Access Logs from the Platform

Prerequisite: You need to create a logging pipeline first to access Grafana. To create one, see Set Up a Logging Pipeline Instance.

An observability platform is necessary for visualization and reporting purposes. IONOS uses Grafana to enable you to meet your visualization needs.

Note:

  • Once you have created a pipeline, you can access your Grafana instance by logging in with your IONOS credentials via our IAM SSO.

  • Your Grafana configurations and organization are associated with your contract number. If you have configured users with unique email addresses, they can access Grafana only with those specific email addresses linked to the contract number. Users cannot log into Grafana using any other email address unrelated to the contract.

Grafana access

Access to Grafana is linked to your logging or monitoring pipelines or central logging or monitoring and IAM Single Sign-On (SSO).

  • No pipelines or central logging or monitoring: Attempting to log in is blocked, and an error message is displayed. Create at least one pipeline first.

  • Active pipelines or central logging or monitoring: As soon as at least one pipeline is created through the DCD or API, login with your IONOS account is enabled, and you can use Grafana.

  • Deleted pipelines: If all pipelines are deleted and there are no central logging or monitoring instances, Grafana access remains for 30 days. After 30 days of inactivity, the following actions occur:

    • Grafana access is removed.

    • Service accounts are disabled, and tokens become invalid.

  • Returning after inactivity:

    • Creating a new pipeline after 30+ days restores Grafana access.

    • All users are created anew with admin rights and new UUIDs. You must reconfigure roles, permissions, and dashboards.

    • Service accounts are enabled, and tokens become operational again.

    • Team settings will also be restored, but users will need to be re-added to the team.

  • Central logging or monitoring users:

    • Having central logging or monitoring instances automatically grants Grafana access without manual pipeline creation.

    • Similarly, not having any pipelines, disabling central logging or monitoring, or not having any central logging or monitoring instances when there are no pipelines automatically removes Grafana access after 30 days of inactivity. Grafana access after 30 days of inactivity.

Troubleshooting login

If you are unable to log into Grafana, ensure:

  • The user is active and has access to the DCD.

  • The user has or has had a logging pipeline at least once within the last 30 days and is connected to the specified contract number.

  • The user has enabled central logging at least once within the last 30 days.

  • The user uses the correct email address associated with the contract number.

If the issue persists, contact IONOS Cloud Support.

Examples

  • Scenario: No pipelines or central logging or monitoring instances yet

    • Behavior: Login rejected with an error message "Sign up is disabled".

    • Resolution: Create a pipeline (DCD or API) or create a central logging or monitoring instance to enable access.

  • Scenario: Pipelines and central logging or monitoring instances deleted

    • Behavior: Access continues for 30 days; after that, access is revoked, users are removed, and service accounts are disabled; dashboards will be restored upon return.

    • Resolution: Create a new pipeline or central logging or monitoring instance within 30 days to maintain uninterrupted access.

  • Scenario: Central logging or monitoring instances are present

    • Behavior: Grafana access is granted immediately and remains available while the feature is active.

Obtain your Grafana URL

You can obtain your Grafana instance address by sending a GET request to the server. For more information, see Retrieve logging pipeline information. The response contains the grafanaAddress. This information remains the same for all your logging pipelines.

Using the URL in the grafanaAddress, you can access Grafana.

How to Restrict Grafana access

Access to Grafana via SSO depends on IAM and the pipeline lifecycle. To effectively restrict Grafana access:

  1. Remove or restrict the user in IAM for the relevant contract (so they cannot SSO).

  2. Remove the user from the Grafana organization to clean up roles and memberships.

Last updated

Was this helpful?