VERIFIED

Grafana

Safety: 55/100

0.0(0)

The Grafana MCP server provides a secure interface to manage Grafana instances and related ecosystems, offering read and write access to dashboards, datasources, alerts, and more.

MCP ServersData & DatabasesUtilitiesDevelopmentSearch & WebProductivityCommunicationAI & LLMCloud & InfrastructureFreemium

Boost this tool

Subscribe to listing upgrades or segmented pushes.

Overview

The Grafana MCP server provides a secure interface to manage Grafana instances and related ecosystems, offering read and write access to dashboards, datasources, alerts, and more.

The Grafana MCP server's safety depends heavily on configuration. When used with strict RBAC and only necessary tools enabled, it can be relatively safe. However, enabling admin tools or granting broad permissions significantly increases the risk of unintended or malicious actions.

Performance depends on the complexity of the queries and the size of the dashboards. Large dashboards can consume significant context window space and processing time.

Cost depends on the number of API calls and the resources consumed by the Grafana instance. Consider optimizing queries and limiting the scope of operations.

HybridGo2,299 starsApache-2.0Released 2/12/2026CI/CD

Connections & Capabilities

Connects To

GitHubDockerKubernetes

Capabilities

ReadWriteExecAdmin

Client Compatibility

Claude Desktop

full

Cursor

full

Windsurf

untested

VS Code (Copilot)

full

Quickstart

Claude Desktop Config

{
  "mcpServers": {
    "grafana": {
      "command": "mcp-grafana",
      "args": [],
      "env": {
        "GRAFANA_URL": "http://localhost:3000",
        "GRAFANA_USERNAME": "<your username>",
        "GRAFANA_PASSWORD": "<your password>",
        "GRAFANA_ORG_ID": "2"
      }
    }
  }
}

Environment Variables

GRAFANA_URLGRAFANA_API_KEYGOBIN

Tools (7)

safe

search_dashboards

Find dashboards based on title or other metadata.

Read-only operation, no side effects.

safe

get_dashboard_by_uid

Retrieve full dashboard details using its unique identifier.

Read-only operation, but large dashboards can consume significant context window space.

high

update_or_create_a_dashboard

Modify existing dashboards or create new ones.

Requires full dashboard JSON, potentially leading to unintended modifications or corruption.

safe

query_prometheus

Execute PromQL queries against Prometheus datasources.

Read-only operation, but poorly crafted queries can impact performance.

safe

list_users

View all users in an organization in Grafana.

Read-only operation, but exposes user information.

critical

delete_alert_rules

Remove alert rules by UID.

Destructive operation that can disrupt monitoring and alerting.

moderate

get_panel_image

Render a Grafana dashboard panel or full dashboard as a PNG image.

Requires Grafana Image Renderer, potential for resource exhaustion if abused.

Security

Auth Method

API Key

Data Locality

hybrid

Scopes

datasources:*dashboards:*folders:*teams:*

Known Risks

!Overly permissive RBAC configurations can lead to unauthorized access and modifications.
!Exposure of API keys can grant attackers full control over the Grafana instance.
!Unvalidated input to query tools can lead to injection attacks.
!Enabling unnecessary tools increases the attack surface.

Safety Score

moderate risk

Positive

+Granular RBAC permissions allow for least-privilege access.
+Tools can be selectively enabled or disabled to reduce the attack surface.
+Several tools offer read-only access, minimizing potential damage.
+Context window management strategies help limit exposure of sensitive data.

Risks

-Many tools allow write operations, potentially leading to unintended modifications.
-Admin tools, if enabled, grant extensive control over the Grafana instance.
-Improperly configured RBAC can lead to privilege escalation.
-Some tools require access to sensitive data, such as dashboard JSON and datasource credentials.

Use Cases

Dashboard Management

-Automated dashboard creation and updates
-Programmatic extraction of dashboard properties
-Bulk modification of dashboard panels

Alerting Automation

-Programmatic creation and management of alert rules
-Automated notification configuration
-Integration with incident management systems

Data Analysis and Exploration

-Automated querying of Prometheus and Loki
-Extraction of log patterns and anomalies
-Generation of custom reports and visualizations

User and Team Management

-Automated user provisioning and deprovisioning
-Programmatic team creation and management
-RBAC configuration and auditing

Who Is This For?

Best For

Automated Grafana configuration management
Programmatic access to Grafana data and functionality
Integration with CI/CD pipelines
Centralized management of multiple Grafana instances

Not Ideal For

Ad-hoc exploration of Grafana data
Tasks requiring real-time interaction with the Grafana UI
Environments with strict security requirements and limited RBAC capabilities

Autonomy & Execution

Default ModeConfigurable

Destructive Tools

Autonomy is highly dependent on the enabled tools and configured RBAC permissions. Exercise caution when granting broad access.

StatelessYes

Retry LogicNot documented

ConcurrencyNot documented

Production Tip

Implement robust error handling and logging to track actions performed by the MCP server.

FAQ

What is the purpose of the Grafana MCP server?

It provides a programmatic interface to manage Grafana instances and related ecosystems.

What authentication methods are supported?

API keys are the primary authentication method.

How do I enable or disable specific tools?

Use the `--enable-tools` and `--disable-tools` flags when starting the server.

What RBAC permissions are required for each tool?

Refer to the RBAC Permissions section in the README for a detailed list.

How can I limit the context window usage?

Use `get_dashboard_summary` and `get_dashboard_property` instead of `get_dashboard_by_uid` when possible.

Is it safe to enable all tools?

Enabling all tools increases the attack surface and should be avoided in production environments.

How do I troubleshoot errors?

Check the Grafana server logs and the MCP server logs for error messages.

Key Features

Data & Databases Utilities Development Search & Web Productivity Communication AI & LLM Cloud & Infrastructure

Metrics

Discovered2/14/2026

Reviews0

Saved By0 users

Related Tools

Grafana | AI Builder Hub Review & Alternatives | Flaex AI