ceven

Grafana

Monitors your infrastructure health by pulling metrics and logs into workflows, detects anomalies in real time, and alerts your team before users report an outage.

Try Grafana in Ceven

Ask Ceven anything
Standard

Why use Ceven?

  1. AI native Grafana integration

    • Describe the outcome and Ceven picks the right Grafana calls, fills the parameters, and checks the result.
    • Structured, agent friendly tool schemas so each call runs reliably instead of by guesswork.
    • Rich coverage for reading, writing, and querying your Grafana data, across all 11 of its actions.

  2. Managed auth

    • Built in OAuth with automatic token refresh and rotation.
    • One place to manage, scope, and revoke Grafana access.
    • Per user and per environment credentials instead of shared keys.

  3. Agent optimized design

    • Actions are tuned from real success and error rates so reliability climbs over time.
    • Full execution logs so you always know what ran in Grafana, when, and on whose behalf.
    • The agent pauses and asks when Grafana is unclear instead of plowing ahead.

  4. Enterprise grade security

    • Fine grained access so you control which agents and people can reach Grafana.
    • Least privilege by default, read scopes first and only the writes a workflow needs.
    • A full audit trail of every Grafana action to support review and sign off.

Supported tools

Every action Ceven's agents can run on Grafana, and when to use it.

Create OTLP Logs
Use this when you need to send OpenTelemetry Protocol logs to Grafana Loki for ingestion and storage.
Get Distributor HA Tracker
Retrieve distributor HA tracker status to check which replica is the leader for each Prometheus HA cluster.
Get Grafana Health Status
Check if the Grafana web server is running and has database connectivity. Returns ok if healthy.
Get Index Gateway Ring Status
Pull the hash ring status from Grafana Loki to see the health and heartbeat time of each gateway.
Get Overrides Exporter Ring
Retrieve the overrides exporter hash ring status as an HTML page to check instance heartbeats.
Get Ruler Ring Status
Pull the ruler ring status from Grafana Mimir to check the distributed hash ring topology.
Get License Status
Verify if a valid Grafana Enterprise license is currently available for the instance.
Get Store Gateway Tenants
List all tenants that have blocks stored in the configured store gateway storage.
Post ACS
Perform a SAML Assertion Consumer Service operation to process identity provider responses.
Query Public Dashboard Panel
Fetch time series data and metrics from a public Grafana dashboard panel without authentication.
Retrieve JWKS
Pull the JSON Web Key Set containing all public keys used for JWT token verification.
Create OTLP v1 Logs
Tool to create OTLP v1 logs in Grafana Loki. Use when you need to send OpenTelemetry Protocol logs to Grafana for ingestion and storage.

12 actions · scroll to see them all

Frequently asked questions

Ceven connects to your Grafana instance using API tokens or service accounts depending on your version. You generate a token with the required viewer or editor permissions in your Grafana security settings and provide it to Ceven. We store this token encrypted and use it in the authorization header for every request. For public dashboards, the agent can bypass authentication entirely using the public panel query tool, but any action involving ring status or license checks requires a valid token. You can rotate these tokens at any time in your Grafana dashboard, and updating the token in Ceven immediately restores connectivity.
Yes. You can build a workflow that polls the Get Index Gateway Ring Status action on a schedule. The agent analyzes the heartbeat times and state of each gateway in the ring. If the agent detects that a member is missing or the heartbeat has lagged beyond your defined threshold, it can trigger a secondary action like sending a PagerDuty alert or opening a Jira ticket. Because Ceven has the context of the whole ring, it can tell you exactly which node is failing rather than just sending a generic alert that something is wrong with Loki.
When using the Query Public Dashboard Panel action, you are limited to panels that have been explicitly shared via a public link. This means you cannot pull data from private dashboards unless you use a full API token. Additionally, public panels only provide the data currently rendered in that specific visualization. If you need to change the time range or filter the data dynamically, you must use the internal API endpoints which require higher permission levels. This is a built in security feature of Grafana to prevent accidental exposure of sensitive infrastructure metrics to the open web.
Ceven uses the Create OTLP Logs action to push structured event data directly into Grafana Loki. When a workflow encounters an error or reaches a critical milestone, the agent formats that event into the OpenTelemetry Protocol and sends it to your Loki endpoint. This allows you to correlate workflow execution logs with your system metrics in a single Grafana dashboard. You do not need to set up a separate Promtail or Fluentbit agent for these specific logs because Ceven acts as the producer, sending the data directly via the API for immediate ingestion.
Ceven can monitor your license status using the Get License Status action, but it cannot purchase or renew licenses. The agent can be configured to check the expiration date of your Grafana Enterprise license every week and send a reminder to your finance team if the license is set to expire within thirty days. This prevents unexpected outages of enterprise features like fine grained access control or advanced plugins. It is a read only check that ensures your observability stack stays operational without manual auditing.
Grafana does not impose a global API rate limit, but your specific deployment might have limits configured at the reverse proxy or load balancer level. If Ceven hits a 429 Too Many Requests response, the agent implements an exponential backoff strategy to retry the request. For very large environments with thousands of tenants, calling Get Store Gateway Tenants frequently can put pressure on the store gateway. We recommend scheduling these heavy read operations during off peak hours or increasing the polling interval in your workflow settings to maintain system stability.
The Post ACS action allows Ceven to act as a bridge for SAML Assertion Consumer Service operations. This is primarily used in complex identity workflows where an external system handles the initial authentication and needs to pass the SAML assertion to Grafana to establish a session. The agent takes the assertion from your identity provider and posts it to the Grafana ACS endpoint. This is useful for automating the setup of temporary user sessions or integrating Grafana into a larger custom authentication portal where a seamless sign on experience is required for your engineers.
Ceven cannot directly restart your servers, but it provides the critical data needed to automate the fix. By using the Get Distributor HA Tracker, the agent identifies which replica is the leader and which are lagging. You can then chain this with a script in your CI CD tool or a cloud provider API to restart the unhealthy replica. The agent monitors the ring status in real time and can confirm when the replica has successfully rejoined the cluster and been elected as a healthy member, closing the incident ticket automatically.

Alternatives to Grafana

Other tools that solve a similar problem. Ceven supports these too, so you can switch or run more than one at once.

Datadog logoDatadogNew Relic logoNew RelicDynatrace logoDynatrace

Try Ceven on your stack

Plug Ceven on top of the tools you already run. Connect Grafana and the rest of your stack, describe the outcome, and its agents handle the work end to end, days of it in minutes.

Get started for free