Operationalizing Incident Observability via the Grafana PagerDuty Data Source and Alerting Integration

Published by TechMarmot Editorail Staff on | Category Grafana

The convergence of observability and incident response represents the pinnacle of modern Site Reliability Engineering (SRE). In a landscape defined by microservices, ephemeral Kubernetes pods, and distributed cloud architectures, the ability to not only detect a failure but to immediately contextualize it is the difference between a minor blip and a catastrophic outage. Grafana, acting as the centralized visualization layer, paired with PagerDuty, the industry standard for incident orchestration, creates a powerful ecosystem for managing operational health. This integration is not a monolithic entity; rather, it exists in two distinct functional dimensions: the Data Source plugin, which enables the visualization of historical and active incident data within Graf/dashboarding, and the Alerting Contact Point, which facilitates the real-time transmission of telemetry-driven triggers into the PagerDuty incident lifecycle. Mastering both dimensions requires an understanding of API authentication nuances, service-level configuration in PagerDuty, and the complex plumbing of notification templates.

Architectural Requirements and Licensing Tiers

Implementing the PagerDuty integration within a Grafana environment is not a universal feature available to all users; it is a specialized capability tied to specific enterprise-grade licensing models. Users must ensure their infrastructure meets the prerequisite criteria to avoid deployment failure during the plugin initialization phase.

The availability of the PagerDuty data source is governed by the following licensing structures:

Plan Type Availability Features and Limitations
Grafana Cloud Free Not Available Limited to 3 users; does not include Enterprise Plugins.
Grafana Cloud Pro Available Fully managed service; includes access to Enterprise Plugins.
Grafana Cloud Advanced Available Fully managed service; includes access to Enterprise Plugins.
Grafana Enterprise (On-Prem) Available Requires an activated license; allows for self-managed infrastructure.

For organizations running self-hosted instances, there is a strict versioning requirement. The PagerDuty data source requires Grafana version 11.6.7 or later. Attempting to deploy this plugin on deprecated versions of Grafana will result in compatibility errors during the grafana-cli installation process.

For those utilizing Grafana Cloud, the service is fully managed by Grafana Labs. This means the underlying plugin maintenance, updates, and scaling are handled by the provider, though the cost structure follows a per-user model, specifically $55 per user per month for usage exceeding the included tier in Pro and Advanced plans.

Data Source Configuration and Authentication Nuances

The PagerDuty data source plugin serves as a read-only bridge between the Grafana dashboard and the P Ast PagerDuty REST API. This allows engineers to query incident data, list and filter existing incidents, and—crucially—overlay incident timelines as annotations on top of metric-based graphs. This provides a visual correlation between a spike in CPU usage and the exact moment an incident was declared.

The API Key Pitfall: Authentication Errors and Resolution

A common and highly frustrating failure mode in setting up the data source involves the misuse of PagerDuty API keys. The Pager and PagerDuty interface provides multiple types of credentials, and using the incorrect one will lead to an authentication failure that is deceptively masked by a generic HTTP 400 error.

In a standard RESTful architecture, an HTTP 400 error indicates a Bad Request, suggesting a syntax or framing error in the request itself. However, in the context of the PagerDuty data source, an HTTP 400 often occurs when a user provides an "API Access Key" instead of a "REST API Key." The "API Access Keys" found under the Integrations > API Access Keys menu are insufficient for the data source's needs. To ensure a successful connection, the key must be a valid REST API key. Furthermore, because the plugin only requires read access to fetch incident details, it is a security best practice to generate a read-only API key to adhere to the principle of least privilege.

Step-by-Step Data Source Installation

To install the plugin on a local or self-managed Grafana instance, the following command must be executed via the terminal:

grafana-cli plugins install grafana-pagerduty-datasource

Once installed, the configuration of the data source follows these steps:

  1. Navigate to the Connections section in the left-hand Grafana menu.
  2. Select the Add new connection option.
  3. Search for "PagerDuty" in the search bar.
  4. Click on the PagerDuty entry to open the configuration editor.
  5. Input the required API key for authentication.
  6. Click Save & test.

A successful deployment will be confirmed by the specific notification: "PagerDuty API datasource connected successfully."

Infrastructure as Code: Provisioning via YAML and Terraform

For mature DevOps workflows, manual configuration is replaced by automated provisioning. The PagerDuty data source can be defined within Grafana's provisioning system using YAML files, ensuring that every environment (Dev, Staging, Prod) is identical.

An example of a YAML configuration for provisioning is provided below:

yaml apiVersion: 1 datasources: - name: PagerDuty type: grafana-pagerduty-datasource jsonData: auth: id: api_key secureJsonData: auth.api_key.apiKey: <API_KEY>

Alternatively, for organizations utilizing Terraform for infrastructure management, the grafana_data_source resource can be used to manage the plugin:

hcl resource "grafana_data_source" "pagerduty" { type = "grafana-pagerduty-datasource" name = "PagerDuty" json_data_encoded = jsonencode({ auth = { id = "api_key" } }) secure_json_data_encoded = jsonencode({ "auth.api_key.apiKey" = var.pagerduty_api_key }) }

Implementing the PagerDuty Alerting Contact Point

While the Data Source is used for visualization, the Contact Point is the mechanism for active notification. This process involves a bi-directional handshake between Grafana Alerting and PagerDuty's Events API V2.

PagerDuty Side Configuration: The Importance of Services

Before Grafana can send an alert, a destination must exist within PagerDuty. In PagerDuty, a "Service" is the fundamental unit of management, representing a specific microservice, database, or infrastructure component.

The setup procedure in Pager and PagerDuty is as follows:

  1. Access the Services menu in the PagerDuty top navigation bar.
  2. Initiate the creation of a new Service.
  3. During the configuration of the service, specifically choose the option to "Create a service without an integration" to allow for manual integration setup.
  4. Once the service is created, navigate to the Integrations tab within that service's options.
  5. Click + Add an integration.
  6. Select the "Events API V2" integration type.
  7. Click Add.
  8. Expand the integration details via the drop-down arrow.
  9. Copy the "Integration Key" (this is distinct from the REST API key used for the data source).

Grafana Side Configuration: Creating the Contact Point

Once the Integration Key is secured, you must configure the Grafana Alerting engine to utilize this key:

  1. In the Grafable Grafana interface, navigate to Alerts & IRM > Alerting > Notification configuration.
  2. Select the Contact points tab.
  3. Click + Add contact point.
  4. Assign a descriptive name to the contact point.
  5. From the Integration list, select PagerDuty.
  6. Paste the Integration Key obtained from the PagerDuty service setup into the Integration Key field.
  7. Execute a Test to confirm the integration is functional. If successful, an incident will appear in the Service’s Activity tab within the PagerDuty UI.
  8. Click Save contact point.

Linking Contact Points to Alert Rules

A contact point is inert until it is attached to an active alert rule. To complete the pipeline:

  1. Navigate to Alerting > Alert rules.
  2. Select an existing rule to edit or create a new rule.
  3. Scroll to the "Configure labels and notifications" section.
  4. Under the Notifications sub-section, click Select contact point.
  5. Choose the PagerDuty contact point created in the previous steps.
  6. Save the rule.

Advanced Troubleshooting: The Data Payload Gap

A significant challenge encountered by engineers is the "Information Loss" phenomenon when alerts traverse multiple integrations. A common scenario involves an alert flowing from Grafana to PagerDuty (via Events API V2) and then from PagerDuty to Slack.

While the PagerDuty incident view correctly displays rich, custom metadata, the downstream Slack notification often remains stripped of context. For instance, an engineer might see that a "Pod CrashLoopBackOff Alert" has occurred, but the critical context—such as the namespace, pod name, cluster ID, or a link to the runbook—is missing from the Slack message.

In this architecture, the data flow is:

  • Grafana Alert (contains labels: namespace: production, pod: api-service-7d9c5-xyz)
  • PagerDuty Incident (receives and stores all labels)
  • Slack Notification (displays only basic service and urgency info)

This issue occurs because the PagerDuty-to-Slack integration often lacks the configuration to parse and display the custom_details field. While some attempts can be made in Grafana by mapping details to templates like {{ .CommonLabels.namespace }}, if the PagerDuty Slack integration is not configured to expose these extensions, the data will remain hidden in the PagerDuty UI, forcing engineers to leave their communication channels to investigate the incident.

Analytical Conclusion

The integration of Grafana and PagerDuty is a dual-purpose implementation that requires distinct configurations for observability (Data Source) and actionability (Contact Point). The architectural complexity lies in the management of two different types of credentials: the REST API key for querying and the Events API V2 Integration Key for alerting. Failure to distinguish between these keys, or between PagerDuty's "API Access Keys" and "Integration Keys," is the most frequent cause of deployment failure.

Furthermore, the effectiveness of this integration is heavily dependent on the end-to-end visibility of metadata. While the integration can successfully trigger an incident, the true value for an on-call engineer is realized only when the rich context of the Grafana alert (labels, runbooks, and severity) is preserved through the PagerDuty-to-Slack relay. A truly mature implementation requires not just the connectivity of these tools, but the rigorous configuration of notification templates and integration extensions to ensure that critical context is never lost in transit.

Sources

  1. PagerDuty data source
  2. Grafana PagerDuty Plugin Marketplace
  3. Configure PagerDuty Contact Points
  4. PagerDuty Community: Custom Details in Slack
  5. Configuring PagerDuty Integration in Grafana Alerting

Related Posts