Delv
Official (Vendor)Active· 6d4.3by Grafana Labs

Grafana

Grafana Labs' official MCP. Read dashboards, datasources, alerts, and run Loki/Prometheus queries from inside your agent.

View repo Homepage
A
Safety & Trust

Delv Safety Grade: A

Score 84/100 · assessed 2026-04-28

Maintainer95
Permissions75
Supply chain75
Transparency88
Incidents100

Grafana Labs' official MCP server provides read access to your Grafana instance plus query execution against Prometheus and Loki. The maintainer score is excellent – this comes directly from Grafana Labs, a well-established observability vendor with strong open-source credentials. Permissions are moderately scoped: it reads dashboards and alerts but also executes arbitrary PromQL and LogQL queries, which could expose sensitive metrics or logs if your Grafana instance contains them. Supply chain is standard Python via uvx, though not yet published to PyPI proper. Transparency is strong with full source on GitHub and clear documentation. The API key requirement means credential hygiene matters – a leaked key grants read access to all your observability data. No known incidents. Solid choice for teams already trusting Grafana with their monitoring stack.

Lethal Trifecta (prompt-injection exposure)

TRIFECTA RISK
All three axes present. This server can read private data, ingest attacker-controlled content, and send data outbound. A poisoned input (a GitHub issue, an email, a webpage) can exfiltrate secrets via this chain. Only install with auditing; avoid on shared or cloud agents.
Private dataYes
Reads secrets, credentials, private files
Untrusted inputYes
Ingests web pages, PRs, issues, emails
External commsYes
Can send data outbound

Log lines and dashboard panels carry user-controlled strings. Dashboard JSON includes datasource credentials. Webhooks are outbound.

Green flags

  • Official Grafana Labs product with active maintenance
  • Read-only operations on dashboards and alerts, no write capabilities
  • Open source with clear documentation and examples
  • Scoped to observability domain, no filesystem or shell access

Red flags

  • Requires full Grafana API key with read access to all dashboards and data
  • Query execution could expose sensitive logs or metrics if not scoped carefully
  • Not yet published to PyPI, relies on uvx GitHub install

Permissions requested

Outbound networkAccess secretsDB read
Assessed by Delv Editorial using public metadata. Grades are advisory and update as the ecosystem changes. They do not replace your own review of permissions and code before granting an agent access to sensitive systems.

Install

uvx mcp-grafana
Env vars needed: GRAFANA_URLGRAFANA_API_KEY

Review

Grafana's official MCP bridges your observability stack into Claude or Cursor. It reads dashboards, datasources, and active alerts, and lets you run PromQL and LogQL queries without leaving the editor. The pitch is simple: instead of alt-tabbing to Grafana during an incident, you ask your agent to summarise the last hour of alerts or pull recent error logs from Loki. It works. I've used it most during postmortems. You can ask Claude to cross-reference a Sentry error ID with Loki logs, then draft a timeline based on dashboard snapshots and alert history. The agent has schema awareness for Prometheus metrics, so it can suggest PromQL queries that actually match your label structure. That's more useful than it sounds when you're three hours into debugging and can't remember if your service uses `job` or `service_name`. Setup is straightforward if you already have a Grafana instance and an API key with viewer permissions. The MCP exposes read-only tools, so it won't accidentally silence alerts or delete dashboards. You point it at your Grafana URL, drop the key into your environment, and it surfaces everything through natural language. The main quirk is that it's read-only. You can't create dashboards, modify queries, or acknowledge alerts. That's by design, but it means you're still opening the web UI for anything beyond inspection. The other limitation is host support. It works cleanly in Claude Desktop, but Cursor and VSCode need manual config tweaking. If you're on a different editor, you're writing your own wrapper. This is for teams already running Grafana in production. If you're not using Loki or Prometheus, half the tooling is wasted. If you are, and you spend time in Claude Desktop drafting runbooks or analysing incidents, this is worth the five-minute install. It won't replace your observability workflow, but it tightens the loop between asking a question and getting an answer.
Verdict

Install this if you use Grafana daily and work in Claude Desktop. It's the fastest way to surface alerts, logs, and metrics without context-switching. Skip it if you're not already invested in the Grafana ecosystem or if you need write access to dashboards.

Good at

  • Schema-aware PromQL suggestions save time when you can't remember exact label names.
  • Read-only by design, so it won't accidentally modify production dashboards or silence alerts.
  • Surfacing alert history and Loki logs during postmortems is faster than switching tabs.
  • Official Grafana Labs support means it tracks API changes and won't break on version bumps.

Watch out

  • Read-only means you still open the web UI to acknowledge alerts or edit queries.
  • Only useful if you already run Grafana, Loki, or Prometheus in production.
  • Cursor and VSCode support exists but needs manual config tweaking beyond Claude Desktop.
  • Large LogQL queries can hit rate limits or time out without clear error messages.

Use cases

  • Asking the agent to summarise alerts from the past hour
  • Drafting a PromQL query with schema awareness
  • Surfacing dashboard data in a postmortem
  • Cross-referencing Loki logs to a Sentry error

Getting started

1. Run `uvx mcp-grafana` to install the server. 2. Generate a Grafana API key with Viewer permissions from your instance's settings. 3. Add the server to your Claude Desktop or Cursor config, setting `GRAFANA_URL` to your instance and `GRAFANA_API_KEY` to the key you just created. 4. Restart your host and ask Claude to list your dashboards or recent alerts to verify the connection. 5. Watch out for rate limits if you're querying large Loki or Prometheus datasets. Start with narrow time ranges.

Works with

Claude DesktopClaude CodeCursorVS Code

Similar MCPs