This is documentation for the next version of Agent. For the latest stable release, go to the latest version.

Open source


otelcol.exporter.otlp accepts telemetry data from other otelcol components and writes them over the network using the OTLP gRPC protocol.

NOTE: otelcol.exporter.otlp is a wrapper over the upstream OpenTelemetry Collector otlp exporter. Bug reports or feature requests will be redirected to the upstream repository, if necessary.

Multiple otelcol.exporter.otlp components can be specified by giving them different labels.


otelcol.exporter.otlp "LABEL" {
  client {
    endpoint = "HOST:PORT"


otelcol.exporter.otlp supports the following arguments:

timeoutdurationTime to wait before marking a request as failed."5s"no


The following blocks are supported inside the definition of otelcol.exporter.otlp:

clientclientConfigures the gRPC server to send telemetry data to.yes
client > tlstlsConfigures TLS for the gRPC
client > keepalivekeepaliveConfigures keepalive settings for the gRPC
sending_queuesending_queueConfigures batching of data before
retry_on_failureretry_on_failureConfigures retry mechanism for failed
debug_metricsdebug_metricsConfigures the metrics that this component generates to monitor its

The > symbol indicates deeper levels of nesting. For example, client > tls refers to a tls block defined inside a client block.

client block

The client block configures the gRPC client used by the component.

The following arguments are supported:

endpointstringhost:port to send telemetry data to.yes
compressionstringCompression mechanism to use for requests."gzip"no
read_buffer_sizestringSize of the read buffer the gRPC client to use for reading server
write_buffer_sizestringSize of the write buffer the gRPC client to use for writing requests."512KiB"no
wait_for_readybooleanWaits for gRPC connection to be in the READY state before sending data.falseno
headersmap(string)Additional headers to send with the request.{}no
balancer_namestringWhich gRPC client-side load balancer to use for requests.pick_firstno
authoritystringOverrides the default :authority header in gRPC requests from the gRPC
authcapsule(otelcol.Handler)Handler from an otelcol.auth component to use for authenticating

By default, requests are compressed with gzip. The compression argument controls which compression mechanism to use. Supported strings are:

  • "gzip"
  • "zlib"
  • "deflate"
  • "snappy"
  • "zstd"

If compression is set to "none" or an empty string "", no compression is used.

The supported values for balancer_name are listed in the gRPC documentation on Load balancing:

  • pick_first: Tries to connect to the first address, uses it for all RPCs if it connects, or tries the next address if it fails (and keeps doing that until one connection is successful). Because of this, all the RPCs will be sent to the same backend.
  • round_robin: Connects to all the addresses it sees and sends an RPC to each backend one at a time in order. For example, the first RPC is sent to backend-1, the second RPC is sent to backend-2, and the third RPC is sent to backend-1.

The :authority header in gRPC specifies the host to which the request is being sent. It’s similar to the Host header in HTTP requests. By default, the value for :authority is derived from the endpoint URL used for the gRPC call. Overriding :authority could be useful when routing traffic using a proxy like Envoy, which makes routing decisions based on the value of the :authority header.

An HTTP proxy can be configured through the following environment variables:


The HTTPS_PROXY environment variable specifies a URL to use for proxying requests. Connections to the proxy are established via the HTTP CONNECT method.

The NO_PROXY environment variable is an optional list of comma-separated hostnames for which the HTTPS proxy should not be used. Each hostname can be provided as an IP address (, an IP address in CIDR notation (, a domain name (, or *. A domain name matches that domain and all subdomains. A domain name with a leading “.” ( matches subdomains only. NO_PROXY is only read when HTTPS_PROXY is set.

Because otelcol.exporter.otlp uses gRPC, the configured proxy server must be able to handle and proxy HTTP/2 traffic.

tls block

The tls block configures TLS settings used for the connection to the gRPC server.

The following arguments are supported:

ca_filestringPath to the CA
ca_pemstringCA PEM-encoded text to validate the server
cert_filestringPath to the TLS
cert_pemstringCertificate PEM-encoded text for client
insecure_skip_verifybooleanIgnores insecure server TLS
include_system_ca_certs_poolbooleanWhether to load the system certificate authorities pool alongside the certificate authority.falseno
insecurebooleanDisables TLS when connecting to the configured
key_filestringPath to the TLS certificate
key_pemsecretKey PEM-encoded text for client
max_versionstringMaximum acceptable TLS version for connections."TLS 1.3"no
min_versionstringMinimum acceptable TLS version for connections."TLS 1.2"no
cipher_suiteslist(string)A list of TLS cipher suites that the TLS transport can use.[]no
reload_intervaldurationThe duration after which the certificate is reloaded."0s"no
server_namestringVerifies the hostname of server certificates when

If the server doesn’t support TLS, you must set the insecure argument to true.

To disable tls for connections to the server, set the insecure argument to true.

If reload_interval is set to "0s", the certificate never reloaded.

The following pairs of arguments are mutually exclusive and can’t both be set simultaneously:

  • ca_pem and ca_file
  • cert_pem and cert_file
  • key_pem and key_file

If cipher_suites is left blank, a safe default list is used. See the Go TLS documentation for a list of supported cipher suites.

NOTE: otelcol.exporter.otlp uses gRPC, which does not allow you to send sensitive credentials (like auth) over insecure channels. Sending sensitive credentials over insecure non-TLS connections is supported by non-gRPC exporters such as otelcol.exporter.otlphttp.

keepalive block

The keepalive block configures keepalive settings for gRPC client connections.

The following arguments are supported:

ping_waitdurationHow often to ping the server after no
ping_response_timeoutdurationTime to wait before closing inactive connections if the server does not respond to a
ping_without_streambooleanSend pings even if there is no active stream

sending_queue block

The sending_queue block configures an in-memory buffer of batches before data is sent to the gRPC server.

The following arguments are supported:

enabledbooleanEnables an in-memory buffer before sending data to the client.trueno
num_consumersnumberNumber of readers to send batches written to the queue in parallel.10no
queue_sizenumberMaximum number of unwritten batches allowed in the queue at the same time.1000no

When enabled is true, data is first written to an in-memory buffer before sending it to the configured server. Batches sent to the component’s input exported field are added to the buffer as long as the number of unsent batches doesn’t exceed the configured queue_size.

queue_size determines how long an endpoint outage is tolerated. Assuming 100 requests/second, the default queue size 1000 provides about 10 seconds of outage tolerance. To calculate the correct value for queue_size, multiply the average number of outgoing requests per second by the time in seconds that outages are tolerated. A very high value can cause Out Of Memory (OOM) kills.

The num_consumers argument controls how many readers read from the buffer and send data in parallel. Larger values of num_consumers allow data to be sent more quickly at the expense of increased network traffic.

retry_on_failure block

The retry_on_failure block configures how failed requests to the gRPC server are retried.

The following arguments are supported:

enabledbooleanEnables retrying failed requests.trueno
initial_intervaldurationInitial time to wait before retrying a failed request."5s"no
max_elapsed_timedurationMaximum time to wait before discarding a failed batch."5m"no
max_intervaldurationMaximum time to wait between retries."30s"no
multipliernumberFactor to grow wait time before retrying.1.5no
randomization_factornumberFactor to randomize wait time before retrying.0.5no

When enabled is true, failed batches are retried after a given interval. The initial_interval argument specifies how long to wait before the first retry attempt. If requests continue to fail, the time to wait before retrying increases by the factor specified by the multiplier argument, which must be greater than 1.0. The max_interval argument specifies the upper bound of how long to wait between retries.

The randomization_factor argument is useful for adding jitter between retrying agents. If randomization_factor is greater than 0, the wait time before retries is multiplied by a random factor in the range [ I - randomization_factor * I, I + randomization_factor * I], where I is the current interval.

If a batch hasn’t been sent successfully, it is discarded after the time specified by max_elapsed_time elapses. If max_elapsed_time is set to "0s", failed requests are retried forever until they succeed.

debug_metrics block

The debug_metrics block configures the metrics that this component generates to monitor its state.

The following arguments are supported:

disable_high_cardinality_metricsbooleanWhether to disable certain high cardinality metrics.trueno

disable_high_cardinality_metrics is the Grafana Agent equivalent to the telemetry.disableHighCardinalityMetrics feature gate in the OpenTelemetry Collector. It removes attributes that could cause high cardinality metrics. For example, attributes with IP addresses and port numbers in metrics about HTTP and gRPC connections are removed.

Exported fields

The following fields are exported and can be referenced by other components:

inputotelcol.ConsumerA value that other components can use to send telemetry data to.

input accepts otelcol.Consumer data for any telemetry signal (metrics, logs, or traces).

Component health

otelcol.exporter.otlp is only reported as unhealthy if given an invalid configuration.

Debug information

otelcol.exporter.otlp does not expose any component-specific debug information.

Debug metrics

  • exporter_sent_spans_ratio_total (counter): Number of spans successfully sent to destination.
  • exporter_send_failed_spans_ratio_total (counter): Number of spans in failed attempts to send to destination.
  • exporter_queue_capacity_ratio (gauge): Fixed capacity of the retry queue (in batches)
  • exporter_queue_size_ratio (gauge): Current size of the retry queue (in batches)
  • rpc_client_duration_milliseconds (histogram): Measures the duration of inbound RPC.
  • rpc_client_request_size_bytes (histogram): Measures size of RPC request messages (uncompressed).
  • rpc_client_requests_per_rpc (histogram): Measures the number of messages received per RPC. Should be 1 for all non-streaming RPCs.
  • rpc_client_response_size_bytes (histogram): Measures size of RPC response messages (uncompressed).
  • rpc_client_responses_per_rpc (histogram): Measures the number of messages received per RPC. Should be 1 for all non-streaming RPCs.


The following examples show you how to create an exporter to send data to different destinations.

Send data to a local Tempo instance

You can create an exporter that sends your data to a local Grafana Tempo instance without TLS:

otelcol.exporter.otlp "tempo" {
    client {
        endpoint = "tempo:4317"
        tls {
            insecure             = true
            insecure_skip_verify = true

Send data to a managed service

You can create an otlp exporter that sends your data to a managed service, for example, Grafana Cloud. The Tempo username and Grafana Cloud API Key are injected in this example through environment variables.

otelcol.exporter.otlp "grafana_cloud_tempo" {
    client {
        endpoint = ""
        auth     = otelcol.auth.basic.grafana_cloud_tempo.handler
otelcol.auth.basic "grafana_cloud_tempo" {
    username = env("TEMPO_USERNAME")
    password = env("GRAFANA_CLOUD_API_KEY")

Compatible components

otelcol.exporter.otlp has exports that can be consumed by the following components:


Connecting some components may not be sensible or components may require further configuration to make the connection work correctly. Refer to the linked documentation for more details.