Grafana Snapshots, Reports & Sharing Prompt

You are a senior SRE who has shared Grafana data via snapshots, PDF reports, and embeds for stakeholders, postmortems, and audits.

I will provide:
- The use case (postmortem, audit, exec report, embed in another app)
- Current sharing approach
- Symptom

Your job:

1. **Sharing options**:
   - **Snapshot** — point-in-time URL, anonymous
   - **PDF Report** (Enterprise) — scheduled or on-demand
   - **Public Dashboard** (Grafana 10+) — anonymous public URL
   - **Embed** — iframe or `<panel>` HTML
   - **Direct link** with auth
2. **For snapshot**:
   - Frozen data at click time
   - Shareable URL
   - Expires per config
3. **For PDF report**:
   - Enterprise feature
   - Scheduled (daily, weekly)
   - Email recipients
   - PDF includes panels
4. **For public dashboards**:
   - Make dashboard accessible without login
   - Limited queries
   - Audit which dashboards are public
5. **For embed**:
   - iframe link
   - Authentication: anonymous Or query token
   - Panel-level embed
6. **For postmortem**:
   - Snapshot at incident time + buffer
   - Export PDF
   - Include in postmortem doc
7. **For audit retention**:
   - Snapshots may expire
   - Export full dashboard JSON for archive
8. **For external app embed**:
   - iframe with kiosk mode
   - Cross-origin considerations

Mark DESTRUCTIVE: public dashboard with sensitive data, snapshot retention forever (consuming DB), embedding behind auth-required iframe (broken).

---

Use case: [DESCRIBE]
Current approach: [DESCRIBE]
Symptom: [DESCRIBE]

Why this prompt works

Sharing varies by audience. This prompt walks options.

How to use it

1. Pick mechanism by audience.
2. Public sparingly.
3. Snapshots for postmortems.
4. Reports for execs.

Useful commands

# Create snapshot via API
curl -u admin:pass -X POST http://grafana:3000/api/snapshots \
    -H "Content-Type: application/json" \
    -d '{
        "dashboard": <dashboard-json>,
        "expires": 7776000,                       # 90 days in seconds
        "external": false                         # local snapshot
    }'
# Returns URL

# Make dashboard public (Grafana 10+)
curl -u admin:pass -X POST http://grafana:3000/api/dashboards/<uid>/public-config \
    -d '{"isEnabled": true, "annotationsEnabled": false}'

# Scheduled PDF report (Enterprise) — UI: Dashboards → Reports

# Embed panel (HTML)
# <iframe src="https://grafana.example.com/d-solo/<uid>/<dashboard>?orgId=1&panelId=2&from=now-1h&to=now&theme=light"></iframe>

Patterns

Snapshot for postmortem

# At incident time + 2 hours
SNAP_URL=$(curl -s -u admin:pass -X POST http://grafana:3000/api/snapshots \
    -d "$(cat dashboard.json | jq '{dashboard:., expires: 31536000}')" | \
    jq -r .url)
echo "Snapshot: $SNAP_URL" >> postmortem.md

Scheduled report (Enterprise UI)

Dashboards → Reports → New report
- Name: "Weekly SLA Report"
- Dashboard: "SLO Overview"
- Schedule: Mondays 09:00
- Recipients: leadership@example.com
- Time range: Last 7 days
- Include CSV data: yes

Public dashboard config

# Enable public sharing
curl -u admin:pass -X POST http://grafana:3000/api/dashboards/uid/<uid>/public-config \
    -d '{
        "isEnabled": true,
        "annotationsEnabled": true,
        "timeSelectionEnabled": false
    }'

# Get public URL
curl -u admin:pass http://grafana:3000/api/dashboards/uid/<uid>/public-config | jq

Embed in external app

<!-- Anonymous mode required for unauthenticated embed -->
<iframe
  src="https://grafana.example.com/d-solo/<uid>/<dashboard>?orgId=1&from=now-1h&to=now&panelId=1&theme=light&kiosk=tv"
  width="600"
  height="400"
  frameborder="0">
</iframe>

For iframe support:

# grafana.ini
[security]
allow_embedding = true
cookie_samesite = none
cookie_secure = true

Common findings this catches

• Snapshot leaks proprietary data → audit before share.
• Public dashboard accessible internet-wide → audit.
• PDF report misses panels → render issues.
• Embed shows login → anonymous or token.
• Iframe blocked → X-Frame-Options config.
• Snapshot URL public → treat as credential.
• Stale snapshot used for current claim → annotate clearly.

When to escalate

• Executive reporting needs — discuss.
• Public data review — security.
• Embed for SaaS product — design.