retur
[PhantomJS](https://phantomjs.org/), have been used for rendering images of dashboards and panels and have been included with Grafana since Grafana v2.0. Since then we’ve had a lot of related bugs and security related issues, mainly due to the fact that PhantomJS have struggled with supporting modern web technologies. Throughout the years, maintaining PhantomJS support in Grafana has been a nightmare. Removing support for PhantomJS has been a high priority for the Grafana project and got stressed even more when the PhantomJS maintainer in March 2018 [announced](https://github.com/ariya/phantomjs/issues/15344) the end of the project.
Since then we have been working towards removing PhantomJS. In October 2019, when Grafana v6.4 was released, we [announced](https://grafana.com/blog/2019/10/02/grafana-v6.4-released/#phantomjs-deprecation) the deprecation of PhantomJS. Grafana v7.0 removes all PhantomJS support which means that Grafana distribution no longer will include a built-in image renderer.
Since then we have been working towards removing PhantomJS. In October 2019, when Grafana v6.4 was released, we [announced](/blog/2019/10/02/grafana-v6.4-released/#phantomjs-deprecation) the deprecation of PhantomJS. Grafana v7.0 removes all PhantomJS support which means that Grafana distribution no longer will include a built-in image renderer.
As a replacement for PhantomJS we’ve developed the [Grafana Image Renderer plugin](https://grafana.com/grafana/plugins/grafana-image-renderer) which is a plugin that runs on the backend and handles rendering panels and dashboards as PNG images using headless Chromium/Chrome. The [Grafana Image Renderer plugin](https://grafana.com/grafana/plugins/grafana-image-renderer) can either be installed as a Grafana plugin running in its own process side-by-side with Grafana. or runs as an external HTTP service, hosted using Docker or as a standalone application.
As a replacement for PhantomJS we’ve developed the [Grafana Image Renderer plugin](/grafana/plugins/grafana-image-renderer) which is a plugin that runs on the backend and handles rendering panels and dashboards as PNG images using headless Chromium/Chrome. The [Grafana Image Renderer plugin](/grafana/plugins/grafana-image-renderer) can either be installed as a Grafana plugin running in its own process side-by-side with Grafana. or runs as an external HTTP service, hosted using Docker or as a standalone application.
Read more about [Image Rendering]({{< relref "../setup-grafana/image-rendering/" >}}) in the documentation for further instructions.
Read more about [Image Rendering]({{< relref "../setup-grafana/image-rendering" >}}) in the documentation for further instructions.
## Query history in Explore out of beta
The Query history feature lets you view and interact with the queries that you have previously run in Explore. You can add queries to the Explore query editor, write comments, create and share URL links, star your favorite queries, and much more. Starred queries are displayed in the Starred tab, so it is easier to reuse queries that you run often without typing them from scratch.
It was released as a beta feature in Grafana 6.7. The feedback has been really positive and it is now out of beta for the 7.0 release. Learn more about query history in [Explore]({{< relref "../explore/" >}}).
It was released as a beta feature in Grafana 6.7. The feedback has been really positive and it is now out of beta for the 7.0 release. Learn more about query history in [Explore]({{< relref "../explore" >}}).
## Stackdriver data source supports Service Monitoring
[Service monitoring](https://cloud.google.com/service-monitoring) in Google Cloud Platform (GCP) enables you to monitor based on Service Level Objectives (SLOs) for your GCP services. The new SLO query builder in the Stackdriver data source allows you to display SLO data in Grafana. Read more about it in the [Stackdriver data source documentation]({{< relref "../datasources/google-cloud-monitoring/#slo-service-level-objective-queries" >}}).
[Service monitoring](https://cloud.google.com/service-monitoring) in Google Cloud Platform (GCP) enables you to monitor based on Service Level Objectives (SLOs) for your GCP services. The new SLO query builder in the Stackdriver data source allows you to display SLO data in Grafana. Read more about it in the [Stackdriver data source documentation]({{< relref "../datasources/google-cloud-monitoring#slo-service-level-objective-queries" >}}).
## Time zone support
You can now override the [time zone]({{< relref "../dashboards/manage-dashboards/#dashboard-time-settings" >}}) used to display date and time values in a dashboard. One benefit of this is that you can specify the local time zone of the service or system that you are monitoring which can be helpful when monitoring a system or service that operates across several time zones.
You can now override the [time zone]({{< relref "../dashboards/manage-dashboards#dashboard-time-settings" >}}) used to display date and time values in a dashboard. One benefit of this is that you can specify the local time zone of the service or system that you are monitoring which can be helpful when monitoring a system or service that operates across several time zones.
## Alerting and deep linking for Azure Log Analytics
@ -214,17 +214,17 @@ This includes problems like:
### Usage insights and Presence indicator
This release includes a series of features that build on our new usage analytics engine. This “Grafana about Grafana” feature will help our large customers get better insight into the behavior and utilization of their users, dashboards, and data sources. The improved [dashboard search]({{< relref "../dashboards/assess-dashboard-usage/#sort-dashboards-by-using-insights-data" >}}) allows you to sort dashboards by usage and errors. When a user opens a dashboard, they will see a [presence indicator]({{< relref "../dashboards/assess-dashboard-usage/#presence-indicator" >}}) of who else is viewing the same dashboard. And finally [Dashboard insights]({{< relref "../dashboards/assess-dashboard-usage/#dashboard-insights" >}}) allows you to view recent dashboard usage.
This release includes a series of features that build on our new usage analytics engine. This “Grafana about Grafana” feature will help our large customers get better insight into the behavior and utilization of their users, dashboards, and data sources. The improved [dashboard search]({{< relref "../dashboards/assess-dashboard-usage#sort-dashboards-by-using-insights-data" >}}) allows you to sort dashboards by usage and errors. When a user opens a dashboard, they will see a [presence indicator]({{< relref "../dashboards/assess-dashboard-usage#presence-indicator" >}}) of who else is viewing the same dashboard. And finally [Dashboard insights]({{< relref "../dashboards/assess-dashboard-usage#dashboard-insights" >}}) allows you to view recent dashboard usage.
SAML support in Grafana Enterprise is improved by adding Role and Team Sync. Read more about how to use these features in the [SAML team sync documentation]({{< relref "../setup-grafana/configure-security/configure-authentication/saml/#configure-team-sync" >}}).
SAML support in Grafana Enterprise is improved by adding Role and Team Sync. Read more about how to use these features in the [SAML team sync documentation]({{< relref "../setup-grafana/configure-security/configure-authentication/saml#configure-team-sync" >}}).
### Okta OAuth Team Sync
Okta gets its own provider which adds support for Team Sync. Read more about it in the [Okta documentation]({{< relref "../setup-grafana/configure-security/configure-authentication/okta/" >}}).
Okta gets its own provider which adds support for Team Sync. Read more about it in the [Okta documentation]({{< relref "../setup-grafana/configure-security/configure-authentication/okta" >}}).
- [**Deep linking for Google Cloud Monitoring (formerly named Google Stackdriver) datasource**]({{< relref "#deep-linking-for-google-cloud-monitoring-formerly-named-google-stackdriver-datasource" >}})
- [**Deep linking for Google Cloud Monitoring (formerly named Google Stackdriver) datasource**]({{< relref "#deep-linking-for-google-cloud-monitoring-formerly-named-google-stackdriver-data-source" >}})
- [**Secret management with HashiCorp Vault**]({{< relref "#support-for-hashicorp-vault" >}})
- [**Monthly schedules in reports**]({{< relref "#support-for-monthly-schedules-in-reports" >}})
@ -40,7 +40,7 @@ Support for Flux and Influx v2 has been added. The InfluxData blog post, [How to
## Query history search
In Grafana v 7.1 we are introducing search functionality in Query history. You can search across queries and your comments. It is especially useful in combination with a time filter and data source filter. Read more about [Query history here]({{< relref "../explore/#query-history" >}}).
In Grafana v 7.1 we are introducing search functionality in Query history. You can search across queries and your comments. It is especially useful in combination with a time filter and data source filter. Read more about [Query history here]({{< relref "../explore#query-history" >}}).
{{<figuresrc="/static/img/docs/v71/query_history_search.gif"max-width="800px"caption="Query history search">}}
@ -62,11 +62,11 @@ The new table panel introduced in 7.0 was missing a few features that the old ta
## Ad hoc filtering in the new table panel
[Ad hoc filtering]({{< relref "../dashboards/variables/add-template-variables/#add-ad-hoc-filters" >}}), a way to automatically add filters to queries without having to define template variables is now supported in the new Table panel.
[Ad hoc filtering]({{< relref "../dashboards/variables/add-template-variables#add-ad-hoc-filters" >}}), a way to automatically add filters to queries without having to define template variables is now supported in the new Table panel.
## Stat panel text mode
The [stat panel]({{< relref "../panels-visualizations/visualizations/stat/#text-mode" >}}) has a new **Text mode** option to control what text to show.
The [stat panel]({{< relref "../panels-visualizations/visualizations/stat#text-mode" >}}) has a new **Text mode** option to control what text to show.
By default, the Stat panel displays:
@ -79,7 +79,7 @@ You can use the Text mode option to control what text the panel renders. If the
## Provisioning of apps
Grafana v7.1 adds support for provisioning of app plugins. This allows app plugins to be configured and enabled/disabled using configuration files. For more information about provisioning of app, refer to [provisioning plugin]({{< relref "../administration/provisioning/#plugins" >}}).
Grafana v7.1 adds support for provisioning of app plugins. This allows app plugins to be configured and enabled/disabled using configuration files. For more information about provisioning of app, refer to [provisioning plugin]({{< relref "../administration/provisioning#plugins" >}}).
## Azure Monitor data source
@ -89,7 +89,7 @@ Additionally, the Raw Edit mode for Application Insights Analytics has been repl
## Deep linking for Google Cloud Monitoring (formerly named Google Stackdriver) data source
A new feature in Grafana 7.1 is [deep linking from Grafana panels to the Metrics Explorer in Google Cloud Console]({{< relref "../datasources/google-cloud-monitoring/#deep-linking-from-grafana-panels-to-the-metrics-explorer-in-google-cloud-console" >}}). Click on a time series in the panel to see a context menu with a link to View in Metrics explorer in Google Cloud Console. Clicking that link opens the Metrics explorer in the Monitoring Google Cloud Console and runs the query from the Grafana panel there.
A new feature in Grafana 7.1 is [deep linking from Grafana panels to the Metrics Explorer in Google Cloud Console]({{< relref "../datasources/google-cloud-monitoring#deep-linking-from-grafana-panels-to-the-metrics-explorer-in-google-cloud-console" >}}). Click on a time series in the panel to see a context menu with a link to View in Metrics explorer in Google Cloud Console. Clicking that link opens the Metrics explorer in the Monitoring Google Cloud Console and runs the query from the Grafana panel there.
## Time range picker update
@ -103,11 +103,11 @@ General features are included in the Grafana Enterprise edition software.
### Support for HashiCorp Vault
You can now use HashiCorp Vault to get secrets for configuration and provisioning of Grafana Enterprise. For more information about HashiCorp Vault, refer to [vault]({{< relref "../setup-grafana/configure-security/configure-database-encryption/integrate-with-hashicorp-vault/" >}}).
You can now use HashiCorp Vault to get secrets for configuration and provisioning of Grafana Enterprise. For more information about HashiCorp Vault, refer to [vault]({{< relref "../setup-grafana/configure-security/configure-database-encryption/integrate-with-hashicorp-vault" >}}).
### Support for monthly schedules in reports
With Grafana Enterprise 7.1, you can generate reports on a [monthly schedule]({{< relref "../dashboards/share-dashboards-panels/#scheduling" >}}).
With Grafana Enterprise 7.1, you can generate reports on a [monthly schedule]({{< relref "../dashboards/share-dashboards-panels#scheduling" >}}).
- [**What's new in other parts of the Grafana ecosystem**]({{< relref "#whats-new-in-other-parts-of-the-grafana-ecosystem">}})
- [**ADX (Azure Data Explorer) plugin**]({{< relref "#adx-azure-data-explorer-plugin">}})
- [**What's new in other parts of the Grafana ecosystem**]({{< relref "#whats-new-in-other-parts-of-the-grafana-ecosystem">}})
- [**ADX (Azure Data Explorer) plugin**]({{< relref "#adx-azure-data-explorer-plugin">}})
- [**X-Ray data source plugin**]({{< relref "#x-ray-data-source-plugin" >}})
## New date formatting options added
@ -46,7 +46,7 @@ This screenshot shows both a custom full date format with a 12 hour clock and am
{{<figuresrc="/static/img/docs/v72/date_formats.png"max-width="800px"caption="Custom date time formats">}}
Date formats are set for a Grafana instance by adjusting [server-wide settings]({{< relref "../setup-grafana/configure-grafana/#date_formats" >}}) in the Grafana configuration file. We hope to add org- and user-level settings in the future.
Date formats are set for a Grafana instance by adjusting [server-wide settings]({{< relref "../setup-grafana/configure-grafana#date_formats" >}}) in the Grafana configuration file. We hope to add org- and user-level settings in the future.
```
[date_formats]
@ -61,7 +61,7 @@ interval_year = YYYY
There is also experimental support to use the browser location and language to dynamically change the current date format for each user. This feature is disabled by default.
The [Configuration]({{< relref "../setup-grafana/configure-grafana/#date_formats" >}}) topic has been updated as a result of this change.
The [Configuration]({{< relref "../setup-grafana/configure-grafana#date_formats" >}}) topic has been updated as a result of this change.
## Field options are out of beta!
@ -73,7 +73,7 @@ You can now dynamically apply value filters to any table column. This option can
[Filter table columns]({{< relref "../panels-visualizations/visualizations/table/#filter-table-columns" >}}) has been added as a result of this feature.
[Filter table columns]({{< relref "../panels-visualizations/visualizations/table#filter-table-columns" >}}) has been added as a result of this feature.
### New field override selection options
@ -83,8 +83,8 @@ You can now add override rules that use a regex matcher to choose which fields t
Grafana 7.2 includes the following transformation enhancements:
- A new [Group By]({{< relref "../panels-visualizations/query-transform-data/transform-data/#group-by" >}}) transformation that allows you to group by multiple fields and add any number of aggregations for other fields.
- The [Labels to fields]({{< relref "../panels-visualizations/query-transform-data/transform-data/#labels-to-fields" >}}) transformation now allows you to pick one label and use that as the name of the value field.
- A new [Group By]({{< relref "../panels-visualizations/query-transform-data/transform-data#group-by" >}}) transformation that allows you to group by multiple fields and add any number of aggregations for other fields.
- The [Labels to fields]({{< relref "../panels-visualizations/query-transform-data/transform-data#labels-to-fields" >}}) transformation now allows you to pick one label and use that as the name of the value field.
- You can drag transformations to reorder them. Remember that transformations are processed in the order they are listed in the UI, so think before you move something!
{{<figuresrc="/static/img/docs/v72/transformations.gif"max-width="800px"caption="Group by and reordering of transformations">}}
@ -95,15 +95,15 @@ The up and down arrows, which were previously the only way to change query order
{{<figuresrc="/static/img/docs/v72/drag-queries.gif"max-width="800px"caption="Drag to reorder queries">}}
The [Queries]({{< relref "../panels-visualizations/#add-a-query" >}}) topic has been updated as a result of this change.
The [Queries]({{< relref "../panels-visualizations#add-a-query" >}}) topic has been updated as a result of this change.
## Inspect queries in Explore
You can enjoy all the details query inspector gave you in dashboards now in Explore as well. You can open query inspector tab with the button next to query history. See [Query inspector in Explore]({{< relref "../explore/#query-inspector" >}}) for more details.
You can enjoy all the details query inspector gave you in dashboards now in Explore as well. You can open query inspector tab with the button next to query history. See [Query inspector in Explore]({{< relref "../explore#query-inspector" >}}) for more details.
## \$\_\_rate_interval for Prometheus
You can now use the new variable `$__rate_interval` in Prometheus for rate functions mainly. `$__rate_interval` in general is one scrape interval larger than `$__interval` but is never smaller than four times the scrape interval (which is 15s by default). See the [Prometheus data source]({{< relref "../datasources/prometheus/#using-__rate_interval-variable" >}}) for more details.
You can now use the new variable `$__rate_interval` in Prometheus for rate functions mainly. `$__rate_interval` in general is one scrape interval larger than `$__interval` but is never smaller than four times the scrape interval (which is 15s by default). See the [Prometheus data source]({{< relref "../datasources/prometheus#using-__rate_interval-variable" >}}) for more details.
## Toggle parsed log fields
@ -111,7 +111,7 @@ With this awesome contribution from one of our community members, you can now to
{{<figuresrc="/static/img/docs/v72/explore-toggle-parsed-fields.gif"max-width="800px"caption="Toggling parsed fields in Explore">}}
The [Toggle parsed fields]({{< relref "../explore/#toggle-detected-fields" >}}) section has been added to [Explore]({{< relref "../explore/" >}}) as a result of this feature.
The [Toggle parsed fields]({{< relref "../explore#toggle-detected-fields" >}}) section has been added to [Explore]({{< relref "../explore" >}}) as a result of this feature.
## Sensitive alert channel settings are now encrypted
@ -123,9 +123,9 @@ These features are included in the Grafana Enterprise edition software.
### Report and export dashboards in grid layout
A new layout option is available when rendering reports: the grid layout. With this option, your report uses the panel layout from your dashboard, so that what you see is what you get. Learn more about the [grid layout]({{< relref "../dashboards/share-dashboards-panels/#layout-and-orientation" >}}) in the documentation.
A new layout option is available when rendering reports: the grid layout. With this option, your report uses the panel layout from your dashboard, so that what you see is what you get. Learn more about the [grid layout]({{< relref "../dashboards/share-dashboards-panels#layout-and-orientation" >}}) in the documentation.
The grid layout is also available for the [Export dashboard as PDF]({{< relref "../dashboards/share-dashboards-panels/#export-dashboard-as-pdf" >}}) feature.
The grid layout is also available for the [Export dashboard as PDF]({{< relref "../dashboards/share-dashboards-panels#export-dashboard-as-pdf" >}}) feature.
@ -133,7 +133,7 @@ The grid layout is also available for the [Export dashboard as PDF]({{< relref "
You can now generate a report with a different time range from the dashboard it is based on. This means that you no longer have to apply workarounds, such as copying dashboards or carefully aligning report generation with the end of the month, to generate reports that cover the period you want.
For more information, refer to [Reports time range]({{< relref "../dashboards/share-dashboards-panels/#report-time-range" >}}).
For more information, refer to [Reports time range]({{< relref "../dashboards/share-dashboards-panels#report-time-range" >}}).
### Organization-wide report settings
@ -141,7 +141,7 @@ You can now configure organization-wide report settings, such as report branding
For more information, refer to [Report settings]({{< relref "../dashboards/share-dashboards-panels/#report-settings" >}}).
For more information, refer to [Report settings]({{< relref "../dashboards/share-dashboards-panels#report-settings" >}}).
## Changelog
@ -157,4 +157,4 @@ In collaboration with Microsoft, we have improved the usability of our ADX datas
### X-Ray data source plugin
We are pleased to announce our very first version of our data source plugin for AWS X-Ray. You can use this plugin to visualize traces, look at analytics tables, and see insight summaries. For more information, refer to the [X-Ray data source](https://grafana.com/grafana/plugins/grafana-x-ray-datasource) plugin page.
We are pleased to announce our very first version of our data source plugin for AWS X-Ray. You can use this plugin to visualize traces, look at analytics tables, and see insight summaries. For more information, refer to the [X-Ray data source](/grafana/plugins/grafana-x-ray-datasource) plugin page.
A new standard field color scheme option has been added. This new option will provide a unified way for all new panels to specify how colors should be assigned. For more information, refer to [Apply color to series and fields]({{< relref "../panels-visualizations/configure-standard-options/#color-scheme" >}}).
A new standard field color scheme option has been added. This new option will provide a unified way for all new panels to specify how colors should be assigned. For more information, refer to [Apply color to series and fields]({{< relref "../panels-visualizations/configure-standard-options#color-scheme" >}}).
- **Single color**: Specifies a single color. Useful in an override rule.
- **From thresholds**: Informs Grafana to take color from the matching threshold.
@ -59,7 +59,7 @@ Another thing to highlight is that all these new color schemes are theme aware a
{{<figuresrc="/static/img/docs/v73/table_color_scheme_mono_light.png"max-width="900px"caption="table color monochrome scheme">}}
As this new option is a standard field option it works in every panel. Here is another example from the [Bar Gauge]({{< relref "../panels-visualizations/visualizations/bar-gauge/" >}}) panel.
As this new option is a standard field option it works in every panel. Here is another example from the [Bar Gauge]({{< relref "../panels-visualizations/visualizations/bar-gauge" >}}) panel.
{{<figuresrc="/static/img/docs/v73/bar_gauge_gradient_color_scheme.png"max-width="900px"caption="bar gauge color scheme">}}
@ -67,7 +67,7 @@ As this new option is a standard field option it works in every panel. Here is a
In v7.0, we introduced a new table panel and inspect mode with Download CSV enabled. However, CSV export to Excel was removed. Due to a large number of inquiries and requests, this [community contribution from tomdaly](https://github.com/grafana/grafana/pull/27284) brought the feature back.
For more information, refer to [Download raw query results]({{< relref "../panels-visualizations/panel-inspector/#download-raw-query-results" >}}).
For more information, refer to [Download raw query results]({{< relref "../panels-visualizations/panel-inspector#download-raw-query-results" >}}).
## Google Cloud monitoring out-of-the-box dashboards
@ -81,7 +81,7 @@ The updated Google Cloud monitoring data source is shipped with pre-configured d
To import the pre-configured dashboards, go to the configuration page of your Google Cloud Monitoring data source and click on the `Dashboards` tab. Click `Import` for the dashboard you would like to use. To customize the dashboard, we recommend to save the dashboard under a different name, because otherwise the dashboard will be overwritten when a new version of the dashboard is released.
For more details, see the [Google Cloud Monitoring docs]({{< relref "../datasources/google-cloud-monitoring/#out-of-the-box-dashboards" >}})
For more details, see the [Google Cloud Monitoring docs]({{< relref "../datasources/google-cloud-monitoring#out-of-the-box-dashboards" >}})
## Shorten URL for dashboards and Explore
@ -91,7 +91,7 @@ This is an amazing new feature that was created in cooperation with one of our c
You can now configure your Elasticsearch data source to access your Amazon Elasticsearch Service domain directly from Grafana.
For more details, refer to the [Elasticsearch docs]({{< relref "../datasources/elasticsearch/#aws-signature-version-4-authentication" >}}).
For more details, refer to the [Elasticsearch docs]({{< relref "../datasources/elasticsearch#aws-signature-version-4-authentication" >}}).
## Chaining pipeline aggregation in Elasticsearch
@ -127,7 +127,7 @@ Example of a login event:
}
```
For more details, see the [Auditing docs]({{< relref "../setup-grafana/configure-security/audit-grafana/" >}}).
For more details, see the [Auditing docs]({{< relref "../setup-grafana/configure-security/audit-grafana" >}}).
### Data source usage insights
@ -141,11 +141,11 @@ Insights:
### SAML single logout
SAML’s single logout (SLO) capability allows users to log out from all applications associated with the current identity provider (IdP) session established via SAML SSO. For more information, refer to the [docs]({{< relref "../setup-grafana/configure-security/configure-authentication/saml/#single-logout" >}}).
SAML’s single logout (SLO) capability allows users to log out from all applications associated with the current identity provider (IdP) session established via SAML SSO. For more information, refer to the [docs]({{< relref "../setup-grafana/configure-security/configure-authentication/saml#single-logout" >}}).
### SAML IdP-initiated single sign on
IdP-initiated single sign on (SSO) allows the user to log in directly from the SAML identity provider (IdP). It is disabled by default for security reasons. For more information, refer to the [docs]({{< relref "../setup-grafana/configure-security/configure-authentication/saml/#idp-initiated-single-sign-on-sso" >}}).
IdP-initiated single sign on (SSO) allows the user to log in directly from the SAML identity provider (IdP). It is disabled by default for security reasons. For more information, refer to the [docs]({{< relref "../setup-grafana/configure-security/configure-authentication/saml#idp-initiated-single-sign-on-sso" >}}).
## Changelog
@ -153,11 +153,11 @@ Check out [CHANGELOG.md](https://github.com/grafana/grafana/blob/master/CHANGELO
@ -36,7 +36,7 @@ Apart from major performance improvements, the new Time series panel implements
The following documentation topics were added for this feature:
- [Time series panel]({{< relref "../panels-visualizations/visualizations/time-series/" >}})
- [Time series panel]({{< relref "../panels-visualizations/visualizations/time-series" >}})
- [Graph time series as lines]({{< relref "../panels-visualizations/visualizations/time-series#line-style" >}})
- [Graph time series as bars]({{< relref "../panels-visualizations/visualizations/time-series#bar-alignment" >}})
- [Graph time series as points]({{< relref "../panels-visualizations/visualizations/time-series#show-points" >}})
@ -48,9 +48,9 @@ _Node graph_ is a new panel type that can visualize directed graphs or network i
All the information and stats shown in the Node graph beta are driven by the data provided in the response from the data source. The first data source that is using this panel is AWS X-Ray, for displaying their service map data.
For more details about how to use the X-Ray service map feature, see the [X-Ray plugin documentation](https://grafana.com/grafana/plugins/grafana-x-ray-datasource).
For more details about how to use the X-Ray service map feature, see the [X-Ray plugin documentation](/grafana/plugins/grafana-x-ray-datasource).
For more information, refer to [Node graph panel]({{< relref "../panels-visualizations/visualizations/node-graph/" >}}).
For more information, refer to [Node graph panel]({{< relref "../panels-visualizations/visualizations/node-graph" >}}).
### New transformations
@ -60,7 +60,7 @@ The following transformations were added in Grafana 7.4.
The _Sort by_ transformation allows you to sort data before sending it to the visualization.
For more information, refer to [Sort by]({{< relref "../panels-visualizations/query-transform-data/transform-data/#sort-by" >}}).
For more information, refer to [Sort by]({{< relref "../panels-visualizations/query-transform-data/transform-data#sort-by" >}}).
#### Filter data by value transform
@ -68,13 +68,13 @@ The new _Filter data by value_ transformation allows you to filter your data dir
This transformation is very useful if your data source does not natively filter by values. You might also use this to narrow values to display if you are using a shared query.
For more information, refer to [Filter data by value]({{< relref "../panels-visualizations/query-transform-data/transform-data/#filter-data-by-value" >}}).
For more information, refer to [Filter data by value]({{< relref "../panels-visualizations/query-transform-data/transform-data#filter-data-by-value" >}}).
### New override option
On the Overrides tab, you can now set properties for fields returned by a specific query.
For more information, refer to [About field overrides]({{< relref "../panels-visualizations/configure-overrides/" >}}).
For more information, refer to [About field overrides]({{< relref "../panels-visualizations/configure-overrides" >}}).
### Exemplar support
@ -84,7 +84,7 @@ Grafana graphs now support Prometheus _exemplars_. They are displayed as diamond
@ -101,11 +101,11 @@ The following topics were updated as a result of this feature:
_Server-side expressions_ is an experimental feature that allows you to manipulate data returned from backend data source queries. Expressions allow you to manipulate data with math and other operations when the data source is a backend data source or a **--Mixed--** data source.
The main use case is for [multi-dimensional]({{< relref "../fundamentals/timeseries-dimensions/" >}}) data sources used with the upcoming next generation alerting, but expressions can be used with backend data sources and visualization as well.
The main use case is for [multi-dimensional]({{< relref "../fundamentals/timeseries-dimensions" >}}) data sources used with the upcoming next generation alerting, but expressions can be used with backend data sources and visualization as well.
> **Note:** Queries built with this feature might break with minor version upgrades until Grafana 8 is released. This feature does not work with the current Grafana Alerting.
For more information, refer to [Write expression queries]({{< relref "../panels-visualizations/query-transform-data/expression-queries/" >}}). [About queries]({{< relref "../panels-visualizations/query-transform-data/#about-queries" >}}) was also updated as a result of this feature.
For more information, refer to [Write expression queries]({{< relref "../panels-visualizations/query-transform-data/expression-queries" >}}). [About queries]({{< relref "../panels-visualizations/query-transform-data#about-queries" >}}) was also updated as a result of this feature.
### Alert notification query label interpolation
@ -121,13 +121,13 @@ CSP support is disabled by default, to enable it you must set `content_security_
You can lock down what can be done in the frontend code. Lock down what can be loaded, what JavaScript is executed. Not compatible with some plugins.
[content_security_policy]({{< relref "../setup-grafana/configure-grafana/#content_security_policy" >}}) and [content_security_policy_template]({{< relref "../setup-grafana/configure-grafana/#content_security_policy_template" >}}) were added to [Configuration]({{< relref "../setup-grafana/configure-grafana/" >}}) as a result of this change.
[content_security_policy]({{< relref "../setup-grafana/configure-grafana#content_security_policy" >}}) and [content_security_policy_template]({{< relref "../setup-grafana/configure-grafana#content_security_policy_template" >}}) were added to [Configuration]({{< relref "../setup-grafana/configure-grafana" >}}) as a result of this change.
### Hide users in UI
You can now use the `hidden_users` configuration setting to hide specific users in the UI. For example, this feature can be used to hide users that are used for automation purposes.
[Configuration]({{< relref "../setup-grafana/configure-grafana/#hidden_users" >}}) has been updated for this feature.
[Configuration]({{< relref "../setup-grafana/configure-grafana#hidden_users" >}}) has been updated for this feature.
### Elasticsearch data source updates
@ -174,15 +174,15 @@ For more information, refer to the [Google Cloud Monitoring docs]({{< relref "..
The feature previously referred to as DataSource Start Pages or Cheat Sheets has been renamed to Query Editor Help, and is now supported in panel query editors (depending on the data source), as well as in Explore.
[Queries]({{< relref "../panels-visualizations/query-transform-data/#manage-queries" >}}) was updated as a result of this feature.
[Queries]({{< relref "../panels-visualizations/query-transform-data#manage-queries" >}}) was updated as a result of this feature.
For more information on adding a query editor help component to your plugin, refer to [Add a query editor help component]({{< relref "../developers/plugins/add-query-editor-help/" >}}).
For more information on adding a query editor help component to your plugin, refer to [Add a query editor help component]({{< relref "../developers/plugins/add-query-editor-help" >}}).
### Variable inspector
The variables list has an additional column indicating whether variables are referenced in queries and panel names or not. The dependencies graph provides an easy way to check variable dependencies. You can click on a variable name within the graph to make updates to the variable as needed.
For more information, refer to [Inspect variables and their dependencies]({{< relref "../dashboards/variables/inspect-variable/" >}}).
For more information, refer to [Inspect variables and their dependencies]({{< relref "../dashboards/variables/inspect-variable" >}}).
## Grafana Enterprise features
@ -190,7 +190,7 @@ These features are included in the Grafana Enterprise edition.
### Licensing changes
When determining a user’s role for billing purposes, a user who has the ability to edit and save dashboards is considered an Editor. This includes any user who is an Editor or Admin at the Org level, and who has granted Admin or Edit permissions via [Dashboard permissions]({{< relref "../administration/user-management/manage-dashboard-permissions/" >}}).
When determining a user’s role for billing purposes, a user who has the ability to edit and save dashboards is considered an Editor. This includes any user who is an Editor or Admin at the Org level, and who has granted Admin or Edit permissions via [Dashboard permissions]({{< relref "../administration/user-management/manage-dashboard-permissions" >}}).
After the number of Viewers or Editors has reached its license limit, only Admins will see a banner in Grafana indicating that the license limit has been reached. Previously, all users saw the banner.
@ -202,27 +202,27 @@ Refer to [Licensing restrictions]({{< relref "../administration/enterprise-licen
You can now export usage insights logs to Loki and query them from Grafana. Usage insights logs include dashboard visits, data source views, queries and errors, and more.
For more information, refer to [Export logs of usage insights]({{< relref "../setup-grafana/configure-security/export-logs/" >}}).
For more information, refer to [Export logs of usage insights]({{< relref "../setup-grafana/configure-security/export-logs" >}}).
### New audit log events
New log out events are logged based on when a token expires or is revoked, as well as [SAML Single Logout]({{< relref "../setup-grafana/configure-security/configure-authentication/saml/#single-logout" >}}). A `tokenId` field was added to all audit logs to help understand which session was logged out of.
New log out events are logged based on when a token expires or is revoked, as well as [SAML Single Logout]({{< relref "../setup-grafana/configure-security/configure-authentication/saml#single-logout" >}}). A `tokenId` field was added to all audit logs to help understand which session was logged out of.
Also, a counter for audit log writing actions with status (success / failure) and logger (loki / file / console) labels was added.
[Auditing]({{< relref "../setup-grafana/configure-security/audit-grafana/" >}}) was updated to reflect these changes.
[Auditing]({{< relref "../setup-grafana/configure-security/audit-grafana" >}}) was updated to reflect these changes.
### Reports support Unicode
You can now select a font, other than the default, for Unicode-based scripts. As a result, an automatically generated PDF of a dashboard, which contains for example Chinese or Cyrillic text, can display them. Because the size of a report increases as additional fonts are added, this feature is not on by default.
[Reporting]({{< relref "../dashboards/share-dashboards-panels/#rendering-configuration" >}}) was updated as a result of this change.
[Reporting]({{< relref "../dashboards/share-dashboards-panels#rendering-configuration" >}}) was updated as a result of this change.
### Request security
Request security introduces ways to limit requests from the Grafana server, and it targets requests that are generated by users.
For more information, refer to [Request security]({{< relref "../setup-grafana/configure-security/configure-request-security/" >}}).
For more information, refer to [Request security]({{< relref "../setup-grafana/configure-security/configure-request-security" >}}).
@ -50,7 +50,7 @@ For new Prometheus data sources, we have changed the default HTTP method to POST
> **Note:** This is not going to affect provisioned data sources or already created data sources.
[Prometheus data source]({{< relref "../datasources/prometheus/" >}}) was updated as a result of this change.
[Prometheus data source]({{< relref "../datasources/prometheus" >}}) was updated as a result of this change.
### Word highlighting for Elasticsearch
@ -62,7 +62,7 @@ When searching for text in Elasticsearch logs, matching words in the log line re
In Grafana 7.5, we changed how data for the trace view is sent from the data source. The required data frame has a clear format, which is more aligned with how data is generally represented in Grafana. This makes it easier for third-party developers to implement data sources leveraging the trace view.
For more information, refer to [trace data API docs]({{< relref "../explore/trace-integration/#data-api" >}}).
For more information, refer to [trace data API docs]({{< relref "../explore/trace-integration#data-api" >}}).
### Paste in SSL certs for Postgres data source
@ -72,7 +72,7 @@ Instead of the file path, users can now paste the SSL certification content in t
> **Note:** It remains as limitation for the Grafana Cloud, as users may not have access to the server configuration.
[Postgres data source]({{< relref "../datasources/postgres/" >}}) and [Provisioning]({{< relref "../administration/provisioning/" >}}) were updated as a result of this change.
[Postgres data source]({{< relref "../datasources/postgres" >}}) and [Provisioning]({{< relref "../administration/provisioning" >}}) were updated as a result of this change.
### Deprecation notice for some Azure Monitor queries
@ -85,8 +85,8 @@ For more information, refer to [Deprecating Application Insights and Insights An
### Cloudwatch data source enhancements
- Support for region eu-south-1 has been added to the CloudWatch data source. New metrics have also been added to the namespaces AWS/Timestream, AWS/RDS (RDS Proxy metrics), AWS/NetworkFirewall, AWS/GroundStation, and AWS/DDoSProtection. Many thanks to [relvira](https://github.com/relvira), [ilyastoli](https://github.com/ilyastoli), and [rubycut](https://github.com/rubycut) for contributing!
- Added a page limit to the List Metrics API call to improve speed and reduce memory consumption. You can change this limit by entering a higher value in [list_metrics_page_limit]({{< relref "../setup-grafana/configure-grafana/#list-metrics-page-limit" >}}) in the Grafana configuration file.
- You can now enable or disable authentication providers and assume a role other than default by changing the [allowed_auth_providers]({{< relref "../setup-grafana/configure-grafana/#allowed-auth-providers" >}}) and [assume_role_enabled]({{< relref "../setup-grafana/configure-grafana/#assume-role-enabled" >}}) options in the Grafana configuration file. By default, the allowed authentication providers are _AWS SDK Default_, _Access and secret key_, and _Credentials File_, and role is _Assume role (ARN)_.
- Added a page limit to the List Metrics API call to improve speed and reduce memory consumption. You can change this limit by entering a higher value in [list_metrics_page_limit]({{< relref "../setup-grafana/configure-grafana#list-metrics-page-limit" >}}) in the Grafana configuration file.
- You can now enable or disable authentication providers and assume a role other than default by changing the [allowed_auth_providers]({{< relref "../setup-grafana/configure-grafana#allowed_auth_providers" >}}) and [assume_role_enabled]({{< relref "../setup-grafana/configure-grafana#assume_role_enabled" >}}) options in the Grafana configuration file. By default, the allowed authentication providers are _AWS SDK Default_, _Access and secret key_, and _Credentials File_, and role is _Assume role (ARN)_.
- You can now specify a custom endpoint in the CloudWatch data source configuration page. This field is optional, and if it is left empty, then the default endpoint for CloudWatch is used. By specifying a regional endpoint, you can reduce request latency.
[AWS Cloudwatch data source]({{< relref "../datasources/aws-cloudwatch" >}}) was updated as a result of this change.
@ -104,7 +104,7 @@ server:
http_listen_port: 3101
```
[Azure Monitor data source]({{< relref "../datasources/azure-monitor/" >}}) was updated as a result of this change.
[Azure Monitor data source]({{< relref "../datasources/azure-monitor" >}}) was updated as a result of this change.
## Enterprise features
@ -122,7 +122,7 @@ Query caching advantages:
Caching currently works for all backend data sources. You can enable the cache globally or per data source, and you can configure the cache duration per data source. The cache is currently in-memory.
For more information, refer to [Query caching]({{< relref "../administration/data-source-management/#query-caching" >}}).
For more information, refer to [Query caching]({{< relref "../administration/data-source-management#query-caching" >}}).
### Use template variable in reports
@ -130,7 +130,7 @@ If you have created dashboards with template variables, then you can choose whic
Enable this feature in configuration settings using the `templateVariables` flag.
For more information, refer to [Reporting]({{< relref "../dashboards/share-dashboards-panels/#choose-template-variables" >}}).
For more information, refer to [Reporting]({{< relref "../dashboards/share-dashboards-panels#choose-template-variables" >}}).
@ -24,13 +24,13 @@ These features are included in the Grafana open source edition.
### Grafana v8.0 alerts
The new alerts in Grafana 8.0 are an opt-in feature that centralizes alerting information for Grafana managed alerts and alerts from Prometheus-compatible data sources in one UI and API. You can create and edit alerting rules for Grafana managed alerts, Mimir alerts, and Loki alerts as well as see alerting information from prometheus-compatible data sources in a single, searchable view. For more information, on how to create and edit alerts and notifications, refer to [Grafana Alerting]({{< relref "../alerting/" >}}).
The new alerts in Grafana 8.0 are an opt-in feature that centralizes alerting information for Grafana managed alerts and alerts from Prometheus-compatible data sources in one UI and API. You can create and edit alerting rules for Grafana managed alerts, Mimir alerts, and Loki alerts as well as see alerting information from prometheus-compatible data sources in a single, searchable view. For more information, on how to create and edit alerts and notifications, refer to [Grafana Alerting]({{< relref "../alerting" >}}).
As part of the new alert changes, we have introduced a new data source, Alertmanager, which includes built-in support for Prometheus Alertmanager. It is presently in alpha and it not accessible unless alpha plugins are enabled in Grafana settings. For more information, refer to [Alertmanager data source]({{< relref "../datasources/alertmanager/" >}}).
As part of the new alert changes, we have introduced a new data source, Alertmanager, which includes built-in support for Prometheus Alertmanager. It is presently in alpha and it not accessible unless alpha plugins are enabled in Grafana settings. For more information, refer to [Alertmanager data source]({{< relref "../datasources/alertmanager" >}}).
> **Note:** Out of the box, Grafana still supports old Grafana alerts. They are legacy alerts at this time, and will be deprecated in a future release.
To learn more about the differences between new alerts and the legacy alerts, refer to [What's New with Grafana 8 Alerts](https://grafana.com/docs/grafana/latest/alerting/unified-alerting/difference-old-new/).
To learn more about the differences between new alerts and the legacy alerts, refer to [What's New with Grafana 8 Alerts](/docs/grafana/latest/alerting/unified-alerting/difference-old-new/).
### Library panels
@ -44,11 +44,11 @@ In addition to data source integration, events can be sent to dashboards by post
These metrics will be broadcast to all dashboards connected to that stream endpoint.
For more information about real-time streaming, refer to [Grafana Live documentation]({{< relref "../setup-grafana/set-up-grafana-live/" >}}).
For more information about real-time streaming, refer to [Grafana Live documentation]({{< relref "../setup-grafana/set-up-grafana-live" >}}).
### Prometheus metrics browser
The Prometheus metrics browser allows you to quickly find metrics and select relevant labels to build basic queries. If supported by your Prometheus instance, each metric will show its HELP and TYPE as a tooltip. For more information, refer to [Metrics browser documentation]({{< relref "../datasources/prometheus/#metrics-browser" >}}).
The Prometheus metrics browser allows you to quickly find metrics and select relevant labels to build basic queries. If supported by your Prometheus instance, each metric will show its HELP and TYPE as a tooltip. For more information, refer to [Metrics browser documentation]({{< relref "../datasources/prometheus#metrics-browser" >}}).
### Bar chart visualization (beta)
@ -58,7 +58,7 @@ The Bar chart panel is a new visualization that supports categorical data. It on
To use it with time series you first have to add a **Reduce** transform.
For more information, refer to [Bar chart visualization]({{< relref "../panels-visualizations/visualizations/bar-chart/" >}}).
For more information, refer to [Bar chart visualization]({{< relref "../panels-visualizations/visualizations/bar-chart" >}}).
### State timeline visualization (beta)
@ -72,11 +72,11 @@ Example with string values:
With time series data and thresholds:
{{<figuresrc="/static/img/docs/v8/state_timeline_time_series.png"max-width="800px"caption="state timeline with time series">}}
For more information, refer to [State timeline visualization]({{< relref "../panels-visualizations/visualizations/state-timeline/" >}}).
For more information, refer to [State timeline visualization]({{< relref "../panels-visualizations/visualizations/state-timeline" >}}).
### Status history visualization (beta)
A sister panel to the state timeline is the new Status history panel visualization. It can display periodic states in a grid view. It supports both numerical, string, or boolean states. You can assign colors using value mappings, thresholds, or gradient color. For more information, refer to [Status history]({{< relref "../panels-visualizations/visualizations/status-history/" >}}).
A sister panel to the state timeline is the new Status history panel visualization. It can display periodic states in a grid view. It supports both numerical, string, or boolean states. You can assign colors using value mappings, thresholds, or gradient color. For more information, refer to [Status history]({{< relref "../panels-visualizations/visualizations/status-history" >}}).
For more information, refer to [Histogram]({{< relref "../panels-visualizations/visualizations/histogram/" >}})
For more information, refer to [Histogram]({{< relref "../panels-visualizations/visualizations/histogram" >}})
### Time series visualization updates
@ -100,7 +100,7 @@ The Time series is out of beta! We are removing the `Beta` tag and graduating th
- We added support for a shared crosshair and a tooltip that’s now smarter when it comes to data display in the tooltip.
- Various performance improvements.
[Time series panel]({{< relref "../panels-visualizations/visualizations/time-series/" >}}) topics have been updated as a result of these changes.
[Time series panel]({{< relref "../panels-visualizations/visualizations/time-series" >}}) topics have been updated as a result of these changes.
### Node graph visualization updates
@ -108,7 +108,7 @@ You can now expand the node graph for the displayed trace when using the Trace t
We also added a grid view and the ability to explore hidden nodes.
[Tracing in Explore]({{< relref "../explore/trace-integration/" >}}) and [Node graph]({{< relref "../panels-visualizations/visualizations/node-graph/" >}}) were updated as a result of these changes.
[Tracing in Explore]({{< relref "../explore/trace-integration" >}}) and [Node graph]({{< relref "../panels-visualizations/visualizations/node-graph" >}}) were updated as a result of these changes.
### Pie chart visualization updates
@ -120,10 +120,10 @@ Lots of panel editor improvements, heavily informed by user research and communi
- All options are now shown in a single pane.
- You can now search panel options.
- The Value mappings feature has been completely redesigned. For more information, refer to [Configure value mappings]({{< relref "../panels-visualizations/configure-value-mappings/" >}}).
- The Value mappings feature has been completely redesigned. For more information, refer to [Configure value mappings]({{< relref "../panels-visualizations/configure-value-mappings" >}}).
- New **Table view** option is always available.
The [Panels]({{< relref "../panels-visualizations/" >}}) section has been updated to reflect these changes.
The [Panels]({{< relref "../panels-visualizations" >}}) section has been updated to reflect these changes.
### Look and feel update
@ -135,19 +135,19 @@ Under the hood, the new theme architecture enables us to bring more sophisticate
When you inspect a panel, you can now download log results as a text (.txt) file.
[Download log results]({{< relref "../panels-visualizations/panel-inspector/" >}}) was added as a result of this feature.
[Download log results]({{< relref "../panels-visualizations/panel-inspector" >}}) was added as a result of this feature.
### Inspector in Explore
The new Explore inspector helps you understand and troubleshoot your queries. You can inspect the raw data, export that data to a comma-separated values (CSV) file, export log results in text format, and view query requests.
[Inspector in Explore]({{< relref "../explore/explore-inspector/" >}}) was added as a result of this feature.
[Inspector in Explore]({{< relref "../explore/explore-inspector" >}}) was added as a result of this feature.
### Explore log improvements
Log navigation in Explore has been significantly improved. We added pagination to logs, so you can click through older or newer logs as needed.
[Logs in Explore]({{< relref "../explore/logs-integration/" >}}) was updated as a result of these changes.
[Logs in Explore]({{< relref "../explore/logs-integration" >}}) was updated as a result of these changes.
@ -155,7 +155,7 @@ Log navigation in Explore has been significantly improved. We added pagination t
You can now use the Plugin catalog app to easily manage your plugins from within Grafana. Install, update, and uninstall plugins without requiring a server restart.
[Plugin catalog]({{< relref "../administration/plugin-management#plugin-catalog/" >}}) was added as a result of this feature.
[Plugin catalog]({{< relref "../administration/plugin-management#plugin-catalog" >}}) was added as a result of this feature.
### Performance improvements
@ -192,7 +192,7 @@ Also, in addition to querying Log Analytics Workspaces, you can now query the lo
#### Elasticsearch data source
[Elasticsearch data source]({{< relref "../datasources/elasticsearch/" >}}) and [Provisioning]({{< relref "../administration/provisioning/" >}}) were updated as a result of these changes.
[Elasticsearch data source]({{< relref "../datasources/elasticsearch" >}}) and [Provisioning]({{< relref "../administration/provisioning" >}}) were updated as a result of these changes.
##### Use semver strings to identify Elasticsearch version
@ -228,11 +228,11 @@ In a prior release, Cloud Monitoring added _preprocessing_ support in their quer
Whenever a metric is selected in the query editor, a suitable preprocessing option is automatically selected for you. To avoid breaking changes, preprocessing is not enabled by default on existing queries. If you want to use preprocessing for existing queries, you have to manually select one in the query editor.
[Google Cloud Monitoring data source]({{< relref "../datasources/google-cloud-monitoring/#pre-processing" >}}) was updated as a result of this change.
[Google Cloud Monitoring data source]({{< relref "../datasources/google-cloud-monitoring#pre-processing" >}}) was updated as a result of this change.
#### Graphite data source
[Graphite data source]({{< relref "../datasources/graphite/" >}}) was updated as a result of these changes.
[Graphite data source]({{< relref "../datasources/graphite" >}}) was updated as a result of these changes.
##### Variable metric names expand
@ -248,7 +248,7 @@ Graphite queries are now automatically transformed to Loki queries according to
You can now use more parameters to find traces.
[Jaeger data source]({{< relref "../datasources/jaeger/" >}}) was updated as a result of this change.
[Jaeger data source]({{< relref "../datasources/jaeger" >}}) was updated as a result of this change.
### Authentication updates
@ -262,11 +262,11 @@ JWT is a new authentication option in Grafana.
You can now configure Grafana to accept a JWT token provided in the HTTP header.
[JWT authentication]({{< relref "../setup-grafana/configure-security/configure-authentication/jwt/" >}}) was added and [Configuration]({{< relref "../setup-grafana/configure-grafana/#auth.jwt" >}}) was updated as a result of this feature.
[JWT authentication]({{< relref "../setup-grafana/configure-security/configure-authentication/jwt" >}}) was added and [Configuration]({{< relref "../setup-grafana/configure-grafana#authjwt" >}}) was updated as a result of this feature.
#### OAuth
[Generic OAuth authentication]({{< relref "../setup-grafana/configure-security/configure-authentication/generic-oauth/" >}}) has been updated as a result of these changes.
[Generic OAuth authentication]({{< relref "../setup-grafana/configure-security/configure-authentication/generic-oauth" >}}) has been updated as a result of these changes.
##### Added OAuth support for empty scopes
@ -283,7 +283,7 @@ Stat panel is available as plugin.
### Grafana license update
Grafana has updated its license from Apache 2.0 to the GNU Affero General Public License (AGPL). Please see the related [blog post](https://grafana.com/blog/2021/04/20/grafana-loki-tempo-relicensing-to-agplv3/), [Q&A](https://grafana.com/blog/2021/04/20/qa-with-our-ceo-on-relicensing/) and [license](https://github.com/grafana/grafana/blob/main/LICENSE) for more details.
Grafana has updated its license from Apache 2.0 to the GNU Affero General Public License (AGPL). Please see the related [blog post](/blog/2021/04/20/grafana-loki-tempo-relicensing-to-agplv3/), [Q&A](/blog/2021/04/20/qa-with-our-ceo-on-relicensing/) and [license](https://github.com/grafana/grafana/blob/main/LICENSE) for more details.
## Enterprise features
@ -293,7 +293,7 @@ These features are included in the Grafana Enterprise edition.
You can now add or remove detailed permissions from Viewer, Editor, and Admin org roles, to grant users just the right amount of access within Grafana. Available permissions include the ability to view and manage Users, Reports, and the Access Control API itself. Grafana will support more and more permissions over the coming months.
[Role-based access control docs]({{< relref "../administration/roles-and-permissions/access-control/" >}}) were added as a result of this feature.
[Role-based access control docs]({{< relref "../administration/roles-and-permissions/access-control" >}}) were added as a result of this feature.
### Data source query caching
@ -303,7 +303,7 @@ This results in faster average load times for dashboards and fewer duplicate que
You can enable caching per data source, and time-to-live (TTL) can be configured globally and per data source. Query caching can be set up with Redis, Memcached, or a simple in-memory cache.
For more information, refer to the [Data source query caching docs]({{< relref "../administration/data-source-management/#query-caching" >}}).
For more information, refer to the [Data source query caching docs]({{< relref "../administration/data-source-management#query-caching" >}}).
### Reporting updates
@ -311,7 +311,7 @@ When creating a report, you can now choose to export Table panels as .csv files
You can also link back to the dashboard directly from the email, for users who want to see the data live in Grafana. This release also includes some improvements to the Reports list view.
For more information, refer to [Reporting docs]({{< relref "../dashboards/share-dashboards-panels/#reporting" >}}).
For more information, refer to [Reporting docs]({{< relref "../dashboards/share-dashboards-panels#reporting" >}}).
### License restrictions clarification in the docs
@ -30,7 +30,7 @@ These features are included in the Grafana open source edition.
Grafana 8.1 introduces the foundation for our new map panel. This new panel leverages [OpenLayers](https://openlayers.org/) and gives us a flexible solution for extending the way we use the new Geomap panel moving forward. The new Geomap panel includes multiple base layer styles (map layer options), as well as a more open data layer. The data layer can use coordinates and geo-hashed data in addition to a lookup table.
The Geomap panel is also able to share views across multiple Geomap panels on the same dashboard, making it straightforward to visualize and explore multiple types of geospatial data using the same map zoom and focus settings. For more information, refer to [Geomap panel]({{< relref "../panels-visualizations/visualizations/geomap/" >}}).
The Geomap panel is also able to share views across multiple Geomap panels on the same dashboard, making it straightforward to visualize and explore multiple types of geospatial data using the same map zoom and focus settings. For more information, refer to [Geomap panel]({{< relref "../panels-visualizations/visualizations/geomap" >}}).
For more on how to configure Graphs with by value color schemes read [Graph and color schemes]({{< relref "../panels-visualizations/visualizations/time-series/" >}}).
For more on how to configure Graphs with by value color schemes read [Graph and color schemes]({{< relref "../panels-visualizations/visualizations/time-series" >}}).
You can also create annotations in the new Time series panel bringing it closer to parity with the legacy Graph panel. To learn more, refer to the [time series panel]({{< relref "../panels-visualizations/visualizations/time-series/" >}}).
You can also create annotations in the new Time series panel bringing it closer to parity with the legacy Graph panel. To learn more, refer to the [time series panel]({{< relref "../panels-visualizations/visualizations/time-series" >}}).
### Transformations improvements
@ -59,7 +59,7 @@ Grafana 8.1 includes some significant enhancements to transformations, including
#### Config from query (Beta)
This transformation enables panel config (Threshold, Min, Max, etc.) to be derived from query results. For more information, refer to [Config from query results]({{< relref "../panels-visualizations/query-transform-data/transform-data/#config-from-query-results" >}}).
This transformation enables panel config (Threshold, Min, Max, etc.) to be derived from query results. For more information, refer to [Config from query results]({{< relref "../panels-visualizations/query-transform-data/transform-data#config-from-query-results" >}}).
#### Rows to fields (Beta)
@ -81,7 +81,7 @@ Output:
As you can see each row in the source data becomes a separate field. Each field now also has a max config option set. Options like **Min**, **Max**, **Unit** and **Thresholds** are all part of field configuration and if set like this will be used by the visualization instead of any options manually configured in the panel editor options pane.
For more on how to use this transformation, refer to [Rows to fields transform]({{< relref "../panels-visualizations/query-transform-data/transform-data/#rows-to-fields" >}}).
For more on how to use this transformation, refer to [Rows to fields transform]({{< relref "../panels-visualizations/query-transform-data/transform-data#rows-to-fields" >}}).
#### Contextual & Inline Help
@ -97,7 +97,7 @@ We have added timezone support. As a result, you can now specify the time zone u
### Trace to logs improvements
We changed the default behavior from creating a 1-hour span Loki query to the only query at the exact time the trace span started for the duration of it. For more fine grained control over this, you can shift this time in the tracing data source settings. Also, it is now possible to shift the start time and end time of the Loki query by the set amount. For more information, refer to [Trace to logs]({{< relref "../datasources/tempo/#trace-to-logs" >}}).
We changed the default behavior from creating a 1-hour span Loki query to the only query at the exact time the trace span started for the duration of it. For more fine grained control over this, you can shift this time in the tracing data source settings. Also, it is now possible to shift the start time and end time of the Loki query by the set amount. For more information, refer to [Trace to logs]({{< relref "../datasources/tempo#trace-to-logs" >}}).
### Prettify JSON for Logs in Explore
@ -109,7 +109,7 @@ And here is the prettified JSON log.
For more on how to prettify JSON logs, refer to [Visualization]({{< relref "../panels-visualizations/visualizations/" >}}) and [Display]({{< relref "../panels-visualizations/visualizations/logs/" >}}) options.
For more on how to prettify JSON logs, refer to [Visualization]({{< relref "../panels-visualizations/visualizations" >}}) and [Display]({{< relref "../panels-visualizations/visualizations/logs" >}}) options.
### Plugin catalog - Updated UX and extended features
@ -117,7 +117,7 @@ We’ve made some changes to the plugins UI to help make it easier to discover a
#### Documentation updates
New panel summaries and preview on the top level [Visualizations]({{< relref "../panels-visualizations/visualizations/" >}}) page to help users pick or learn about specific visualizations more easily.
New panel summaries and preview on the top level [Visualizations]({{< relref "../panels-visualizations/visualizations" >}}) page to help users pick or learn about specific visualizations more easily.
### Upcoming changes to the Select component
@ -135,7 +135,7 @@ We’d love as much feedback as possible about this change, because we are consi
### High availability setup support for Grafana Live
We have added an experimental HA setup support for Grafana Live with Redis. This resolves the limitation when clients were connected to different Grafana instances and those instances had no shared state. For additional information, refer to [Configure Grafana Live HA setup]({{< relref "../setup-grafana/set-up-grafana-live/#configure-grafana-live-ha-setup" >}}).
We have added an experimental HA setup support for Grafana Live with Redis. This resolves the limitation when clients were connected to different Grafana instances and those instances had no shared state. For additional information, refer to [Configure Grafana Live HA setup]({{< relref "../setup-grafana/set-up-grafana-live#configure-grafana-live-ha-setup" >}}).
## Enterprise features
@ -145,15 +145,15 @@ These features are included in the Grafana Enterprise edition.
Role-based access control remains in beta. You can now grant or revoke permissions for Viewers, Editors, or Admins to use Explore mode, configure LDAP or SAML settings, or view the admin/stats page. These new permissions enhance the existing permissions that can be customized, namely permissions to access Users, Orgs, LDAP settings, and Reports in Grafana.
Fine grained access control allows you to customize roles and permissions in Grafana beyond the built-in Viewer, Editor, and Admin roles. As of 8.1, you can modify some of the permissions for any of these built-in roles. This is helpful if you’d like users to have more or fewer access permissions than a given role allows for by default. For an overview of role-based access control and a complete list of available permissions, refer to the [Fine grained access control]({{< relref "../administration/roles-and-permissions/access-control/" >}}) documentation.
Fine grained access control allows you to customize roles and permissions in Grafana beyond the built-in Viewer, Editor, and Admin roles. As of 8.1, you can modify some of the permissions for any of these built-in roles. This is helpful if you’d like users to have more or fewer access permissions than a given role allows for by default. For an overview of role-based access control and a complete list of available permissions, refer to the [Fine grained access control]({{< relref "../administration/roles-and-permissions/access-control" >}}) documentation.
### New and improved reporting scheduler
We’ve enhanced the scheduler for Reports to be more flexible, so you can send reports at just the right time. When scheduling a report, you can now choose to send a report at custom intervals such as every 4 hours or every 2 weeks. You can also send a report for a limited time period by providing a start and end date, or send a report only on weekdays or on the last day of each month. This change accompanies some other recent improvements to Reporting, like the ability to choose template variables for reports and an improved UX for authoring reports. To learn more, refer to the [reporting]({{< relref "../dashboards/share-dashboards-panels/#reporting" >}}) documentation.
We’ve enhanced the scheduler for Reports to be more flexible, so you can send reports at just the right time. When scheduling a report, you can now choose to send a report at custom intervals such as every 4 hours or every 2 weeks. You can also send a report for a limited time period by providing a start and end date, or send a report only on weekdays or on the last day of each month. This change accompanies some other recent improvements to Reporting, like the ability to choose template variables for reports and an improved UX for authoring reports. To learn more, refer to the [reporting]({{< relref "../dashboards/share-dashboards-panels#reporting" >}}) documentation.
### Encrypt data in the query cache
Query caching was released in Grafana 8.0 and allows you to temporarily store the results of data source queries in a cache, so that Grafana reads repeated queries from there instead of from the data source itself. This reduces load on data sources, improves dashboard load times, and can save money for data sources that charge per query. To learn more about query caching see its [overview]({{< relref "../administration/data-source-management/#query-caching" >}}) page. To find out how to turn on encryption, refer to the [caching configuration]({{< relref "../setup-grafana/configure-grafana/enterprise-configuration/#caching" >}}) documentation.
Query caching was released in Grafana 8.0 and allows you to temporarily store the results of data source queries in a cache, so that Grafana reads repeated queries from there instead of from the data source itself. This reduces load on data sources, improves dashboard load times, and can save money for data sources that charge per query. To learn more about query caching see its [overview]({{< relref "../administration/data-source-management#query-caching" >}}) page. To find out how to turn on encryption, refer to the [caching configuration]({{< relref "../setup-grafana/configure-grafana/enterprise-configuration#caching" >}}) documentation.
You can now encrypt the query data cached by Grafana. This improves the security of query data, especially when your cache (like Redis) is shared with other services.
@ -161,7 +161,7 @@ You can now encrypt the query data cached by Grafana. This improves the security
You can now customize Grafana’s loading logo, which displays while Grafana is loading in a user’s browser. White labeling in Grafana Enterprise allows you to customize the look and feel of Grafana to match your product’s or company’s brand. This makes Grafana a more integrated part of your observability stack and keep Grafana consistent with other visualizations displayed in public.
To find out how you can configure it along with other Grafana UI elements, like the corner logo and application footer, refer to the [White labeling]({{< relref "../setup-grafana/configure-grafana/configure-custom-branding/" >}}) topic of the Grafana Enterprise docs.
To find out how you can configure it along with other Grafana UI elements, like the corner logo and application footer, refer to the [White labeling]({{< relref "../setup-grafana/configure-grafana/configure-custom-branding" >}}) topic of the Grafana Enterprise docs.
@ -22,60 +22,60 @@ The plugin catalog is now on by default in Grafana 8.2. Using the plugin catalog
Grafana Enterprise includes a revamped Stats and Licensing page, new role-based access control permissions, and improvements that make usage insights and reporting easier to access.
We’ve summarized what’s new in the release here, but you might also be interested in the announcement blog post. If you’d like all the details you can check out the [release notes](https://grafana.com/docs/grafana/next/release-notes/release-notes-8-2-0/) and complete [CHANGELOG.md](https://github.com/grafana/grafana/blob/master/CHANGELOG.md).
We’ve summarized what’s new in the release here, but you might also be interested in the announcement blog post. If you’d like all the details you can check out the [release notes](/docs/grafana/next/release-notes/release-notes-8-2-0/) and complete [CHANGELOG.md](https://github.com/grafana/grafana/blob/master/CHANGELOG.md).
# OSS
## OSS
## Community Contributions
### Community Contributions
Grafana 8.2 includes a number of important community contributions including support for OAuth role mapping with GitLab accounts ([#30025](https://github.com/grafana/grafana/pull/30025)), a new wide-to-long function ([#38670](https://github.com/grafana/grafana/pull/38670)) included in the [prepare time series transformation](https://grafana.com/docs/grafana/latest/panels/transformations/types-options/#prepare-time-series). A number of additions to the Azure Monitor data source were submitted, including an overview dashboard([#38801](https://github.com/grafana/grafana/pull/38801)) and support for parsing numeric fields in the Azure Resource Graph([#38728](https://github.com/grafana/grafana/pull/38728)). Contributions also included [regular-expression based value mapping](https://grafana.com/docs/grafana/next/panels/value-mappings/#map-a-regular-expression) ([#38931](https://github.com/grafana/grafana/pull/38931)) and improvements to our systemd unit for Grafana installations ([#38109](https://github.com/grafana/grafana/pull/38109)). This list is by no means exhaustive or comprehensive. We greatly appreciate _all_ the contributions submitted for inclusion in Grafana.
Grafana 8.2 includes a number of important community contributions including support for OAuth role mapping with GitLab accounts ([#30025](https://github.com/grafana/grafana/pull/30025)), a new wide-to-long function ([#38670](https://github.com/grafana/grafana/pull/38670)) included in the [prepare time series transformation](/docs/grafana/latest/panels/transformations/types-options/#prepare-time-series). A number of additions to the Azure Monitor data source were submitted, including an overview dashboard([#38801](https://github.com/grafana/grafana/pull/38801)) and support for parsing numeric fields in the Azure Resource Graph([#38728](https://github.com/grafana/grafana/pull/38728)). Contributions also included [regular-expression based value mapping](/docs/grafana/next/panels/value-mappings/#map-a-regular-expression) ([#38931](https://github.com/grafana/grafana/pull/38931)) and improvements to our systemd unit for Grafana installations ([#38109](https://github.com/grafana/grafana/pull/38109)). This list is by no means exhaustive or comprehensive. We greatly appreciate _all_ the contributions submitted for inclusion in Grafana.
## Accessibility
### Accessibility
We’ve taken our first, measured but important step towards improving the accessibility of Grafana, with much needed tweaks to keyboard navigation, accessibility labeling for UI elements for Grafana viewers, and an [accessibility statement](https://grafana.com/accessibility/) for Grafana laying out what you can expect from a Grafana focused on making our project accessible to all.
We’ve taken our first, measured but important step towards improving the accessibility of Grafana, with much needed tweaks to keyboard navigation, accessibility labeling for UI elements for Grafana viewers, and an [accessibility statement](/accessibility/) for Grafana laying out what you can expect from a Grafana focused on making our project accessible to all.
## Dashboards
### Dashboards
The biggest change to dashboards in Grafana 8.2 is the inclusion of a configurable fiscal year in the time picker. This option enables fiscal quarters as time ranges, which can be helpful for business-focused and executive dashboards in addition to many other common use cases. Please see the [time range controls documentation](https://grafana.com/docs/grafana/latest/dashboards/time-range-controls/) for more information.
The biggest change to dashboards in Grafana 8.2 is the inclusion of a configurable fiscal year in the time picker. This option enables fiscal quarters as time ranges, which can be helpful for business-focused and executive dashboards in addition to many other common use cases. Please see the [time range controls documentation](/docs/grafana/latest/dashboards/time-range-controls/) for more information.
{{<figuresrc="/static/img/docs/time-range-controls/fiscal_year-8-2.png"max-width="1200px"caption="Fiscal Year Time Range Settings">}}
## Plugins management
### Plugins management
We have continued to improve how you manage your plugins within Grafana. The new [plugins catalog](https://grafana.com/docs/grafana/v8.0/administration/configuration/#plugin_admin_enabled) is now enabled by default. You can use the plugin catalog to find, install, and uninstall your plugins directly from within Grafana without needing the Grafana CLI or to restart Grafana.
We have continued to improve how you manage your plugins within Grafana. The new [plugins catalog](/docs/grafana/v8.0/administration/configuration/#plugin_admin_enabled) is now enabled by default. You can use the plugin catalog to find, install, and uninstall your plugins directly from within Grafana without needing the Grafana CLI or to restart Grafana.
We’ve continued to bolster the new, unified alerting system launched in Grafana 8. This update includes the addition of a UI to edit the Cortex/Loki namespace, edit the alert group name, and edit the alert group evaluation interval. We've also added a Test button to test an alert notification contact point. There's even more to explore here including custom grouping for alert manager notifications and several small but significant changes to improve creation editing and managing alert rules. Please see the [alerting documentation](https://grafana.com/docs/grafana/latest/alerting/unified-alerting/) for more details and information on how you can enable the unified alerting system in your instance of Grafana.
We’ve continued to bolster the new, unified alerting system launched in Grafana 8. This update includes the addition of a UI to edit the Cortex/Loki namespace, edit the alert group name, and edit the alert group evaluation interval. We've also added a Test button to test an alert notification contact point. There's even more to explore here including custom grouping for alert manager notifications and several small but significant changes to improve creation editing and managing alert rules. Please see the [alerting documentation](/docs/grafana/latest/alerting/unified-alerting/) for more details and information on how you can enable the unified alerting system in your instance of Grafana.
## Image Renderer performance improvements and measurement
### Image Renderer performance improvements and measurement
You can use Grafana’s image renderer to generate images of panels and dashboards. Grafana uses these images for alert notifications, PDF exports (Grafana Enterprise), and reports sent by Grafana (Grafana Enterprise). We’ve added additional metrics to the image renderer to help you diagnose its performance, and [included guidance in our documentation](https://grafana.com/docs/grafana/next/image-rendering/#rendering-mode) to help you configure it for the best mix of performance and resource usage. Tests show that we have reduced image load time from the 95th percentile of 10 seconds to less than 3 seconds under normal load.
You can use Grafana’s image renderer to generate images of panels and dashboards. Grafana uses these images for alert notifications, PDF exports (Grafana Enterprise), and reports sent by Grafana (Grafana Enterprise). We’ve added additional metrics to the image renderer to help you diagnose its performance, and [included guidance in our documentation](/docs/grafana/next/image-rendering/#rendering-mode) to help you configure it for the best mix of performance and resource usage. Tests show that we have reduced image load time from the 95th percentile of 10 seconds to less than 3 seconds under normal load.
# Grafana Enterprise
## Grafana Enterprise
## Brand-new license and stats screen
### Brand-new license and stats screen
We’ve revamped the Stats and License sections of Grafana for administrators. The new combined screen makes it easier to understand a license’s term and user counts, and find out early when you need to renew or expand a license. It’s also easier to parse Grafana statistics like the number of dashboards, data sources, and alerts in a given instance. This screen also includes an interactive list of dashboard and folder permissions, which can affect your users’ licensed roles in Grafana. Learn more about Grafana Enterprise on our [website](https://grafana.com/products/enterprise/grafana/), and more about licenses in particular in our [docs](https://grafana.com/docs/grafana/latest/enterprise/license/license-restrictions/).
We’ve revamped the Stats and License sections of Grafana for administrators. The new combined screen makes it easier to understand a license’s term and user counts, and find out early when you need to renew or expand a license. It’s also easier to parse Grafana statistics like the number of dashboards, data sources, and alerts in a given instance. This screen also includes an interactive list of dashboard and folder permissions, which can affect your users’ licensed roles in Grafana. Learn more about Grafana Enterprise on our [website](/products/enterprise/grafana/), and more about licenses in particular in our [docs](/docs/grafana/latest/enterprise/license/license-restrictions/).
{{<figuresrc="/static/img/docs/enterprise/8_2_stats_licensing_screen.png"max-width="1200px"caption="Stats and licensing">}}
## New role-based access control permissions
### New role-based access control permissions
Role-based access control now covers data source and provisioning permissions. You can decide which roles (Viewers, Editors, and Admins) can manage data sources and data source permissions in Grafana, and which roles can reload provisioning configuration for dashboards, data sources, and other provisioned resources. We’ll continue adding role-based access control to more Grafana services, like dashboards and API Keys, in upcoming releases. Learn more about role-based access control in our [release post](https://grafana.com/blog/2021/06/23/new-in-grafana-enterprise-8.0-fine-grained-access-control-for-reporting-and-user-management/) and our [docs](https://grafana.com/docs/grafana/latest/enterprise/access-control/).
Role-based access control now covers data source and provisioning permissions. You can decide which roles (Viewers, Editors, and Admins) can manage data sources and data source permissions in Grafana, and which roles can reload provisioning configuration for dashboards, data sources, and other provisioned resources. We’ll continue adding role-based access control to more Grafana services, like dashboards and API Keys, in upcoming releases. Learn more about role-based access control in our [release post](/blog/2021/06/23/new-in-grafana-enterprise-8.0-fine-grained-access-control-for-reporting-and-user-management/) and our [docs](/docs/grafana/latest/enterprise/access-control/).
{{<figuresrc="/static/img/docs/enterprise/8_2_data_source_permissions.png"max-width="1200px"caption="Stats and licensing">}}
## Export usage insights logs as server logs
### Export usage insights logs as server logs
Usage Insights Logs contain valuable information about user dashboard visits, queries, and front-end errors that are otherwise impossible to track in Grafana. You can now export those logs alongside your regular server logs to identify problematic dashboards and data sources and improve users’ experience with Grafana. Previously, these metrics could only be exported directly to Loki. Learn more in the [documentation about exporting logs](https://grafana.com/docs/grafana/latest/enterprise/usage-insights/export-logs/)
Usage Insights Logs contain valuable information about user dashboard visits, queries, and front-end errors that are otherwise impossible to track in Grafana. You can now export those logs alongside your regular server logs to identify problematic dashboards and data sources and improve users’ experience with Grafana. Previously, these metrics could only be exported directly to Loki. Learn more in the [documentation about exporting logs](/docs/grafana/latest/enterprise/usage-insights/export-logs/)
{{<figuresrc="/static/img/docs/enterprise/8_2_export_usage_insights.png"max-width="1200px"caption="Stats and licensing">}}
## Create a report from the dashboard Share dialogue
### Create a report from the dashboard Share dialogue
Reports offer a powerful way to deliver insights directly to your email inboxes. Now you can create a report directly from any dashboard, using the Share button. This is especially useful when combined with role-based access control, which you can use to grant Editors or Viewers the ability to create reports in Grafana. To learn more, see the [reporting documentation](https://grafana.com/docs/grafana/latest/enterprise/reporting/).
Reports offer a powerful way to deliver insights directly to your email inboxes. Now you can create a report directly from any dashboard, using the Share button. This is especially useful when combined with role-based access control, which you can use to grant Editors or Viewers the ability to create reports in Grafana. To learn more, see the [reporting documentation](/docs/grafana/latest/enterprise/reporting/).
{{<figuresrc="/static/img/docs/enterprise/enterprise-report-from-share-8-2.png"max-width="1200px"caption="Create a report from the dashboard share dialogue">}}
@ -22,43 +22,43 @@ For Open Source users it also marks the first time Grafana Alerting, formerly un
We’ve summarized what’s new in the release here, but you might also be interested in the announcement blog post as well. If you’d like all the details you can check out the complete [CHANGELOG.md](https://github.com/grafana/grafana/blob/master/CHANGELOG.md).
# Grafana OSS
## Grafana OSS
## Community Contributions
### Community Contributions
Grafana 8.3 includes many community contributions including the ability to interpolate variables in tags ([#42318](https://github.com/grafana/grafana/pull/42318)), fly-out sub-menu support ([#41647](https://github.com/grafana/grafana/pull/41647)), the addition of AWS RoboMaker & AWS Global Accelerator metrics to the AWS CloudWatch data source ([#41450](https://github.com/grafana/grafana/pull/41450), [#41236](https://github.com/grafana/grafana/pull/41236)), as well as updates to the news panel ([#41193](https://github.com/grafana/grafana/pull/41193)), the plugin catalog ([#40917](https://github.com/grafana/grafana/pull/40917)), and many more. The Grafana Labs team is deeply grateful for all those who take the time to contribute and participate in the development of Grafana.
## Accessibility
### Accessibility
We’ve continued to make progress on improving Grafana’s accessibility. In Grafana 8.3 we’ve updated the main menu with improved keyboard navigation. We’ve also improved Grafana’s behavior when navigating through elements with the tab key (tab stops) and finished our work to make Grafana’s viewer roles compatible with assistive technologies such as screen readers. You can read our accessibility statement here and reach out to us with accessibility issues using our community Slack or our community forums.
## Dashboards and Visualizations
### Dashboards and Visualizations
### Panel Suggestions
#### Panel Suggestions
Grafana will now make suggestions for visualization types based on the current data surfaced by a query or queries in a panel. This makes seeing available, possible interpretations of your data more straightforward and can be a useful jumping-off point when building panels and dashboards with specific goals in mind.
Grafana 8.3 includes a new Candlestick panel that is so much more. Beyond candlesticks and open, high, low, close, behaviors, it includes customizable up/down colors, bar color determined by intra-period or inter-period movement of the data, volume histogram with matching colors, and the ability to detach or create a separate volume histogram to allow for more flexible dashboard design. The candlestick panel is based upon our time series panel meaning it also has support for additional data with the same configuration options and styles.
The Geomap panel has been updated to support multiple data layers. The panel can now be configured with multiple markers, heatmaps & GeoJSON layers. The layers can be individually configured, named, and re-ordered to create rich, multidimensional visualizations. Please see the documentation for details on how you can set up and configure these new configuration options.
Grafana Alerting is now the default alerting experience for all new Open Source installations of Grafana 8.3. Grafana Alerting in 8.3 includes the ability to test contact points and notification routing. Grafana 8.3 also adds the ability to configure and use external, Prometheus-style alert managers from within the Grafana Alerting workflow.
Grafana and Amazon Managed Grafana now support AWS Metrics Insights – a fast, flexible, SQL-based query engine that enables you to identify trends and patterns across millions of operational metrics in real time.
@ -68,9 +68,9 @@ The example below demonstrates using the new Metrics Insight capability to view
Recorded queries turn “point in time” data into time series.
@ -78,32 +78,32 @@ Recorded queries allow you to export the results of certain non-time series quer
This new feature is especially helpful for Enterprise customers using plugins because many new plugins, like ServiceNow and Jira, don’t return time series so customers weren’t able to plot historical data over time. With recorded queries, now they can! For more information
## Assign role-based permissions directly to users with the new role picker (beta)
### Assign role-based permissions directly to users with the new role picker (beta)
Sometimes the Viewer, Editor, and Admin roles just don’t fit what a certain user needs to do in Grafana. Now you can assign role-based roles directly to users, so they can create reports, use Explore mode, create data sources, and perform other specific actions in Grafana. The role picker can be access from the Grafana Admin user management page.
{{<figuresrc="/static/img/docs/enterprise/enterprise_role_picker_8_3.png"max-width="1200px"caption="Grafana Enterprise Role Picker">}}
## Use role-based access control for Organizations and Licensing (beta)
### Use role-based access control for Organizations and Licensing (beta)
We’ve added new permissions to role-based access control to help you specify actions that users can perform. Now you can assign permissions to manage Organizations and License functions in Grafana, in addition to Users, Data Sources, Reports, and other resources. Role-based access control remains in beta and we will continue to add new permissions until all of Grafana’s endpoints are covered. For a complete list of the actions you can permit using role-based access control, see the [reference](https://grafana.com/docs/grafana/next/enterprise/access-control/fine-grained-access-control-references/).
We’ve added new permissions to role-based access control to help you specify actions that users can perform. Now you can assign permissions to manage Organizations and License functions in Grafana, in addition to Users, Data Sources, Reports, and other resources. Role-based access control remains in beta and we will continue to add new permissions until all of Grafana’s endpoints are covered. For a complete list of the actions you can permit using role-based access control, see the [reference](/docs/grafana/next/enterprise/access-control/fine-grained-access-control-references/).
## Get your encryption key from a Key Management Service
### Get your encryption key from a Key Management Service
Grafana’s database contains secrets, like the credentials used to query data sources, send alert notifications and perform other functions within Grafana. These secrets are encrypted using keys, which are usually stored in Grafana’s configuration file. Now you can get your encryption key from Amazon KMS, Azure Key Vault, or Hashicorp Vault. This allows you to centrally manage your Grafana encryption key and reduce the chances it will leak.
In order to support this, we’ve upgraded Grafana Enterprise to use envelope encryption, which complements the KMS integration by adding a layer of indirection to the encryption process. Instead of encrypting all secrets with a single key, Grafana uses a set of keys called data encryption keys (DEKs) to encrypt them. These data encryption keys are themselves encrypted with a single key encryption key (KEK). With envelope encryption, you can store a KEK in your KMS, and still quickly encrypt and decrypt data using DEKs stored within the Grafana database.
## Pay the same for all users, regardless of their permissions
### Pay the same for all users, regardless of their permissions
Are you tired of managing user permissions because your license only allows a certain number of Viewers and Editors or Admins? So were we. We’ve added support for combined user pricing, where all users cost the same and fall into the same license bucket in Grafana Enterprise. This is a specific license option and must be updated in your contract. To learn more, refer to our [licensing docs](https://grafana.com/docs/grafana/latest/enterprise/license/license-restrictions/). To switch to combined user pricing, contact your Grafana Labs account team.
Are you tired of managing user permissions because your license only allows a certain number of Viewers and Editors or Admins? So were we. We’ve added support for combined user pricing, where all users cost the same and fall into the same license bucket in Grafana Enterprise. This is a specific license option and must be updated in your contract. To learn more, refer to our [licensing docs](/docs/grafana/latest/enterprise/license/license-restrictions/). To switch to combined user pricing, contact your Grafana Labs account team.
{{<figuresrc="/static/img/docs/enterprise/enterprise_users_8_3.png"max-width="1200px"caption="Grafana Enterprise User Pricing">}}
## Author dashboards faster with resource caching
### Author dashboards faster with resource caching
Your query editor just became faster. [Query caching](https://grafana.com/docs/grafana/latest/enterprise/query-caching/) improves query performance and sometimes reduces cost, by reducing the number of repetitive queries performed against data sources. Resource caching does the same thing but for resource calls, like retrieving the list of applications in the AppDynamics editor, the list of metrics from Datadog, or the list of values in a template variable dropdown. This makes for a zippier user experience for everyone writing queries in Grafana.
Your query editor just became faster. [Query caching](/docs/grafana/latest/enterprise/query-caching/) improves query performance and sometimes reduces cost, by reducing the number of repetitive queries performed against data sources. Resource caching does the same thing but for resource calls, like retrieving the list of applications in the AppDynamics editor, the list of metrics from Datadog, or the list of values in a template variable dropdown. This makes for a zippier user experience for everyone writing queries in Grafana.
## Review audit logs for more services, like alerting
### Review audit logs for more services, like alerting
[Audit logs](https://grafana.com/docs/grafana/latest/enterprise/auditing/) are a record of the actions users perform in Grafana, which you can investigate in case of a security incident or to understand Grafana usage better. We’ve added audit logs for new actions performed against plugins, data sources, library elements, and Grafana’s new alerting service. This ensures that if a user makes a change anywhere in Grafana Enterprise, you’ll have a record of it. For details, refer to the [Auditing docs](https://grafana.com/docs/grafana/latest/enterprise/auditing/).
[Audit logs](/docs/grafana/latest/enterprise/auditing/) are a record of the actions users perform in Grafana, which you can investigate in case of a security incident or to understand Grafana usage better. We’ve added audit logs for new actions performed against plugins, data sources, library elements, and Grafana’s new alerting service. This ensures that if a user makes a change anywhere in Grafana Enterprise, you’ll have a record of it. For details, refer to the [Auditing docs](/docs/grafana/latest/enterprise/auditing/).
@ -20,56 +20,56 @@ We’re excited to announce Grafana v8.4, with a variety of improvements that fo
We’ve summarized what’s new in the release here, but you might also be interested in the announcement blog post. If you’d like all the details you can check out the complete [changelog](https://github.com/grafana/grafana/blob/master/CHANGELOG.md).
# OSS
## OSS
## Ease of use
### Ease of use
### Share playlists
#### Share playlists
You can now share links to your playlists the same way as with dashboards, to easily set up the same playlist on multiple devices or kiosks.
### `$__interval` and `$__interval_ms` in panel title
####`$__interval` and `$__interval_ms` in panel title
We’ve expanded the functionality of this existing and popular feature. You can now use `$__interval` and `$__interval_ms` in panel titles. This new function displays the interval that’s used in a specific panel without requiring edit mode.
We’re continuing to improve accessibility across Grafana, particularly focusing on keyboard navigation and screen readers.
- Navigation: We’ve improved our keyboard navigation support in our main navbar, added focus states, and removed keyboard traps.
- General components (tooltips, color pickers, modals, dropdowns, and so forth): we’ve ensured they’re keyboard navigable, improved focus trapping, and improved screen reader support.
- Time series panel: charts are one of our main areas of limited accessibility. As of 8.4, you can also move a panel and make range selections using your keyboard. - Press arrow keys to move the cursor around. - Hold Shift to increase cursor speed. - Hold space to start rage selection.
You can read our accessibility statement [here](https://grafana.com/accessibility/) and reach out to us with accessibility issues using our community Slack or our community forums.
You can read our accessibility statement [here](/accessibility/) and reach out to us with accessibility issues using our community Slack or our community forums.
### New option to configure OpenTelemetry
#### New option to configure OpenTelemetry
Grafana is used to visualize traces and metrics, but Grafana itself can be traced as well. For example, users running a Grafana instance can export all the traces of endpoints and database requests to Jaeger, which helps you view all Grafana traffic.
We’re currently using OpenTracing for this, but since the repository is being deprecated, we’ve started our work to migrate to OpenTelemetry and remove OpenTracing. This release is the first step toward this goal. It also adds the option to configure OpenTelemetry instead of OpenTracing.
### Rotate your encryption key
#### Rotate your encryption key
In Grafana 8.3, we upgraded Grafana to use envelope encryption, which adds a layer of indirection to the encryption process. Instead of encrypting all secrets in the database with a single key, Grafana uses a set of keys, called data encryption keys (DEKs), to encrypt them. These data encryption keys are themselves encrypted with a single key-encryption key (KEK).
As of 8.4, you can rotate your KEK and quickly re-encrypt your DEKs in case a key is compromised.
Envelope encryption is not enabled by default in version 8.4. You can enable it by adding the term `envelopeEncryption` to the list of feature toggles in your [Grafana configuration](https://grafana.com/docs/grafana/next/administration/configuration/#feature_toggles?mdm=email), or by sending a request to support if you use Grafana Cloud.
Envelope encryption is not enabled by default in version 8.4. You can enable it by adding the term `envelopeEncryption` to the list of feature toggles in your [Grafana configuration](/docs/grafana/next/administration/configuration/#feature_toggles?mdm=email), or by sending a request to support if you use Grafana Cloud.
[Mute timings](https://grafana.com/docs/grafana/next/alerting/unified-alerting/notifications/mute-timings/) have been a popular request from the community. They are a powerful addition to the new alerting feature set and allow you to suppress specific alerts on a recurring interval or schedule, [contrary to](https://grafana.com/docs/grafana/next/alerting/unified-alerting/notifications/mute-timings/#mute-timings-vs-silences) Silences.
[Mute timings](/docs/grafana/next/alerting/unified-alerting/notifications/mute-timings/) have been a popular request from the community. They are a powerful addition to the new alerting feature set and allow you to suppress specific alerts on a recurring interval or schedule, [contrary to](/docs/grafana/next/alerting/unified-alerting/notifications/mute-timings/#mute-timings-vs-silences) Silences.
Paired with the existing Silences, this gives you even more control over when alerts should be sent and contact points notified.
### Custom grouping for the Alert Panel
#### Custom grouping for the Alert Panel
The new Alert Panel displays your alerts and associated alert instances, and supports grouping by one or more custom labels. You can also display all alert instances in an ungrouped list by choosing the custom grouping mode without any configured labels.
@ -77,13 +77,13 @@ Traditionally alerts in the Alert Panel were grouped by the alert rule that crea
{{<figuresrc="/static/img/docs/alerting/unified/custom-grouping-8-4.png"max-width="1200px"caption="Custom grouping in alerting">}}
### WeCom contact point
#### WeCom contact point
Starting with Grafana 8.4, you can [configure a WeCom](https://grafana.com/docs/grafana/next/alerting/unified-alerting/contact-points/#wecom) contact point, to send alert notifications to WeCom.
Starting with Grafana 8.4, you can [configure a WeCom](/docs/grafana/next/alerting/unified-alerting/contact-points/#wecom) contact point, to send alert notifications to WeCom.
## New panel options
### New panel options
### Bar chart
#### Bar chart
We’ve expanded the bar chart so that you can:
@ -95,23 +95,23 @@ We’ve expanded the bar chart so that you can:
{{<figuresrc="/static/img/docs/bar-chart-panel/bar-chart-8-4.png"max-width="1200px"caption="Updated bar chart">}}
### Geomap
#### Geomap
Geomap now supports tooltips with data-links across multiple layers.
The HTTP API details are now [specified](https://editor.swagger.io/?url=https://raw.githubusercontent.com/grafana/grafana/papagian/api-spec/public/api-merged.json) using OpenAPI v2.
The grafana server serves a [SwaggerUI](https://swagger.io/tools/swagger-ui/) editor via the /swagger-ui endpoint that enables users to make requests to the HTTP API via the browser. This is disabled by default and it’s enabled when the `swaggerUi` feature toggle is set.
# Grafana Enterprise
## Grafana Enterprise
## Security improvements
### Security improvements
### Role-based access control works for teams
#### Role-based access control works for teams
Occasionally, Viewer, Editor, and Admin roles don’t fit what a certain user needs to do in Grafana. Now you can assign role-based roles directly to users so they can create reports, use Explore mode, create data sources, and perform other specific actions in Grafana. Role-based access control is currently in beta.
@ -119,32 +119,32 @@ In Grafana 8.4, you can assign roles to teams, which apply to all members of tha
In 8.4 you can also control access to Team and API key functionality itself, like viewing or editing API keys and adding members to certain teams.
Enable role-based access control by adding the term `accesscontrol` to the list of feature toggles in your [Grafana configuration](https://grafana.com/docs/grafana/next/administration/configuration/#feature_toggles?mdm=email), or by sending a request to support if you use Grafana Cloud. Learn more about role-based access control in the [role-based access control section of the docs](https://grafana.com/docs/grafana/next/enterprise/access-control/).
Enable role-based access control by adding the term `accesscontrol` to the list of feature toggles in your [Grafana configuration](/docs/grafana/next/administration/configuration/#feature_toggles?mdm=email), or by sending a request to support if you use Grafana Cloud. Learn more about role-based access control in the [role-based access control section of the docs](/docs/grafana/next/enterprise/access-control/).
### Assign SAML users different roles in different Organizations
#### Assign SAML users different roles in different Organizations
You can use Grafana's SAML integration to map organizations in your SAML service to [Organizations]({{< relref "../setup-grafana/configure-security/configure-authentication/saml/#configure-organization-mapping" >}}) in Grafana so that users who authenticate using SAML have the right permissions. Previously, you could only choose a single role (Viewer, Editor, or Admin) for users, which would apply to all of their Organizations. Now, you can map a given SAML user or org to different roles in different Organizations, so that, for example, they can be a Viewer in one Organization and an Admin in another.
You can use Grafana's SAML integration to map organizations in your SAML service to [Organizations]({{< relref "../setup-grafana/configure-security/configure-authentication/saml#configure-organization-mapping" >}}) in Grafana so that users who authenticate using SAML have the right permissions. Previously, you could only choose a single role (Viewer, Editor, or Admin) for users, which would apply to all of their Organizations. Now, you can map a given SAML user or org to different roles in different Organizations, so that, for example, they can be a Viewer in one Organization and an Admin in another.
Additionally, you can now grant multiple SAML organizations access to Grafana, using the `allowed_organizations` attribute. Previously, you could only map one.
Learn more in our [SAML docs]({{< relref "../setup-grafana/configure-security/configure-authentication/saml/" >}}).
Learn more in our [SAML docs]({{< relref "../setup-grafana/configure-security/configure-authentication/saml" >}}).
## Performance improvements
### Performance improvements
### Recorded queries is more stable and usable
#### Recorded queries is more stable and usable
We’ve made stability and usability improvements to Recorded Queries, and removed the feature flag so you can get started with Recorded Queries out of the box.
### Measure query cache hit rate and clear the cache
#### Measure query cache hit rate and clear the cache
[Query caching](https://grafana.com/blog/2021/09/02/reduce-costs-and-increase-performance-with-query-caching-in-grafana-cloud/) significantly reduces load times and costs of Grafana dashboards, by temporarily storing query results in a cache. Now you can measure the hit rate of your query cache, to see how many queries (and therefore how much time and money) it is saving. You can also use these measurements to tune the cache time to live (TTL), to balance performance and up-to-date data.
[Query caching](/blog/2021/09/02/reduce-costs-and-increase-performance-with-query-caching-in-grafana-cloud/) significantly reduces load times and costs of Grafana dashboards, by temporarily storing query results in a cache. Now you can measure the hit rate of your query cache, to see how many queries (and therefore how much time and money) it is saving. You can also use these measurements to tune the cache time to live (TTL), to balance performance and up-to-date data.
You can also now manually clear the cache for a given data source in case data becomes stale, so that the next set of queries run against the data source itself.
To learn more, refer to [query caching in the Grafana Enterprise docs](https://grafana.com/docs/grafana/next/enterprise/query-caching/)
To learn more, refer to [query caching in the Grafana Enterprise docs](/docs/grafana/next/enterprise/query-caching/)
@ -20,9 +20,9 @@ We’re excited to announce Grafana v8.5, with a variety of improvements that fo
We’ve summarized what’s new in the release here, but you might also be interested in the announcement blog post as well. If you’d like all the details you can check out the complete [changelog](https://github.com/grafana/grafana/blob/main/CHANGELOG.md).
# OSS
## OSS
## Alerting - group names for Grafana-managed alert rules
### Alerting - group names for Grafana-managed alert rules
It’s been tricky to work with more than a small number of Grafana-managed alert rules without groups in namespaces. They’ve also been inconsistent with the [Prometheus Alert Generator Compliance Specification](https://github.com/prometheus/compliance/blob/main/alert_generator/specification.md), which made working with Grafana-managed and Prometheus-managed alerts a confusing experience. With this release, you can still see flattened Grafana-managed alerts in the “List” tab, or use the new “Grouped” tab to work with groups:
@ -34,9 +34,9 @@ Rules in a group are evaluated together, so you can also set the interval for th
{{<figuresrc="/static/img/docs/alerting/unified/rule-grouping-details-8-5.png"max-width="350px"caption="Rule group details">}}
## Analytics
### Analytics
You can now enable Grafana version update checking and Grafana plugins version update checking separately using [a new configuration option to separately enable plugin version update checks](https://grafana.com/docs/grafana/latest/administration/configuration/#check_for_plugin_updates). The [prior version update checking configuration](https://grafana.com/docs/grafana/latest/administration/configuration/#check_for_updates) now only controls Grafana version update checks.
You can now enable Grafana version update checking and Grafana plugins version update checking separately using [a new configuration option to separately enable plugin version update checks](/docs/grafana/latest/administration/configuration/#check_for_plugin_updates). The [prior version update checking configuration](/docs/grafana/latest/administration/configuration/#check_for_updates) now only controls Grafana version update checks.
When enabled, a check runs every 10 minutes. It will notify, via the UI, when a new version is available. The checks will not prompt any auto-updates of the Grafana software, nor will it send any sensitive information.
In addition to RSS feeds, the News panel now supports Atom feeds, allowing you to display a wider range of data and information in Grafana.
### Scrolling in the Bar gauge panel
#### Scrolling in the Bar gauge panel
The Bar gauge panel now supports scrolling to support displaying large datasets while maintaining the readability of labels. You can set a min width or height for the bars (depending on the chart’s orientation), allowing the content to overflow in the container and become scrollable.
@ -60,17 +60,17 @@ The Bar gauge panel now supports scrolling to support displaying large datasets
We’ve added support to substitute template variables to transformations. This allows dashboards to be more interactive with transformations when a user inputs calculations and `$__interval` and `$__interval_ms`.
### Grouping to matrix
#### Grouping to matrix
A new transformation is available that helps you structure data in a matrix format, using the Grafana table plugin.
## Expanding the navigation bar (Beta)
### Expanding the navigation bar (Beta)
Available by switching on the ‘newNavigation’ feature toggle.
You can expand the navigation bar for a better overview of Grafana’s features and installed integrations.
@ -80,26 +80,26 @@ Everywhere else in the world: sign up [here](https://www.userinterviews.com/proj
{{<figuresrc="/static/img/docs/navigation/new-navigation-8-5.png"max-width="400px"caption="New nav panel">}}
## Notifications list for error alerts (Beta)
### Notifications list for error alerts (Beta)
Available by switching on the ‘persistNotifications’ feature toggle.
In order to support debugging issues in Grafana, error alerts that appear when viewing a dashboard now include a trace ID, and these alerts can be accessed under Profile / Notifications.
{{<figuresrc="/static/img/docs/navigation/nav-profile-notification-8-5.png"max-width="200px"caption="New nav panel">}}
## Service accounts (beta)
### Service accounts (beta)
Service accounts are a major evolution for machine access within Grafana. You can create multiple API tokens per service account with independent expiration dates, and temporarily disable a service account without deleting it. These benefits make Service Accounts a more flexible way for Terraform and other apps to authenticate with Grafana. Service accounts also work with [fine-grained access control](https://grafana.com/docs/grafana/latest/enterprise/access-control/) in [Grafana Enterprise](https://grafana.com/docs/grafana/latest/enterprise/): you can improve security by granting service accounts specific roles to limit the functions they can perform. Service accounts are available in beta; you can try them out by enabling the `service-accounts` [feature toggle](https://grafana.com/docs/grafana/latest/administration/service-accounts/enable-service-accounts) or, if you use Grafana Cloud, [reaching out to our support team](https://grafana.com/orgs/raintank/tickets#) for early access. Learn more about Service Accounts in our [docs](https://grafana.com/docs/grafana/latest/administration/service-accounts).
Service accounts are a major evolution for machine access within Grafana. You can create multiple API tokens per service account with independent expiration dates, and temporarily disable a service account without deleting it. These benefits make Service Accounts a more flexible way for Terraform and other apps to authenticate with Grafana. Service accounts also work with [fine-grained access control](/docs/grafana/latest/enterprise/access-control/) in [Grafana Enterprise](/docs/grafana/latest/enterprise/): you can improve security by granting service accounts specific roles to limit the functions they can perform. Service accounts are available in beta; you can try them out by enabling the `service-accounts` [feature toggle](/docs/grafana/latest/administration/service-accounts/enable-service-accounts) or, if you use Grafana Cloud, [reaching out to our support team](/orgs/raintank/tickets#) for early access. Learn more about Service Accounts in our [docs](/docs/grafana/latest/administration/service-accounts).
{{<figuresrc="/static/img/docs/service-accounts/configure-8-5.png"max-width="400px"caption="Configure service accounts">}}
## Observability
### Observability
### Trace to Logs for Splunk
#### Trace to Logs for Splunk
With Trace to Logs, you can view relevant logs for a trace or span with one click. You can now link to Splunk logs from your tracing datasource. In your tracing datasource, configure Trace to Logs by selecting the Splunk datasource and relevant query options like tags to include in the query.
## Experimental Explore to Dashboard workflow
### Experimental Explore to Dashboard workflow
Allows users to create panels directly from within explore.
@ -108,29 +108,29 @@ With multiple queries, it will view the response from the first, non hidden quer
This feature is behind the `explore2Dashboard` feature toggle and is enabled by default.
# Grafana Enterprise
## Grafana Enterprise
## Security
### Security
### Fine-Grained Access Control comes to Alerting (beta)
#### Fine-Grained Access Control comes to Alerting (beta)
Check the Grafana Enterprise / Security section below for more details, including how to enable this beta feature; we’ve implemented
[fine-grained access control](https://grafana.com/docs/grafana/latest/enterprise/access-control/) for alerting rules, notification policies, and contact points in [Grafana Enterprise](https://grafana.com/docs/grafana/latest/enterprise/). You can turn on fine-grained access control using the `accesscontrol` [feature toggle](https://grafana.com/docs/grafana/latest/enterprise/access-control/#enable-fine-grained-access-control), or by [reaching out to our support team](https://grafana.com/orgs/raintank/tickets#) for early access if you use Grafana Cloud. For more information on fine-grained access control, visit our [docs](https://grafana.com/docs/grafana/latest/enterprise/access-control/).
[fine-grained access control](/docs/grafana/latest/enterprise/access-control/) for alerting rules, notification policies, and contact points in [Grafana Enterprise](/docs/grafana/latest/enterprise/). You can turn on fine-grained access control using the `accesscontrol` [feature toggle](/docs/grafana/latest/enterprise/access-control/#enable-fine-grained-access-control), or by [reaching out to our support team](/orgs/raintank/tickets#) for early access if you use Grafana Cloud. For more information on fine-grained access control, visit our [docs](/docs/grafana/latest/enterprise/access-control/).
### Control access to dashboards, folders, and annotations (beta)
#### Control access to dashboards, folders, and annotations (beta)
You can now use fine-grained access control to manage which specific users, teams, and roles can create, read, update, or delete dashboards, folders, or annotations. These are the latest services to incorporate fine-grained access control, which helps you dial in the specific access your users should have in Grafana. Fine-grained access control is currently in beta, but general availability is just around the corner, planned for our 9.0 release. You can turn on fine-grained access control using the `accesscontrol` [feature toggle](https://grafana.com/docs/grafana/latest/enterprise/access-control/#enable-fine-grained-access-control), or by [reaching out to our support team](https://grafana.com/orgs/raintank/tickets#) for early access if you use Grafana Cloud. For more information on fine-grained access control, visit our [docs](https://grafana.com/docs/grafana/latest/enterprise/access-control/).
You can now use fine-grained access control to manage which specific users, teams, and roles can create, read, update, or delete dashboards, folders, or annotations. These are the latest services to incorporate fine-grained access control, which helps you dial in the specific access your users should have in Grafana. Fine-grained access control is currently in beta, but general availability is just around the corner, planned for our 9.0 release. You can turn on fine-grained access control using the `accesscontrol` [feature toggle](/docs/grafana/latest/enterprise/access-control/#enable-fine-grained-access-control), or by [reaching out to our support team](/orgs/raintank/tickets#) for early access if you use Grafana Cloud. For more information on fine-grained access control, visit our [docs](/docs/grafana/latest/enterprise/access-control/).
{{<figuresrc="/static/img/docs/enterprise/configure-role-access-8-5.png"max-width="400px"caption="Configure role access">}}
### Configure Azure Key Vault using Managed Identities
#### Configure Azure Key Vault using Managed Identities
You can already keep secrets in Grafana’s database (like data source credentials) safer by retrieving your database encryption key from a Key Management Service, like AWS KMS or Azure Key Vault. In Grafana v8.5, you can use an Azure Managed Identity to integrate with Azure Key Vault. This simplifies the Key Vault integration and keeps it consistent with Grafana data sources, like Azure Data Explorer.
## Configure reports more easily
### Configure reports more easily
Reports are a great way to share Grafana dashboards by email with users who don’t regularly sign in to Grafana. In 8.5, we’ve revamped the Report authoring UI to make it quicker and easier for you to create reports. View report details at a glance in list view, consider one configuration step at a time, and save reports for later. Also, Grafana will now emit a log every time a report is sent, so you can confirm its status or learn about send errors. Learn more about Reporting in our [docs](https://grafana.com/docs/grafana/latest/enterprise/reporting/).
Reports are a great way to share Grafana dashboards by email with users who don’t regularly sign in to Grafana. In 8.5, we’ve revamped the Report authoring UI to make it quicker and easier for you to create reports. View report details at a glance in list view, consider one configuration step at a time, and save reports for later. Also, Grafana will now emit a log every time a report is sent, so you can confirm its status or learn about send errors. Learn more about Reporting in our [docs](/docs/grafana/latest/enterprise/reporting/).
@ -85,7 +85,7 @@ The new heatmap by default assumes that the data is pre-bucketed. So if your que
Grafana Alerting is now on by default if you upgrade from an earlier version of Grafana. If you have been using legacy alerting in an earlier version of Grafana and you upgrade to Grafana 9 your alert rules will be automatically migrated and the legacy alerting interface will be replaced by the Grafana Alerting interface.
Grafana Alerting, called unified alerting in Grafana 8, has been available since June, 2021 now provides feature parity with legacy alerting and many additional benefits. To find out more on the process to revert back to legacy alerts if needed, click [here]({{< relref "../alerting/migrating-alerts/opt-out/" >}}). Note that if you do revert back (by setting the Grafana config flag GF_UNIFIED_ALERTING_ENABLED to false), that we expect to remove legacy alerting in the next major Grafana release, Grafana 10.
Grafana Alerting, called unified alerting in Grafana 8, has been available since June, 2021 now provides feature parity with legacy alerting and many additional benefits. To find out more on the process to revert back to legacy alerts if needed, click [here]({{< relref "../alerting/migrating-alerts/opt-out" >}}). Note that if you do revert back (by setting the Grafana config flag GF_UNIFIED_ALERTING_ENABLED to false), that we expect to remove legacy alerting in the next major Grafana release, Grafana 10.
### Alert state history for Grafana managed alerts
@ -97,15 +97,15 @@ Grafana Alerting now provides the ability to capture an image for Grafana manage
## Envelope encryption is generally available and enabled by default
Grafana now uses envelope encryption to encrypt secrets in the database. Envelope encryption adds a layer of indirection to the encryption process. Instead of encrypting all secrets in the database with a single key, Grafana uses a set of keys called data encryption keys (DEKs) to encrypt them. These data encryption keys are themselves encrypted with a single key encryption key (KEK). This allows you to rotate your KEK and quickly re-encrypt your DEKs in case a key is compromised. In Grafana Enterprise, you can also store your KEK in an external key management service (KMS) like AWS KMS or Azure Key Vault, for extra security. Learn more about envelope encryption in the [database encryption documentation]({{< relref "../setup-grafana/configure-security/configure-database-encryption/#envelope-encryption" >}}).
Grafana now uses envelope encryption to encrypt secrets in the database. Envelope encryption adds a layer of indirection to the encryption process. Instead of encrypting all secrets in the database with a single key, Grafana uses a set of keys called data encryption keys (DEKs) to encrypt them. These data encryption keys are themselves encrypted with a single key encryption key (KEK). This allows you to rotate your KEK and quickly re-encrypt your DEKs in case a key is compromised. In Grafana Enterprise, you can also store your KEK in an external key management service (KMS) like AWS KMS or Azure Key Vault, for extra security. Learn more about envelope encryption in the [database encryption documentation]({{< relref "../setup-grafana/configure-security/configure-database-encryption#envelope-encryption" >}}).
The dashboard previews initially came to life during our internal [Grafana Labs Hackathon](https://grafana.com/blog/2022/01/14/all-about-the-grafana-labs-hackathon-2.0/?), and are now ready for an opt-in beta release. The previews provide an overview of all available dashboards and help you quickly find the right dashboard when the dashboard names aren’t enough.
The dashboard previews initially came to life during our internal [Grafana Labs Hackathon](/blog/2022/01/14/all-about-the-grafana-labs-hackathon-2.0/?), and are now ready for an opt-in beta release. The previews provide an overview of all available dashboards and help you quickly find the right dashboard when the dashboard names aren’t enough.
Refer to the [Dashboard previews topic](https://grafana.com/docs/grafana/next/dashboards/previews/) for instructions on how to enable the feature and current limitations.
Refer to the [Dashboard previews topic](/docs/grafana/next/dashboards/previews/) for instructions on how to enable the feature and current limitations.
@ -156,7 +156,7 @@ Query history is a panel that keeps track of all queries that are run in Explore
### RBAC is generally available
Fine-grained access control is now called role-based access control, or RBAC. It is now enabled by default in Grafana Enterprise and Grafana Cloud Advanced, so you can create and define custom roles like Annotations Writer, Users Viewer, and Dashboard Permissions Writer for users, teams, or service accounts. Learn more about RBAC in the [docs](https://grafana.com/docs/grafana/next/enterprise/access-control/).
Fine-grained access control is now called role-based access control, or RBAC. It is now enabled by default in Grafana Enterprise and Grafana Cloud Advanced, so you can create and define custom roles like Annotations Writer, Users Viewer, and Dashboard Permissions Writer for users, teams, or service accounts. Learn more about RBAC in the [docs](/docs/grafana/next/enterprise/access-control/).
{{<figuresrc="/static/img/docs/enterprise/rbac-ga.png"max-width="755px"caption="RBAC is GA">}}
@ -164,17 +164,17 @@ Fine-grained access control is now called role-based access control, or RBAC. It
### Add multiple dashboards to a single report
If you have information spread across several dashboards that you’d like to send out to a group of recipients periodically, you can now add multiple dashboards to a single report and send it all in one email. Learn more about Reporting in the [Reporting docs](https://grafana.com/docs/grafana/latest/enterprise/reporting/#reporting).
If you have information spread across several dashboards that you’d like to send out to a group of recipients periodically, you can now add multiple dashboards to a single report and send it all in one email. Learn more about Reporting in the [Reporting docs](/docs/grafana/latest/enterprise/reporting/#reporting).
### Embed an image of a dashboard in a report
Reporting is all about convenience - getting info to eyeballs as quickly as possible. Now you can embed an image of a dashboard directly within a report email, so your recipients can see it right when they open the message instead of opening an attached PDF. This is especially handy for SLOs, financial results, or other at-a-glance data. Learn more about Reporting in the [Reporting docs](https://grafana.com/docs/grafana/latest/enterprise/reporting/#reporting).
Reporting is all about convenience - getting info to eyeballs as quickly as possible. Now you can embed an image of a dashboard directly within a report email, so your recipients can see it right when they open the message instead of opening an attached PDF. This is especially handy for SLOs, financial results, or other at-a-glance data. Learn more about Reporting in the [Reporting docs](/docs/grafana/latest/enterprise/reporting/#reporting).
This is a partial list of notable breaking changes. For the complete list, see our [Release Notes]({{< relref "../release-notes/release-notes-9-0-0/" >}}).
This is a partial list of notable breaking changes. For the complete list, see our [Release Notes]({{< relref "../release-notes/release-notes-9-0-0" >}}).
### Role-based access control: changes for general release
@ -209,7 +209,7 @@ In the Prometheus data source, when grafana receives numeric data from Prometheu
<!-- ### InfluxDB: Support for browser access mode removed (should this stay??)
In the InfluxDB data source, browser access mode was deprecated in grafana 8.0.0 and we are removing this feature in 9.0.0. If you are using this mode, you need to [switch to server access mode]({{< relref "../datasources/influxdb/##influxql-classic-influxdb-query" >}}) on the data source configuration page or you can do this via provisioning. -->
In the InfluxDB data source, browser access mode was deprecated in grafana 8.0.0 and we are removing this feature in 9.0.0. If you are using this mode, you need to [switch to server access mode]({{< relref "../datasources/influxdb##influxql-classic-influxdb-query" >}}) on the data source configuration page or you can do this via provisioning. -->
### Transformations: Allow more complex regex expressions in rename by regex
@ -217,11 +217,11 @@ The rename by regex transformation has been improved to allow global patterns of
### Clock Panel
We have updated [clock panel](https://grafana.com/grafana/plugins/grafana-clock-panel/) to version `2.0.0` to make it compatible with Grafana 9. The previous version `1.3.1` will cause the Grafana 9 to [crash](https://github.com/grafana/clock-panel/issues/106) when being used in a dashboard, we encourage you to update the panel before migrating to Grafana 9.
We have updated [clock panel](/grafana/plugins/grafana-clock-panel/) to version `2.0.0` to make it compatible with Grafana 9. The previous version `1.3.1` will cause the Grafana 9 to [crash](https://github.com/grafana/clock-panel/issues/106) when being used in a dashboard, we encourage you to update the panel before migrating to Grafana 9.
### Polystat Panel
We have updated [polystat panel](https://grafana.com/grafana/plugins/grafana-polystat-panel/) to version `1.2.10` to make it compatible with Grafana 9. The previous versions `1.2.8` and below will render empty in Grafana 9. We encourage you to update the panel before or immediately after migrating to Grafana 9.
We have updated [polystat panel](/grafana/plugins/grafana-polystat-panel/) to version `1.2.10` to make it compatible with Grafana 9. The previous versions `1.2.8` and below will render empty in Grafana 9. We encourage you to update the panel before or immediately after migrating to Grafana 9.
### Plugins: Most relevant breaking changes
@ -233,10 +233,10 @@ We have updated [polystat panel](https://grafana.com/grafana/plugins/grafana-pol
You can find the complete list of breaking changes in the links below. Please check them out for more details and see if there is anything affecting your plugin
@ -248,7 +248,7 @@ Therefore, any secret created or updated in Grafana v9.0 won't be decryptable by
We strongly recommend that you enable `envelopeEncryption` for older versions to deploy envelope encryption. You can alternatively configure the `disableEnvelopeEncryption` feature toggle before upgrading to v9.0; however, this feature toggle might be removed in a future Grafana release.
For more details, and workarounds for potential issues, refer to the [documentation]({{< relref "../setup-grafana/configure-security/configure-database-encryption/" >}}).
For more details, and workarounds for potential issues, refer to the [documentation]({{< relref "../setup-grafana/configure-security/configure-database-encryption" >}}).
@ -45,17 +45,17 @@ You can now easily embed Grafana in other applications by adding a JWT token dir
When the JWT token is passed through the request URL to Grafana, Grafana validates and authenticates the token linked to a specific user, allowing access to dashboards which that user can view.
To see JWT URL embedding in action, see the [sample project](https://github.com/grafana/grafana-iframe-oauth-sample).
> **Note:** JWT URL Embedding and `allow_embedding` are not available to Grafana Cloud users. For Grafana Cloud, use the [Public Dashboards]({{< relref "../dashboards/dashboard-public/" >}}) feature. To enable that, [open a ticket with our Support team](/docs/grafana-cloud/account-management/support/).
> **Note:** JWT URL Embedding and `allow_embedding` are not available to Grafana Cloud users. For Grafana Cloud, use the [Public Dashboards]({{< relref "../dashboards/dashboard-public" >}}) feature. To enable that, [open a ticket with our Support team](/docs/grafana-cloud/account-management/support/).
{{<figuresrc="/static/img/docs/dashboards/jwt-url-embedding-9-1.png"max-width="750px"caption="A JWT token used to embed Grafana">}}
#### Organization role mapping for GitHub OAuth2 authentication
You can now use GitHub OAuth2 to map users or teams to specific [Grafana organization roles]({{< relref "../administration/roles-and-permissions/#organization-roles" >}}) by using `role_attribute_path` configuration option.
You can now use GitHub OAuth2 to map users or teams to specific [Grafana organization roles]({{< relref "../administration/roles-and-permissions#organization-roles" >}}) by using `role_attribute_path` configuration option.
Grafana will use [JMESPath](https://jmespath.org/examples.html) for path lookup and role mapping.
For more information, see the [documentation]({{< relref "../setup-grafana/configure-security/configure-authentication/github/#map-roles" >}}).
For more information, see the [documentation]({{< relref "../setup-grafana/configure-security/configure-authentication/github#map-roles" >}}).
Grafana Cloud users can access this feature by [opening a support ticket in the Cloud Portal](https://grafana.com/profile/org#support).
Grafana Cloud users can access this feature by [opening a support ticket in the Cloud Portal](/profile/org#support).
{{<figuresrc="/static/img/docs/permissions/org-role-mapping-github-9-1.png"max-width="750px"caption="Configuring GitHub OAuth2 authentication with role mapping">}}
@ -70,13 +70,13 @@ This feature will be rolled out to Grafana Cloud users over the course of severa
Panel title search uses our updated dashboard search approach.
Previously, Grafana used SQL database queries to find dashboards by title.
With the feature toggle enabled, Grafana can build an in-memory index of all dashboards.
To learn more about search in Grafana, see the [documentation]({{< relref "../dashboards/use-dashboards/#dashboard-search" >}}).
To learn more about search in Grafana, see the [documentation]({{< relref "../dashboards/use-dashboards#dashboard-search" >}}).
{{<figuresrc="/static/img/docs/dashboards/panel-title-search-9-1.png"max-width="750px"caption="Searching for a panel title">}}
#### Starred dashboards in the navigation bar
As part of the upcoming improvements to Grafana's navigation, you can now directly access your [starred dashboards]({{< relref "../dashboards/use-dashboards/" >}}) from the navigation bar.
As part of the upcoming improvements to Grafana's navigation, you can now directly access your [starred dashboards]({{< relref "../dashboards/use-dashboards" >}}) from the navigation bar.
{{<figuresrc="/static/img/docs/dashboards/starred-dashboards-9-1.png"max-width="750px"caption="Accessing your starred dashboards">}}
@ -85,15 +85,15 @@ As part of the upcoming improvements to Grafana's navigation, you can now direct
#### Heatmap improvements
The beta heatmap announced in version 9.0 is now used throughout Grafana.
Its performance is improved, and it now supports [exemplars]({{< relref "../fundamentals/exemplars/" >}}).
To learn more about the heatmap panel, see the [documentation]({{< relref "../panels-visualizations/visualizations/heatmap/" >}}).
Its performance is improved, and it now supports [exemplars]({{< relref "../fundamentals/exemplars" >}}).
To learn more about the heatmap panel, see the [documentation]({{< relref "../panels-visualizations/visualizations/heatmap" >}}).
You can now measure both distances and areas on Geomap visualizations by using the panel's new [measure tools]({{< relref "../panels-visualizations/visualizations/geomap/#show-measure-tools" >}}).
To learn more about the Geomap panel, see the [documentation]({{< relref "../panels-visualizations/visualizations/geomap/" >}}).
You can now measure both distances and areas on Geomap visualizations by using the panel's new [measure tools]({{< relref "../panels-visualizations/visualizations/geomap#show-measure-tools" >}}).
To learn more about the Geomap panel, see the [documentation]({{< relref "../panels-visualizations/visualizations/geomap" >}}).
@ -101,7 +101,7 @@ To learn more about the Geomap panel, see the [documentation]({{< relref "../pan
You can now link metrics queries to your traces.
This feature can be accessed by enabling the `traceToMetrics` feature toggle.
Grafana Cloud users can access this feature by [opening a support ticket in the Cloud Portal](https://grafana.com/profile/org#support).
Grafana Cloud users can access this feature by [opening a support ticket in the Cloud Portal](/profile/org#support).
In your tracing datasource configuration, select a metrics datasource, add tags, and write your queries.
Each query appears as a link on each span.
@ -109,7 +109,7 @@ The configured tag values are dynamically added to your metrics queries.
You can link to any metric you'd like.
Metrics for span durations, counts, and errors filtered by service or span are a great starting point.
The metrics generator introduced in Tempo 1.4 pairs extremely well with the trace to metrics feature.
To learn more about the metrics generator, see the [blog post](https://grafana.com/blog/2022/05/02/new-in-grafana-tempo-1.4-introducing-the-metrics-generator/).
To learn more about the metrics generator, see the [blog post](/blog/2022/05/02/new-in-grafana-tempo-1.4-introducing-the-metrics-generator/).
{{<figuresrc="/static/img/docs/panels/trace-to-metrics-9-1.png"max-width="750px"caption="Linking a trace to a metrics query">}}
@ -120,17 +120,17 @@ The data is shown in a table in the Tempo datasource under the Service Graph tab
To access the feature, enable the `tempoApmTable` feature toggle.
To receive the data for the APM table, you must also enable the metrics generator.
Grafana Cloud users can access this feature by [opening a support ticket in the Cloud Portal](https://grafana.com/profile/org#support).
Grafana Cloud users can access this feature by [opening a support ticket in the Cloud Portal](/profile/org#support).
The APM table displays rate, errors, and duration (RED) metrics.
To view your top five RED span metrics, use the table summary view.
The span metrics are created using the Tempo [metrics generator](https://grafana.com/blog/2022/05/02/new-in-grafana-tempo-1.4-introducing-the-metrics-generator/).
The span metrics are created using the Tempo [metrics generator](/blog/2022/05/02/new-in-grafana-tempo-1.4-introducing-the-metrics-generator/).
We also embedded several links directly into the table.
These links direct you to a Prometheus query to further investigate the data.
We also provide a link from the table directly to Tempo search, making it easier for you to investigate your APM metrics.
To learn more about the APM table, see the [documentation]({{< relref "../datasources/tempo/#apm-table" >}}).
To learn more about the APM table, see the [documentation]({{< relref "../datasources/tempo#apm-table" >}}).
{{<figuresrc="/static/img/docs/panels/apm-table-9-1.png"max-width="750px"caption="An APM table in the Explore view">}}
@ -139,7 +139,7 @@ To learn more about the APM table, see the [documentation]({{< relref "../dataso
#### (Alpha) Public dashboards
Public dashboards are available as an alpha feature that can be enabled with the `publicDashboards` feature toggle.
Grafana Cloud users can access this feature by [opening a support ticket in the Cloud Portal](https://grafana.com/profile/org#support).
Grafana Cloud users can access this feature by [opening a support ticket in the Cloud Portal](/profile/org#support).
You can generate a link for dashboards that you'd like to share publicly.
Anyone with the link will be able to access that dashboard, and nothing else.
@ -151,7 +151,7 @@ The public view of a dashboard has a few restrictions:
- The public dashboard is displayed in a read-only kiosk view.
- The time range is fixed to the dashboard default time range.
To learn more, see the [documentation]({{< relref "../dashboards/dashboard-public/" >}}).
To learn more, see the [documentation]({{< relref "../dashboards/dashboard-public" >}}).
#### Provisioning improvements for Grafana Alerting
@ -167,7 +167,7 @@ Provisioning for Grafana Alerting currently supports these resources:
@ -183,7 +183,7 @@ Reporting is better in a few specific ways in Grafana version 9.1:
For example, you can share last month's numbers as compared to the numbers for this month.
The dashboard uses the same template variables if you attach the dashboard to a report twice.
To learn more about reporting, see the [documentation]({{< relref "../dashboards/share-dashboards-panels/#reporting" >}}).
To learn more about reporting, see the [documentation]({{< relref "../dashboards/share-dashboards-panels#reporting" >}}).
{{<figuresrc="/static/img/docs/enterprise/reporting-draft-9-1.png"max-width="750px"caption="Saving a report as a draft">}}
@ -210,17 +210,17 @@ In v9.1, you can determine which users, teams, and roles can access app plugins
> This definition is planned for a future release.
You can also control who can view, edit, or administer dashboard and data source usage insights, as well as data source query caching configuration.
For more details, see the [RBAC documentation]({{< relref "../administration/roles-and-permissions/access-control/" >}}).
For more details, see the [RBAC documentation]({{< relref "../administration/roles-and-permissions/access-control" >}}).
{{<figuresrc="/static/img/docs/enterprise/rbac-app-plugins-9-1.png"max-width="750px"caption="Configuring role-based-access to app plugins">}}
#### Rotate your database encryption keys using Grafana's API
In Grafana version 9.0, we [revamped]({{< relref "./whats-new-in-v9-0/#envelope-encryption-is-generally-available-and-enabled-by-default" >}}) the method Grafana uses to encrypt secrets, like data source credentials, so that you can rotate encryption keys and integrate with a key management system like Hashicorp Vault, AWS Key Management Service, or Azure Key Vault.
In Grafana version 9.0, we [revamped]({{< relref "./whats-new-in-v9-0#envelope-encryption-is-generally-available-and-enabled-by-default" >}}) the method Grafana uses to encrypt secrets, like data source credentials, so that you can rotate encryption keys and integrate with a key management system like Hashicorp Vault, AWS Key Management Service, or Azure Key Vault.
Now, you can rotate keys and re-encrypt secrets via API.
This makes it easier to configure Grafana to be secure while deploying it.
To learn more, see our guide to [configuring database encryption]({{< relref "../setup-grafana/configure-security/configure-database-encryption/#configure-database-encryption" >}}).
To learn more, see our guide to [configuring database encryption]({{< relref "../setup-grafana/configure-security/configure-database-encryption#configure-database-encryption" >}}).
#### Audit all actions in Grafana using verbose logging
@ -228,7 +228,7 @@ Auditing logs helps you manage and mitigate activity and meet compliance require
By default, Grafana emits an audit log with every action that changes something (like a user creating or updating a dashboard or updating another user's permissions).
If you want to record all actions on the Grafana server, including GETs and page views, you can now turn on `verbose mode`.
This results in more logs, but it can be useful to debug specific issues or make sure you catch everything happening in Grafana for security or compliance reasons.
To learn more, see the [configuration documentation]({{< relref "../setup-grafana/configure-grafana/enterprise-configuration/#verbose" >}}).
To learn more, see the [configuration documentation]({{< relref "../setup-grafana/configure-grafana/enterprise-configuration#verbose" >}}).
@ -237,7 +237,7 @@ To learn more, see the [configuration documentation]({{< relref "../setup-grafan
When you synchronize users from a SAML, LDAP, or OAuth provider, some user settings, such as name and email address, are synchronized from your identity provider.
Previously, you could edit those settings in the Grafana UI, but they would revert back.
To make user management clearer, you can now see which settings are synchronized from your identity provider, but you cannot edit those settings.
To learn more about authentication, see the [documentation]({{< relref "../setup-grafana/configure-security/configure-authentication/" >}}).
To learn more about authentication, see the [documentation]({{< relref "../setup-grafana/configure-security/configure-authentication" >}}).
{{<figuresrc="/static/img/docs/enterprise/oauth-synced-user-9-1.png"max-width="750px"caption="Non-interactive view of a user synced via OAuth">}}
@ -25,9 +25,9 @@ _Available in beta in Grafana Open Source._
Dashboard panel issues can occur for all kinds of reasons, from problems processing data to issues with rendering or configuration.
Shorten your communication time when reporting issues and requesting help from Grafana Labs by retrieving a panel's query response data and panel settings.
This will help the support team reproduce, diagnose, and fix the issue as quickly as possible.
See our [documentation](https://grafana.com/docs/grafana/latest/troubleshooting/send-panel-to-grafana-support/) for more info.
See our [documentation](/docs/grafana/latest/troubleshooting/send-panel-to-grafana-support/) for more info.
For details, see [GitHub issue #55005](https://github.com/grafana/grafana/issues/55005) and ["Send a panel to Grafana Labs support"](https://grafana.com/docs/grafana/latest/troubleshooting/send-panel-to-grafana-support/) in the documentation.
For details, see [GitHub issue #55005](https://github.com/grafana/grafana/issues/55005) and ["Send a panel to Grafana Labs support"](/docs/grafana/latest/troubleshooting/send-panel-to-grafana-support/) in the documentation.
{{<figuresrc="/static/img/docs/panels/panel-help-9-2.gif"max-width="750px"caption="Retrieving a panel's query response data and panel settings">}}
@ -50,7 +50,7 @@ _Generally available in Grafana Open Source._
You can now use Google Analytics 4 (GA4) to track usage of Grafana.
To enable tracking with GA4, specify your property's measurement ID in Grafana's configuration file.
Read more [in our documentation](https://grafana.com/docs/grafana/latest/setup-grafana/configure-grafana/#google_analytics_4_id).
Read more [in our documentation](/docs/grafana/latest/setup-grafana/configure-grafana/#google_analytics_4_id).
Google Analytics 4 replaces Universal Analytics, which will stop processing hits in 2023 (July 1 for free accounts, October 1 for Google Analytics 360).
You can continue using Universal Analytics with Grafana and send analytics data to both types of properties.
@ -75,7 +75,7 @@ You can change this default to either `Alerting` or `OK`.
This change does not update existing alert rules.
For details on this change, see [GitHub pull request #55345](https://github.com/grafana/grafana/pull/55345).
For more information about alerting states, see the [alerting documentation](https://grafana.com/docs/grafana/latest/alerting/fundamentals/state-and-health/).
For more information about alerting states, see the [alerting documentation](/docs/grafana/latest/alerting/fundamentals/state-and-health/).
## Configure external alertmanagers as data sources
@ -90,7 +90,7 @@ External alertmanagers should now be configured as data sources using Grafana Co
_Available in Experimental in Grafana Open Source, Enterprise, Cloud Pro, and Cloud Advanced._
_To enable public dashboards, you must enable a feature flag or request this feature from support._
[Public dashboards](https://grafana.com/docs/grafana/latest/dashboards/dashboard-public/) launched as an experimental feature in Grafana v9.1.
[Public dashboards](/docs/grafana/latest/dashboards/dashboard-public/) launched as an experimental feature in Grafana v9.1.
We've received lots of great feedback on this much-anticipated feature and thank everyone who has helped us improve it.
The team has been hard at work polishing public dashboards, and we've closed quite a few bugs related to community reports.
If you're trying out public dashboards, let us know how it is going in the [open discussion in GitHub](https://github.com/grafana/grafana/discussions/49253).
@ -98,7 +98,7 @@ Beyond bug fixes, we're excited to share some new features:
### Expression support
We have added the ability to use [expressions](https://grafana.com/docs/grafana/latest/panels/query-a-data-source/use-expressions-to-manipulate-data/about-expressions/) for your public dashboards.
We have added the ability to use [expressions](/docs/grafana/latest/panels/query-a-data-source/use-expressions-to-manipulate-data/about-expressions/) for your public dashboards.
{{<figuresrc="/static/img/docs/dashboards/public-dashboards-expressions-9-2.png"max-width="750px"caption="Using expressions in a public dashboard">}}
@ -140,8 +140,8 @@ For details on using this functionality, see [GitHub pull request #55313](https:
## Transformations: INNER JOINs
[Transformations]({{< relref "../panels-visualizations/query-transform-data/transform-data/" >}}) allow you to shape raw data from data sources, like metrics series or GitHub issues, into a format that's appropriate for the chosen visualization.
We have extended the [Join transformation]({{< relref "../panels-visualizations/query-transform-data/transform-data/#join-by-field" >}}) to support INNER JOINs in addition to OUTER JOINs. These work similarly to SQL JOINs.
[Transformations]({{< relref "../panels-visualizations/query-transform-data/transform-data" >}}) allow you to shape raw data from data sources, like metrics series or GitHub issues, into a format that's appropriate for the chosen visualization.
We have extended the [Join transformation]({{< relref "../panels-visualizations/query-transform-data/transform-data#join-by-field" >}}) to support INNER JOINs in addition to OUTER JOINs. These work similarly to SQL JOINs.
{{<figuresrc="/static/img/docs/transformations/transform-outer-join-9-2.png"max-width="750px"caption="Query builder groupings for Google Cloud monitoring">}}
@ -153,7 +153,7 @@ _Generally available in Grafana Open Source._
We have significantly simplified and improved the way you can create template variable queries for Loki data sources in dashboards.
Use drop-downs to choose query type, label, and stream selector, without needing to worry about templating query syntax.
For more information, refer to [Loki data source documentation](https://grafana.com/docs/grafana/latest/datasources/loki/#query-variable).
For more information, refer to [Loki data source documentation](/docs/grafana/latest/datasources/loki/#query-variable).
{{<figuresrc="/static/img/docs/queries/loki-template-variable-queries-9-2.png"max-width="750px"caption="Creating a template variable query for Loki">}}
@ -183,7 +183,7 @@ Previously, you could assign roles only when looking at a list of all teams.
#### RBAC: Organize custom roles into groups
If you create many custom roles in Grafana – for example, different roles for editing specific dashboards or folders, or specific roles for certain teams in your company – you can now organize them into groups for more efficient navigation, browsing, and custom role assignment.
For more information on custom roles, see the [documentation](https://grafana.com/docs/grafana/latest/developers/http_api/access_control/#create-a-new-custom-role).
For more information on custom roles, see the [documentation](/docs/grafana/latest/developers/http_api/access_control/#create-a-new-custom-role).
{{<figuresrc="/static/img/docs/manage-users/rbac-groups-9-2.png"max-width="750px"caption="Organizing custom roles into RBAC groups">}}
@ -200,7 +200,7 @@ _Generally available in Grafana Enterprise, Grafana Cloud Pro, and Advanced._
### Map a user to all organizations in Grafana
You can now use `*` as the Grafana organization in the mapping to add all users from a given SAML Organization to all existing Grafana organizations.
For more information, see ["Configure SAML authentication"](https://grafana.com/docs/grafana/next/setup-grafana/configure-security/configure-authentication/saml/#configure-organization-mapping) in the documentation.
For more information, see ["Configure SAML authentication"](/docs/grafana/next/setup-grafana/configure-security/configure-authentication/saml/#configure-organization-mapping) in the documentation.
### Skip organization role sync
@ -210,24 +210,24 @@ If you use a SAML identity provider to manage your users but prefer to assign ro
Use the `skip_org_role_sync` configuration option when configuring SAML to prevent synchronization with SAML roles and make user roles editable from within Grafana.
For more information, see the [SAML configuration documentation](https://grafana.com/docs/grafana/latest/setup-grafana/configure-security/configure-authentication/saml/).
For more information, see the [SAML configuration documentation](/docs/grafana/latest/setup-grafana/configure-security/configure-authentication/saml/).
## Assign Server Admin permissions from Oauth
You can now map OAuth groups and roles to Server Admin for the GitLab, GitHub, AzureAD, Okta, and Generic OAuth integrations.
To enable this functionality, set the `allow_assign_grafana_admin` configuration option to `true` in the desired OAuth integration section.
For more information, see the [authentication configuration documentation](https://grafana.com/docs/grafana/latest/setup-grafana/configure-security/configure-authentication/) for each OAuth client.
For more information, see the [authentication configuration documentation](/docs/grafana/latest/setup-grafana/configure-security/configure-authentication/) for each OAuth client.
## Match parameter support in prometheus labels API
Prometheus users running Prometheus v2.24 and higher can use the [labels endpoint](https://prometheus.io/docs/prometheus/latest/querying/api/#querying-label-values) instead of the [series endpoint](https://prometheus.io/docs/prometheus/latest/querying/api/#finding-series-by-label-matchers) for the [`label_values` function]({{< relref "../datasources/prometheus/#query-variable" >}}).
Prometheus users running Prometheus v2.24 and higher can use the [labels endpoint](https://prometheus.io/docs/prometheus/latest/querying/api/#querying-label-values) instead of the [series endpoint](https://prometheus.io/docs/prometheus/latest/querying/api/#finding-series-by-label-matchers) for the [`label_values` function]({{< relref "../datasources/prometheus#query-variable" >}}).
This decreases load times for templated high-cardinality Prometheus instances.
If you want to benefit from this endpoint you must first configure the Prometheus type and version in any Prometheus data sources' [configuration]({{< relref "../datasources/prometheus/" >}}).
If you want to benefit from this endpoint you must first configure the Prometheus type and version in any Prometheus data sources' [configuration]({{< relref "../datasources/prometheus" >}}).
## New Prometheus streaming parser
In Grafana v9.2, you can enable the `prometheusStreamingJSONParser` [feature toggle]({{< relref "../setup-grafana/configure-grafana/#feature_toggles" >}}) to use a better-performing, memory-efficient streaming JSON client for Prometheus.
In Grafana v9.2, you can enable the `prometheusStreamingJSONParser` [feature toggle]({{< relref "../setup-grafana/configure-grafana#feature_toggles" >}}) to use a better-performing, memory-efficient streaming JSON client for Prometheus.
We'll make this client the default in Grafana v9.3.
When Prometheus returns `NaN` values, this new client doesn't change them, neither to the value `null` nor to `0` as in recent Grafana versions.
@ -12,7 +12,7 @@ title: What's new in Grafana v9.3
weight: -34
---
# What’s new in Grafana v9.3
# What's new in Grafana v9.3
Welcome to Grafana 9.3! Read on to learn about our navigation overhaul, support for four new languages, new panels and transformations, several often-requested auth improvements, usability improvements to Alerting, and more. For even more detail about all the changes in this release, refer to the [changelog](https://github.com/grafana/grafana/blob/master/CHANGELOG.md).
@ -40,7 +40,7 @@ We have added four new languages to Grafana: Spanish, French, German, and Simpli
With millions of users across the globe, Grafana has a global footprint. In order to make it accessible to a wider audience, we have taken the first steps in localizing key workflows. You can now set Grafana’s language for the navigation, viewing dashboards, and some settings. This will cover the main activities a Viewer performs within Grafana.
Read more about configuring the [default language for your organization]({{< relref "../administration/organization-preferences/" >}}) and [updating your profile]({{< relref "../administration/user-management/user-preferences/" >}}) in our documentation.
Read more about configuring the [default language for your organization]({{< relref "../administration/organization-preferences" >}}) and [updating your profile]({{< relref "../administration/user-management/user-preferences" >}}) in our documentation.
{{<figuresrc="/static/img/docs/internationalization/internationalization-9-3.png"max-width="750px"caption="Grafana available in Spanish, French, German, and Simplified Chinese">}}
@ -48,7 +48,7 @@ Read more about configuring the [default language for your organization]({{< rel
Generally available in all editions of Grafana
We have added a new alpha layer type in Geomap called photo layer. This layer enables you to render a photo at each data point. To learn more about the photo layer and the geomap panel, refer to [Photos layer]({{< relref "../panels-visualizations/visualizations/geomap/#photos-layer-alpha" >}}).
We have added a new alpha layer type in Geomap called photo layer. This layer enables you to render a photo at each data point. To learn more about the photo layer and the geomap panel, refer to [Photos layer]({{< relref "../panels-visualizations/visualizations/geomap#photos-layer-alpha" >}}).
@ -80,9 +80,9 @@ Available in **experimental** in Grafana Open Source, Enterprise, and Cloud Adva
Annotations are now supported in public dashboards, with the exception of query annotations. They are turned off by default, but can be turned on in your public dashboard settings.
Note that because Public Dashboards is an experimental feature, you need to enable it in Grafana using the `publicDashboards` [feature toggle]({{< relref "../setup-grafana/configure-grafana/#feature_toggles" >}}), or open a support ticket requesting public dashboards if you are a Cloud Advanced customer.
Note that because Public Dashboards is an experimental feature, you need to enable it in Grafana using the `publicDashboards` [feature toggle]({{< relref "../setup-grafana/configure-grafana#feature_toggles" >}}), or open a support ticket requesting public dashboards if you are a Cloud Advanced customer.
To learn more about public dashboards, refer to [Public dashboards]({{< relref "../dashboards/dashboard-public/" >}}).
To learn more about public dashboards, refer to [Public dashboards]({{< relref "../dashboards/dashboard-public" >}}).
## New transformation: Partition by values
@ -130,7 +130,7 @@ Generally available in Grafana Enterprise, Cloud Pro, and Cloud Advanced.
Because dashboards appear on a screen and reports are PDFs, it can be challenging to render data just the way you want to. Sometimes the report doesn't show enough columns in a table, or the titles appear too small. Now you can adjust the scale of your report to zoom in and make each text field and panel larger or zoom out to show more data.
The zoom feature is located in the **Format Report** section of your reporting configuration. To learn more about reporting, refer to [Create and manage reports]({{< relref "../dashboards/create-reports/">}}).
The zoom feature is located in the **Format Report** section of your reporting configuration. To learn more about reporting, refer to [Create and manage reports]({{< relref "../dashboards/create-reports">}}).
{{<figuresrc="/static/img/docs/enterprise/reports/report-zoom.png"max-width="750px"caption="Report zoom feature with PDF documents at three different zoom levels">}}
@ -146,7 +146,7 @@ As part of our efforts to improve the security of Grafana, we are introducing a
Because this feature introduces a breaking change, it is behind the `accessTokenExpirationCheck` feature toggle and is disabled by default. Enabling this functionality without configuring refresh tokens for the specific OAuth provider will sign users out after their access token has expired, and they would need to sign in again every time.
Complete documentation on how to configure obtaining a refresh token can be found on the [authentication configuration page]({{< relref "../setup-grafana/configure-security/configure-authentication/" >}}), in the instructions for your Oauth identity provider.
Complete documentation on how to configure obtaining a refresh token can be found on the [authentication configuration page]({{< relref "../setup-grafana/configure-security/configure-authentication" >}}), in the instructions for your Oauth identity provider.
### Resolve user conflicts in Grafana's CLI
@ -177,7 +177,7 @@ or via API, you can now skip user organization role synchronization with your LD
directory.
Use the `skip_org_role_sync` [LDAP authentication configuration option]({{<relref
### RBAC with Terraform: Extended support for provisioning permissions
Generally available in Grafana Enterprise and Cloud Advanced
All Grafana users can now use the latest release of [Terraform's Grafana provider](https://registry.terraform.io/providers/grafana/grafana/latest/docs) (version 1.31.1+) to provision [user and team access to service accounts]({{< relref "../administration/service-accounts/#manage-users-and-teams-permissions-for-a-service-account-in-grafana" >}}).
All Grafana users can now use the latest release of [Terraform's Grafana provider](https://registry.terraform.io/providers/grafana/grafana/latest/docs) (version 1.31.1+) to provision [user and team access to service accounts]({{< relref "../administration/service-accounts#manage-users-and-teams-permissions-for-a-service-account-in-grafana" >}}).
This allows full management of service accounts through Terraform - from creating a service account and allowing users to access it to assigning roles to the service account and generating service account tokens.
Grafana Enterprise and Cloud Pro and Advanced users can now provision [access to data sources]({{< relref "../administration/data-source-management/#data-source-permissions" >}}) for Grafana's `Viewer`, `Editor`, and `Admin` basic roles, as well as assign `Edit` permission.
Grafana Enterprise and Cloud Pro and Advanced users can now provision [access to data sources]({{< relref "../administration/data-source-management#data-source-permissions" >}}) for Grafana's `Viewer`, `Editor`, and `Admin` basic roles, as well as assign `Edit` permission.
We have also added [documentation on provisioning RBAC roles and role assignments]({{< relref "../administration/roles-and-permissions/access-control/rbac-terraform-provisioning/" >}}) to guide our Grafana Enterprise and Cloud Pro and Advanced users through this process.
We have also added [documentation on provisioning RBAC roles and role assignments]({{< relref "../administration/roles-and-permissions/access-control/rbac-terraform-provisioning" >}}) to guide our Grafana Enterprise and Cloud Pro and Advanced users through this process.
Finally, we have fixed several access control related bugs to ensure a smoother provisioning experience.
@ -10,7 +10,7 @@ title: What's new in Grafana v9.4
weight: -35
---
# What’s new in Grafana v9.4
# What's new in Grafana v9.4
Welcome to Grafana 9.4! Read on to learn about changes to search and navigation, dashboards and visualizations, and authentication and security. For even more detail about all the changes in this release, refer to the [changelog](https://github.com/grafana/grafana/blob/master/CHANGELOG.md).
@ -26,17 +26,17 @@ The command palette has been updated to provide a more efficient way to navigate
To launch the command palette, use the keyboard shortcut `cmd + K` on Mac or `ctrl + K` on Linux/Windows.
To learn more about the command palette, refer to [Search]({{< relref "../search/" >}}).
To learn more about the command palette, refer to [Search]({{< relref "../search" >}}).
_Generally available on Grafana Cloud, and available to preview using the `topnav` [feature toggle]({{< relref "../setup-grafana/configure-grafana/#feature_toggles" >}}) in all editions of Grafana._
_Generally available on Grafana Cloud, and available to preview using the `topnav` [feature toggle]({{< relref "../setup-grafana/configure-grafana#feature_toggles" >}}) in all editions of Grafana._
The navigation in Grafana has been updated with a new design and an improved structure to make it easier for you to access the data you need. With this update, you'll be able to quickly navigate between features, giving you full visibility into the health of your systems.
The new navigation is gradually rolling out to all users on Grafana Cloud. If you’re using Grafana Open Source and Enterprise, you can enable this feature using the `topnav` [feature toggle]({{< relref "../setup-grafana/configure-grafana/#feature_toggles" >}}).
The new navigation is gradually rolling out to all users on Grafana Cloud. If you’re using Grafana Open Source and Enterprise, you can enable this feature using the `topnav` [feature toggle]({{< relref "../setup-grafana/configure-grafana#feature_toggles" >}}).
> **Note:** The Grafana documentation has not yet been updated to reflect changes to the navigation.
@ -50,7 +50,7 @@ We've made the following changes to dashboards and visualizations. Learn more ab
### Dashboard panel redesign
_Available to preview using the `newPanelChromeUI` [feature toggle]({{< relref "../setup-grafana/configure-grafana/#feature_toggles" >}}) in all editions of Grafana_.
_Available to preview using the `newPanelChromeUI` [feature toggle]({{< relref "../setup-grafana/configure-grafana#feature_toggles" >}}) in all editions of Grafana_.
Dashboard panels contain a lot of information, some of which is difficult to discover or access from the dashboard. With our redesigned panels, we've improved accessibility and made it easier to understand the status of a panel by adding and moving key elements.
@ -64,7 +64,7 @@ However, we have more planned: we’re going to make even more improvements to t
### New data source connection page in Dashboards and Explore
_Available to preview using the `datasourceOnboarding` [feature toggle]({{< relref "../setup-grafana/configure-grafana/#feature_toggles" >}})._
_Available to preview using the `datasourceOnboarding` [feature toggle]({{< relref "../setup-grafana/configure-grafana#feature_toggles" >}})._
When you start your journey to create a dashboard or explore your data, but you don't have a data source connected yet, you’ll be shown a page that guides you to set up a first connection.
@ -80,7 +80,7 @@ We've updated the **Details** section of a log line. Previously some of the inte
{{<figuresrc="/static/img/logs/log-details-whats-new-9-4.png"max-width="750px"caption="Log details redesign with interactions">}}
Learn more about viewing logs in our [Logs panel documentation]({{< relref "../panels-visualizations/visualizations/logs/" >}}).
Learn more about viewing logs in our [Logs panel documentation]({{< relref "../panels-visualizations/visualizations/logs" >}}).
### Loki datasource query validation
@ -90,7 +90,7 @@ We added support to validate queries and visually display errors as a query is b
Learn more about viewing logs in our [Logs panel documentation]({{< relref "../panels-visualizations/visualizations/logs/" >}}).
Learn more about viewing logs in our [Logs panel documentation]({{< relref "../panels-visualizations/visualizations/logs" >}}).
### Loki logs sample in Explore
@ -122,7 +122,7 @@ We have added a configuration option that enables you to require an expiration d
This change will not affect existing tokens. However, newly created tokens will require an expiration date that doesn't exceed the configuration option `token_expiration_day_limit`. This option is disabled by default.
Learn more about service accounts in our [Service account documentation]({{< relref "../administration/service-accounts/" >}}).
Learn more about service accounts in our [Service account documentation]({{< relref "../administration/service-accounts" >}}).
### OAuth providers setting for skip org role sync
@ -130,7 +130,7 @@ While Grafana integrates with many different auth providers, we have received re
This option enables you to skip synchronization from your configured OAuth provider specifically in the auth provider section under `skip_org_role_sync`. Previously users could only do this for certain providers using the `oauth_skip_org_role_sync_update` option, but this would include all of the configured providers.
Learn more about Oauth in our [Oauth configuration guide]({{< relref "../setup-grafana/configure-security/configure-authentication/generic-oauth/" >}}).
Learn more about Oauth in our [Oauth configuration guide]({{< relref "../setup-grafana/configure-security/configure-authentication/generic-oauth" >}}).
### RBAC support for Grafana OnCall plugin
@ -141,7 +141,7 @@ Before RBAC support in Grafana OnCall, it was only possible to allow your organi
For example, you can assign a Viewer basic role to a user in your organization (users must still have a basic role assigned) and also assign them the new Grafana OnCall RBAC role of **Schedules Editor**. This assignment enables the user to view everything in Grafana OnCall, and edit OnCall schedules.
Learn more about role-based access control in our [RBAC docs]({{< relref "../administration/roles-and-permissions/access-control/" >}}).
Learn more about role-based access control in our [RBAC docs]({{< relref "../administration/roles-and-permissions/access-control" >}}).
### SAML auto login
@ -149,13 +149,13 @@ We've added auto-login support for SAML authentication, which you can turn on wi
have a unified configuration style among all authentication providers. Instead of using
`oauth_auto_login`, use the new `auto_login` option to enable automatic login for specific OAuth providers.
Learn more about SAML setup in our [SAML configuration guide]({{< relref "../setup-grafana/configure-security/configure-authentication/saml/" >}}).
Learn more about SAML setup in our [SAML configuration guide]({{< relref "../setup-grafana/configure-security/configure-authentication/saml" >}}).
## Auditing and Usage Insights: Support for Loki multi-tenancy
_This feature is available for Enterprise customers_
This feature adds support to push analytics events and auditing logs to Loki with multi-tenancy mode, by specifying a tenant id. Learn more about [auditing]({{< relref "../setup-grafana/configure-security/audit-grafana/" >}}) and [usage insights]({{< relref "../setup-grafana/configure-security/export-logs/" >}}) in our docs.
This feature adds support to push analytics events and auditing logs to Loki with multi-tenancy mode, by specifying a tenant id. Learn more about [auditing]({{< relref "../setup-grafana/configure-security/audit-grafana" >}}) and [usage insights]({{< relref "../setup-grafana/configure-security/export-logs" >}}) in our docs.
## Reporting: Zoom in and out on your dashboard in a report PDF
@ -168,11 +168,11 @@ You can modify the scale factor for each report in the report editor when you sh
{{<figuresrc="/media/docs/grafana/FormatReportShare9.4.png"max-width="750px"caption="Scale factor feature in Share functionality">}}
Learn more about reporting in our [documentation]({{< relref "../dashboards/create-reports/" >}})
Learn more about reporting in our [documentation]({{< relref "../dashboards/create-reports" >}})
## Alerting
We've made major improvements to Grafana Alerts, from new contact points and search options to improved workflows between Alerting and OnCall. For all the details, refer to our [Alerting documentation]({{< relref "../alerting/" >}}).
We've made major improvements to Grafana Alerts, from new contact points and search options to improved workflows between Alerting and OnCall. For all the details, refer to our [Alerting documentation]({{< relref "../alerting" >}}).
### Alerting: alert rules
@ -266,7 +266,7 @@ Grafana Alerting is now compatible with AWS Aurora, but does not provide technic
## Enterprise Datasources
We've made improvements to all [Enterprise Datasources]({{< relref "../introduction/grafana-enterprise/#enterprise-data-sources" >}}), fixing small bugs, and updating libraries. We've also added many new features and support for additional APIs. Refer to each datasource's documentation and the change log for additional information.
We've made improvements to all [Enterprise Datasources]({{< relref "../introduction/grafana-enterprise#enterprise-data-sources" >}}), fixing small bugs, and updating libraries. We've also added many new features and support for additional APIs. Refer to each datasource's documentation and the change log for additional information.
@ -10,7 +10,7 @@ title: What's new in Grafana v9.5
weight: -36
---
# What’s new in Grafana v9.5
# What's new in Grafana v9.5
Welcome to Grafana 9.5! We're excited to share some major updates to Grafana's navigation, tons of usability improvements to Alerting, and some promising experiments to help you query your Prometheus metrics. Also, read on to learn about our continued migration from API keys to service accounts, as well as deprecation of plugins that use Angular and a field in the InfluxDB data source.
@ -62,7 +62,7 @@ Dashboard panels contain a lot of information, some of which is difficult to dis
We’ve improved panels without titles, made panel descriptions and errors more succinct, and linked key actions from the header of the panel. All of these are laid out from left to right in a row, so there are no overlapping, unusable components.
Grafana’s new panel design is available only for React-based panels. No Angular-based panels, like the legacy Graph and Worldmap panels, are redesigned. As a reminder, Angular is deprecated in Grafana and will be removed in a future release. See our [deprecation docs]({{< relref "../developers/angular_deprecation/" >}}) for more information.
Grafana’s new panel design is available only for React-based panels. No Angular-based panels, like the legacy Graph and Worldmap panels, are redesigned. As a reminder, Angular is deprecated in Grafana and will be removed in a future release. See our [deprecation docs]({{< relref "../developers/angular_deprecation" >}}) for more information.
{{<figuresrc="/media/docs/grafana/panel-redesign-whats-new-9.5.png"max-width="750px"caption="Panel header with open menu">}}
@ -91,7 +91,7 @@ This improves Prometheus query editor performance, with the biggest performance
## Removal of API key creation from the UI
With this update we are going one step further in deprecating API keys in favor of [service accounts]({{< relref "../administration/service-accounts/" >}}). We've removed the button for creating new API keys through Grafana's user interface, and now only allow the creation of API keys using our HTTP API. We recommend that you migrate your existing API keys to service accounts, and opt for new service accounts instead of new API keys. This change is part of our long-term strategy for sunsetting API keys.
With this update we are going one step further in deprecating API keys in favor of [service accounts]({{< relref "../administration/service-accounts" >}}). We've removed the button for creating new API keys through Grafana's user interface, and now only allow the creation of API keys using our HTTP API. We recommend that you migrate your existing API keys to service accounts, and opt for new service accounts instead of new API keys. This change is part of our long-term strategy for sunsetting API keys.
Learn more about the deprecation strategy for API keys and how to manage them in our [Sunsetting API keys](https://github.com/grafana/grafana/issues/53567) GitHub issue.
@ -101,7 +101,7 @@ _Generally available in all editions of Grafana._
Support bundles provide a simple way to collect information about your Grafana instance through Grafana's user interface. In a few clicks, you can create a support bundle containing data about migrations, plugins, settings, and more. Once you've created a support bundle, you can either examine it yourself, or share it with your colleagues or Grafana engineers to aid in troubleshooting of your Grafana instance.
Learn more about support bundles and how to configure them in our [support bundle documentation]({{< relref "../troubleshooting/support-bundles/" >}}).
Learn more about support bundles and how to configure them in our [support bundle documentation]({{< relref "../troubleshooting/support-bundles" >}}).
{{<figuresrc="/static/img/docs/troubleshooting/support-bundle.png"max-width="750px"caption="Create a support bundle to resolve issues faster">}}
@ -161,7 +161,7 @@ Get additional help while configuring your Alertmanager. If you enter an invalid
The `database` field in the provisioning file has been deprecated.
This information will be stored in the `jsonData` field using the `dbName` property.
The `database` field will be removed in the future to make InfluxDB consistent with other data sources.
For more information and examples please refer to the [InfluxDB Provisioning docs]({{< relref "../datasources/influxdb/#provision-the-data-source" >}}).
For more information and examples please refer to the [InfluxDB Provisioning docs]({{< relref "../datasources/influxdb#provision-the-data-source" >}}).
## Auth: Lock organization roles synced from auth providers
@ -175,7 +175,7 @@ This feature should be used if you want to enforce strict role synchronization f
To use this feature, enable the `onlyExternalOrgRoleSync` feature toggle. If you’re using Grafana Cloud and would like to enable this feature, please contact customer support. We'll also be automatically enabling this feature for Grafana Cloud instances over the upcoming weeks.
You can also _prevent_ the synchronization of organization roles from a given authentication provider. Learn more in our [skip org role sync]({{< relref "../setup-grafana/configure-grafana/#authgrafana_com-skip_org_role_sync/" >}}) documentation.
You can also _prevent_ the synchronization of organization roles from a given authentication provider. Learn more in our [skip org role sync]({{< relref "../setup-grafana/configure-grafana#authgrafana_com-skip_org_role_sync/" >}})! documentation.
## Reporting UI adapted to match the new navigation style
Jack Baldry
3 years ago
committed by