Plugins 〉Simple OPC-UA
Simple OPC-UA
Simple OPC-UA Data Source for Grafana
A Grafana data source plugin for connecting to OPC-UA servers. Read industrial data directly in Grafana dashboards.
Features
- Easy Configuration: Simple setup with endpoint URL, security settings, and authentication
- Multiple Auth Methods: Anonymous, Username/Password, and Certificate authentication
- Node Browser: Graphical tree browser for exploring OPC-UA address space
- Template Variables: Full support for Grafana template variables in Node IDs
- Health Checks: Built-in connection testing via Save & Test
Requirements
- Grafana 10.4.0 or later
- Access to an OPC-UA server
Installation
From Grafana Plugin Catalog
- In Grafana, go to Configuration > Plugins
- Search for "Simple OPC-UA"
- Click Install
Manual Installation
- Download the latest release from GitHub Releases
- Extract to your Grafana plugins directory (usually
/var/lib/grafana/plugins) - Restart Grafana
Configuration
Connection Settings
| Setting | Description | Example |
|---|---|---|
| Endpoint URL | OPC-UA server endpoint | opc.tcp://localhost:4840 |
| Security Policy | Encryption algorithm | None, Basic256Sha256 |
| Security Mode | Message security | None, Sign, SignAndEncrypt |
| Timeout | Connection timeout (seconds) | 10 |
Security
When using security modes other than "None" (Sign or SignAndEncrypt), the plugin provides two options:
Option 1: Auto-Generated Certificate (Recommended)
The plugin can automatically generate and manage client certificates:
- Click "Generate Certificate" button in the datasource configuration
- The plugin generates a self-signed client certificate
- Click "Save & Test" to persist the certificate
- The certificate is securely stored in Grafana's encrypted storage
The auto-generated certificate is valid for 3 years and persists across Grafana restarts.
Option 2: Provide Your Own Certificate
For advanced use cases, you can provide your own client certificate using the Certificate authentication method (see Authentication section below).
Important: For secure connections, you must either generate a certificate or provide your own. The OPC-UA server must trust the client certificate - consult your OPC-UA server documentation for adding trusted certificates.
Supported Security Policies:
- None (no encryption)
- Basic256Sha256
- Aes128_Sha256_RsaOaep
- Aes256_Sha256_RsaPss
Supported Security Modes:
- None
- Sign (messages are signed but not encrypted)
- SignAndEncrypt (messages are signed and encrypted)
Authentication
Anonymous
No credentials required. Select "Anonymous" as the authentication method.
Username/Password
- Select "Username / Password" as the authentication method
- Enter your username and password
- Credentials are stored securely using Grafana's secure JSON data
Certificate
For advanced use cases where you need to use a specific client certificate:
- Select "Certificate" as the authentication method
- Paste your PEM-encoded certificate and private key
- Both are stored securely using Grafana's secure JSON data
Note: When using Certificate authentication, the provided certificate is used instead of the auto-generated one.
Usage
Building Queries
- Add a new panel and select the OPC-UA data source
- Click "Browse Nodes" to explore the OPC-UA address space
- Click the + icon next to any Variable node to add it to your query
- Optionally, set an alias for each node
Using Template Variables
You can use Grafana template variables in Node IDs:
ns=2;s=${machine}/Temperature
Development
Prerequisites
- Node.js 22+
- Go 1.22+
- Docker (for testing)
Quick Start
# Install and build
npm install
npm run build
mage buildAll
Start development environment (choose one):
1. Basic - Grafana + plugin (no provisioning)
docker compose up
2. Full - Complete test environment with OPC-UA simulators
docker compose -f docker-compose.full.yaml up
3. ProSys - For ProSys OPC-UA Simulator testing (requires ProSys on host)
docker compose -f docker-compose.prosys.yaml up
Open http://localhost:3000 (or :3001 for ProSys)
Docker Compose Configurations:
| Configuration | Datasources | Dashboards | OPC-UA Servers | Port | Use Case |
|---|---|---|---|---|---|
docker-compose.yaml | None | None | None | 3000 | Manual testing, clean slate |
docker-compose.e2e.yaml | 1 (test) | None | None | 3000 | E2E tests (used by npm run e2e) |
docker-compose.full.yaml | 14 (docker-based) | Yes | 5 containers | 3000 | Complete integration testing |
docker-compose.prosys.yaml | 14 (ProSys) | Yes | ProSys on host | 3001 | ProSys simulator testing |
OPC-UA Test Servers
For development and testing, you can use OPC-UA simulators:
Docker-based Simulators (Included)
The docker-compose.full.yaml setup includes 5 containerized OPC-UA test servers using Microsoft OPC-PLC and node-opcua. These servers are provided solely for testing convenience and are not part of the plugin itself.
Available servers:
opcua-nosecurity(port 50000) - No security, anonymous onlyopcua-secure-anon(port 50001) - Security enabled, anonymous authopcua-secure-userpass(port 50002) - Security enabled, username/password (user1/password1)opcua-all-auth(port 50003) - All authentication methods enabledopcua-node(port 4840) - Node-OPCUA server with Aes256_Sha256_RsaPss support
ProSys OPC-UA Simulator (External)
ProSys OPC-UA Simulation Server is a third-party external tool that can be used for testing. It is not included with this plugin.
To test with ProSys:
- Download and install ProSys OPC-UA Simulation Server on your host machine
- Start the ProSys simulator
- Use
docker compose -f docker-compose.prosys.yaml upto run Grafana configured to connect to ProSys viahost.docker.internal
Note: ProSys is a separate commercial product with its own licensing. See the ProSys website for details.
Additional Commands
# Linting and validation
npm run lint # ESLint
npm run lint:fix # Auto-fix + Prettier
npm run typecheck # TypeScript check
Development mode
npm run dev # Frontend watch mode
Testing
# Unit tests
npm run test:ci # Frontend
mage test # Backend
E2E tests (against multiple Grafana versions)
npm run e2e # Run all tests
npx playwright test –ui # Interactive mode
Test specific Grafana version
GRAFANA_VERSION=10.4.0 npm run server
Architecture
Frontend (src/):
module.ts- Plugin entry pointdatasource.ts- OpcuaDataSource (extends DataSourceWithBackend)components/ConfigEditor/- Data source configuration UIcomponents/QueryEditor/- Query editor with node browser
Backend (pkg/):
plugin/datasource.go- Query and health check handlersplugin/resources.go- HTTP handlers for /browse and /endpointsplugin/opcua/- OPC-UA client, auth, browsing, certificates
Key Dependencies:
- Go:
github.com/gopcua/opcua- OPC-UA protocol - Go:
github.com/grafana/grafana-plugin-sdk-go- Plugin SDK
License
Apache License 2.0. See LICENSE for details.
Support
Grafana Cloud Free
- Free tier: Limited to 3 users
- Paid plans: $55 / user / month above included usage
- Access to all Enterprise Plugins
- Fully managed service (not available to self-manage)
Self-hosted Grafana Enterprise
- Access to all Enterprise plugins
- All Grafana Enterprise features
- Self-manage on your own infrastructure
Grafana Cloud Free
- Free tier: Limited to 3 users
- Paid plans: $55 / user / month above included usage
- Access to all Enterprise Plugins
- Fully managed service (not available to self-manage)
Self-hosted Grafana Enterprise
- Access to all Enterprise plugins
- All Grafana Enterprise features
- Self-manage on your own infrastructure
Grafana Cloud Free
- Free tier: Limited to 3 users
- Paid plans: $55 / user / month above included usage
- Access to all Enterprise Plugins
- Fully managed service (not available to self-manage)
Self-hosted Grafana Enterprise
- Access to all Enterprise plugins
- All Grafana Enterprise features
- Self-manage on your own infrastructure
Grafana Cloud Free
- Free tier: Limited to 3 users
- Paid plans: $55 / user / month above included usage
- Access to all Enterprise Plugins
- Fully managed service (not available to self-manage)
Self-hosted Grafana Enterprise
- Access to all Enterprise plugins
- All Grafana Enterprise features
- Self-manage on your own infrastructure
Grafana Cloud Free
- Free tier: Limited to 3 users
- Paid plans: $55 / user / month above included usage
- Access to all Enterprise Plugins
- Fully managed service (not available to self-manage)
Self-hosted Grafana Enterprise
- Access to all Enterprise plugins
- All Grafana Enterprise features
- Self-manage on your own infrastructure
Installing Simple OPC-UA on Grafana Cloud:
Installing plugins on a Grafana Cloud instance is a one-click install; same with updates. Cool, right?
Note that it could take up to 1 minute to see the plugin show up in your Grafana.
Warning
Plugin installation from this page will be removed in February 2026. Use the Plugin Catalog in your Grafana instance instead. Refer to Install a plugin in the Grafana documentation for more information.
Installing plugins on a Grafana Cloud instance is a one-click install; same with updates. Cool, right?
Note that it could take up to 1 minute to see the plugin show up in your Grafana.
Warning
Plugin installation from this page will be removed in February 2026. Use the Plugin Catalog in your Grafana instance instead. Refer to Install a plugin in the Grafana documentation for more information.
Installing plugins on a Grafana Cloud instance is a one-click install; same with updates. Cool, right?
Note that it could take up to 1 minute to see the plugin show up in your Grafana.
Warning
Plugin installation from this page will be removed in February 2026. Use the Plugin Catalog in your Grafana instance instead. Refer to Install a plugin in the Grafana documentation for more information.
Installing plugins on a Grafana Cloud instance is a one-click install; same with updates. Cool, right?
Note that it could take up to 1 minute to see the plugin show up in your Grafana.
Warning
Plugin installation from this page will be removed in February 2026. Use the Plugin Catalog in your Grafana instance instead. Refer to Install a plugin in the Grafana documentation for more information.
Installing plugins on a Grafana Cloud instance is a one-click install; same with updates. Cool, right?
Note that it could take up to 1 minute to see the plugin show up in your Grafana.
Warning
Plugin installation from this page will be removed in February 2026. Use the Plugin Catalog in your Grafana instance instead. Refer to Install a plugin in the Grafana documentation for more information.
Installing plugins on a Grafana Cloud instance is a one-click install; same with updates. Cool, right?
Note that it could take up to 1 minute to see the plugin show up in your Grafana.
Installing plugins on a Grafana Cloud instance is a one-click install; same with updates. Cool, right?
Note that it could take up to 1 minute to see the plugin show up in your Grafana.
Warning
Plugin installation from this page will be removed in February 2026. Use the Plugin Catalog in your Grafana instance instead. Refer to Install a plugin in the Grafana documentation for more information.
Installing plugins on a Grafana Cloud instance is a one-click install; same with updates. Cool, right?
Note that it could take up to 1 minute to see the plugin show up in your Grafana.
For more information, visit the docs on plugin installation.
Installing on a local Grafana:
For local instances, plugins are installed and updated via a simple CLI command. Plugins are not updated automatically, however you will be notified when updates are available right within your Grafana.
1. Install the Data Source
Use the grafana-cli tool to install Simple OPC-UA from the commandline:
grafana-cli plugins install The plugin will be installed into your grafana plugins directory; the default is /var/lib/grafana/plugins. More information on the cli tool.
Alternatively, you can manually download the .zip file for your architecture below and unpack it into your grafana plugins directory.
Alternatively, you can manually download the .zip file and unpack it into your grafana plugins directory.
2. Configure the Data Source
Accessed from the Grafana main menu, newly installed data sources can be added immediately within the Data Sources section.
Next, click the Add data source button in the upper right. The data source will be available for selection in the Type select box.
To see a list of installed data sources, click the Plugins item in the main menu. Both core data sources and installed data sources will appear.
Changelog
All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
[Unreleased]
Added
- Certificate generation UI with "Generate Certificate" button for secure connections
- Client certificates are now stored in Grafana's encrypted storage (secureJsonData)
- Certificates persist across Grafana restarts and datasource updates
- Certificate status indicator showing configured/not configured state
- Support for Sign and SignAndEncrypt security modes with auto-generated certificates
- GitHub Sponsors link for plugin support
Changed
- Security modes now support certificate auto-generation from the UI
- Certificates are automatically cached during the plugin session for performance
- Certificate lifecycle management - valid for 3 years with automatic renewal when expiring soon
[1.0.0] - 2024-12-25
Added
- Initial release
- OPC-UA Data Access (DA) support
- Node browsing with tree view
- Anonymous authentication
- Username/Password authentication
- Certificate authentication
- Security policy and mode configuration
- Connection timeout configuration
- Template variable support
- Health check implementation
