AI/ML Observability 2026-04-13

Business metrics in Grafana Cloud: Get an AI assist to help securely analyze your data

Grafana Blog

Grafana's Private Data Source Connect pattern represents a meaningful architectural shift for teams trying to unify observability and business analytics without exposing private databases. The core technical challenge it addresses is real: you want to query production PostgreSQL instances from a SaaS observability platform, but opening database ports to the internet or managing VPN infrastructure is operationally expensive and introduces security risk.

PDC deploys a lightweight agent inside your private network that establishes an outbound SSH tunnel to Grafana Cloud. All database queries route through this encrypted tunnel. The key architectural advantage is that your database never accepts inbound connections from the public internet—the agent initiates the tunnel, which sidesteps firewall rules and reduces attack surface. This is conceptually similar to how Teleport or Tailscale handle zero-trust access, but purpose-built for data source connectivity rather than SSH or application access.

The practical tradeoff is latency and query performance. Every SQL query now traverses an SSH tunnel to Grafana Cloud, gets processed, and returns through the same path. For high-cardinality analytical queries against large PostgreSQL tables, this round-trip can add noticeable overhead compared to querying a local replica or read-only follower. Teams running complex joins or aggregations over millions of rows should benchmark query performance carefully. The agent itself is stateless and can be scaled horizontally, but you're still constrained by tunnel throughput and the query execution time on the database itself.

The Grafana Assistant integration is where this gets interesting for non-SQL practitioners, but also where expectations need calibration. The LLM translates natural language prompts into SQL and suggests visualizations. For straightforward queries like "show me top 5 countries by happiness score," this works reliably. The assistant understands schema structure and can generate correct SELECT statements with WHERE clauses and ORDER BY logic.

However, the quality degrades rapidly with query complexity. Multi-table joins, window functions, or queries requiring domain-specific business logic often produce incorrect SQL or require multiple refinement iterations. The assistant doesn't maintain query context across sessions, so you can't iteratively build complex analytical queries conversationally. It's better thought of as an SQL autocomplete tool than a true analytical copilot. For production dashboards, expect to hand-edit the generated SQL and validate results against known ground truth before deploying.

The Terraform blueprint Grafana provides is genuinely useful for teams adopting this pattern. It provisions an RDS PostgreSQL instance in a private VPC, deploys the PDC agent, and configures the Grafana data source with appropriate access policies. The infrastructure-as-code approach means you can replicate this setup across environments consistently. The main gotcha is IAM permissions—the service account needs both Grafana Admin role and specific Cloud Access Policy scopes including stacks:read and accesspolicies:read. Missing either will cause cryptic authentication failures when the agent attempts to establish the tunnel.

Cost-wise, the PDC agent itself is lightweight, but you're paying for RDS uptime, data transfer through the tunnel, and Grafana Cloud query volume. For teams already running PostgreSQL for operational data, adding PDC connectivity is marginal cost. For teams considering PostgreSQL specifically to enable business analytics in Grafana, compare this against embedding Metabase or Superset directly in your infrastructure—those tools may offer richer SQL editing and query optimization features without the tunnel overhead.

The real value proposition is consolidation. If your team already uses Grafana Cloud for metrics and traces, extending it to business analytics via PDC eliminates tool sprawl. You get unified dashboards correlating infrastructure metrics with business KPIs, single sign-on, and consistent access control. The assistant lowers the barrier for product managers or analysts to build basic dashboards without SQL expertise, though engineering review remains necessary for production use.

Read original source →

Related Articles

OpenLIT Operator enables automatic OpenTelemetry instrumentation injection into Kubernetes pods running AI workloads without code changes, allowing teams to monitor LLM costs, latency, token usage, and agent workflows through Grafana Cloud's pre-built dashboards. This zero-code approach eliminates instrumentation maintenance burden across multiple LLM providers and frameworks while maintaining vendor neutrality through OpenTelemetry standards.

Grafana Blog

Kensho built Grounding, a LangGraph-based multi-agent framework that routes natural language queries to specialized Data Retrieval Agents across fragmented financial datasets, then aggregates responses—demonstrating that production multi-agent systems require three critical components: embedded observability/tracing for debugging, multi-stage evaluation metrics (routing accuracy, data quality, completeness), and standardized protocols for consistent agent communication at scale.

LangChain Blog

Grafana Cloud's query fair usage policy allows 100x monthly ingested log volume in free queries; exceeding this triggers overage billing calculated as max(ingested GB, queried GB / 100), making it critical to monitor query sources via the Loki dashboard and optimize alerting rules and query patterns to avoid unexpected costs.

Grafana Blog

This guide demonstrates how to instrument Model Context Protocol (MCP) servers with OpenLIT and monitor them in Grafana Cloud, enabling end-to-end tracing and performance visibility across agent-to-tool interactions. For teams building agentic systems, this addresses critical observability gaps—latency attribution, silent failures, and resource optimization—through standardized OpenTelemetry instrumentation with minimal code overhead.

Grafana Blog

OpenRouter's Broadcast feature automatically sends OpenTelemetry traces to Grafana Cloud without code changes, enabling production LLM teams to monitor token costs, latency profiles, model routing decisions, and non-deterministic failures through a unified observability layer rather than scattered application logging. This infrastructure-level tracing addresses the unique monitoring challenges of multi-model deployments where cost visibility, latency variability, and provider-specific failures require observability beyond traditional application metrics.

Grafana Blog