Hi, I’m trying to understand how the plugin framework in Grafana works when it comes to securing customer’s data. Is there anything in the plugin framework that prevents plugins from sending data to an external end-point - as an example?

There’s nothing in the framework that stops a panel plugin from making external requests, this applies to both panel and data source plugins. When we review each plugin, we do our best to look for tracking scripts and other suspicious activity, but I strongly recommend that you configure your netwo…

Thanks plsalvado for raising this question. Dear Grafana team, How we came know any of the installed plugin has any vulnerability and out-dated?

Wondering same, would be interested to know if there’s a mechanism of officially endorsed community plugins.

Good question. I am interesting to know how the plugins are secured from connecting to outside world

It will be helpful if anybody can answer plsalvado question, am also waiting for an answer. Thanks

That is an incredibly broad question. Are you talking about plugins hosted on the Grafana site specifically? @marcusolsson can give you the specifics regarding what checks they go through.

Thanks @marcusolsson that’s the answer I was looking for.

How secure are community built Grafana plugins?

Grafana

techies September 11, 2020, 5:08am 7

Hi @anon90859526,

Any update on this request?

Proxy configuration for out going connection

Topic		Replies	Views
Choice of grafana plugin Grafana plugins	5	494	March 31, 2021
Why are there so few 3rd Party Plugins for Grafana? Grafana Plugin Development	8	1843	March 25, 2021
How to use SecureJsonData and OAuth in a panel plugin Grafana Plugin Development auth , oauth	2	978	December 29, 2021
Grafana security related questions Grafana Plugin Development	0	392	February 21, 2020
Is it possible to make grafana charts visible in plug-in format rather than iframe even with grafana share Url alone? Grafana Plugin Development plugins	1	413	November 13, 2023

How secure are community built Grafana plugins?

Related topics