Sharing Grafana dashboards publicly is a lot like leaving your front door unlocked, but with potentially more interesting data.
Let’s see what this looks like in practice. Imagine a simple Prometheus setup collecting some basic HTTP request metrics.
{
"datasource": "prometheus",
"targets": [
{
"expr": "rate(http_requests_total{job=\"my-app\"}[5m])",
"legendFormat": "{{method}} {{path}}",
"refId": "A"
}
],
"title": "Public HTTP Request Rate",
"panels": [
{
"type": "timeseries",
"title": "Request Rate",
"gridPos": {
"x": 0,
"y": 0,
"w": 12,
"h": 8
},
"targets": [
{
"expr": "rate(http_requests_total{job=\"my-app\"}[5m])",
"legendFormat": "{{method}} {{path}}",
"refId": "A"
}
],
"id": 1
}
],
"version": 7
}
If you were to snapshot this dashboard with the "Public Snapshot" option enabled, Grafana would generate a unique, shareable URL. Anyone with that URL could then access this dashboard, seeing the current state of the request rate for my-app as scraped by Prometheus. This is useful for quick, temporary sharing with external teams or for embedding on a public status page.
The core problem Grafana’s snapshotting feature solves is the need for ephemeral, read-only access to dashboard data without requiring users to have their own Grafana accounts or direct access to the underlying data sources. It’s a lightweight way to communicate operational status or present specific data views.
Internally, when you create a public snapshot, Grafana serializes the dashboard’s current state (panels, queries, time range, variables, etc.) into a JSON object. This JSON, along with the current data fetched from the data sources for that time range, is then stored, often in a dedicated snapshot repository or even directly within Grafana’s database depending on configuration. A unique ID is generated for this snapshot, and a URL is constructed pointing to Grafana’s snapshot viewer. When someone accesses this URL, Grafana retrieves the stored JSON and data and renders it as if it were a live dashboard, but without any live querying.
The primary lever you control is the "Snapshot Retention" setting in your grafana.ini or via environment variables. This dictates how long these public snapshots persist before being automatically deleted. For example, setting snapshot_snapshot_public_expiry_days = 7 means any public snapshot will automatically expire and be removed after seven days. This is crucial for managing data privacy and preventing old, potentially sensitive information from remaining accessible indefinitely.
You might not realize that by default, snapshot data is not anonymized. If your dashboard queries contain sensitive information in the query string or if the data itself is sensitive, it will be embedded directly into the snapshot data. Therefore, carefully consider what data is being displayed before enabling public snapshotting.
The next concept you’ll likely explore is using Grafana alerting to automatically trigger notifications based on dashboard metrics, moving from passive sharing to proactive communication.