Product Telemetry
Lens Agents emits product telemetry as OpenTelemetry log records. Telemetry helps Lens improve the platform and helps operators understand usage patterns. No conversation content, prompts, responses, tool-call arguments, or file contents are ever included.
The platform emits two categories of events:
- Agent runtime events — agent lifecycle, subagent management, and integration activity (14 events)
- Control-plane events — resource mutations across the Nexus API surface (46 events)
Emission semantics
Who emits what
Both the agent runtime and the Nexus control plane share a single telemetry implementation. All events flow through the same OpenTelemetry LoggerProvider configured with:
| Resource attribute |
Value |
service.name |
lens-agents-backend |
service.namespace |
lens-agents |
The agent runtime emits lifecycle and integration events (agent created, slack connected, etc.). The Nexus control plane emits resource-mutation events (org created, policy updated, cluster deleted, etc.).
Transport
Events are sent as batched OTLP/HTTP log records to {OTEL_EXPORTER_OTLP_ENDPOINT}/v1/logs. A BatchLogRecordProcessor handles queuing and retry. When OTEL_EXPORTER_OTLP_ENDPOINT is unset or empty, the telemetry subsystem is a full no-op — no buffering, no network calls.
User attribution
Every trackEvent call resolves the actor via actorUserId(authContext):
| Auth context type |
Resolved user.id |
Rationale |
oidc |
OIDC subject ID |
Human user actions are attributed |
agent-token |
undefined (omitted) |
Event fires but is unattributed — count is accurate, actor is the token itself |
cluster-jwt |
undefined (omitted) |
Cluster-initiated actions are not user-attributed |
When user.id is undefined the attribute is omitted entirely from the log record — downstream systems can filter on its presence to separate human-initiated from machine-initiated events.
What is NOT instrumented
Read operations (GET endpoints) do not emit telemetry events. Only state-mutating actions (create, update, delete, rotate, revoke) are instrumented. This is consistent across both the agent runtime and control plane.
Configuration
Two environment variables control telemetry for both the agent runtime and the control plane:
| Variable |
Required |
Description |
OTEL_EXPORTER_OTLP_ENDPOINT |
Yes (to enable) |
Base URL of the OTLP/HTTP collector. If unset or empty, telemetry is a full no-op. |
OTEL_EXPORTER_OTLP_API_KEY |
No |
Passed as the x-api-key header to the collector. Use when your collector requires authentication. |
Defaults by deployment model
| Deployment model |
Telemetry default |
Destination |
| SaaS (Lens-hosted) |
Enabled |
Lens-managed OpenTelemetry collector |
| Self-hosted |
Disabled |
Operator chooses any OTLP/HTTP endpoint |
| Cloud marketplace |
Disabled |
Operator chooses any OTLP/HTTP endpoint |
For self-hosted and marketplace deployments, telemetry is a complete no-op unless the operator explicitly enables it.
Base attributes
Every event (runtime and control-plane) carries these attributes automatically:
| Attribute |
Description |
event.id |
Auto-generated UUIDv7 per event |
event.name |
Event name (see tables below) |
user.id |
OIDC subject of the actor (omitted for agent-token and cluster-jwt contexts) |
Agent runtime events
Agent lifecycle
| Event |
Attribute keys |
agent created |
agent.id, agent.type, org.id, team.id |
agent deleted |
agent.id, org.id, team.id |
agent heartbeat triggered |
agent.id, org.id, team.id |
Subagents
| Event |
Attribute keys |
subagent added |
agent.id, subagent.id, org.id, team.id |
subagent removed |
agent.id, subagent.id, org.id, team.id |
Slack integration
| Event |
Attribute keys |
slack connected |
org.id, workspace.name |
slack disconnected |
org.id |
slack dm link code requested |
agent.id, org.id |
slack channel link code requested |
agent.id, org.id |
slack channel unlinked |
agent.id, org.id, channel.id |
slack dm unlinked |
agent.id, org.id |
Slack heartbeat triggers
| Event |
Attribute keys |
slack heartbeat trigger created |
agent.id, org.id, channel.id, throttle.seconds |
slack heartbeat trigger updated |
agent.id, org.id, throttle.seconds |
slack heartbeat trigger deleted |
agent.id, org.id, trigger.id |
Control-plane events (Nexus)
All control-plane events are emitted by the Nexus API on state-mutating operations. Every event carries org.id as a base attribute in addition to the common base attributes above.
Organizations
| Event |
Attribute keys |
org created |
org.id, org.name |
org updated |
org.id |
org deleted |
org.id |
org member role updated |
org.id, member.user.id, member.role |
org member removed |
org.id, member.user.id |
Projects
| Event |
Attribute keys |
project created |
org.id, project.id, project.name |
project updated |
org.id, project.id |
project deleted |
org.id, project.id |
project keys rotated |
org.id, project.id |
Users, teams & invitations
| Event |
Attribute keys |
team created |
org.id, team.id, team.name |
team updated |
org.id, team.id |
team deleted |
org.id, team.id |
team member added |
org.id, team.id, member.user.id or member.agent_token.id |
team member removed |
org.id, team.id, member.id |
team project access granted |
org.id, team.id, project.id, access.role |
team project access revoked |
org.id, team.id, project.id |
org invitation sent |
org.id, invitation.id |
org invitation accepted |
org.id, invitation.id |
org invitation declined |
org.id, invitation.id |
org invitation revoked |
org.id, invitation.id |
Policies & policy bindings
| Event |
Attribute keys |
policy created |
org.id, policy.id, policy.scope, project.id (when project-scoped) |
policy updated |
org.id, policy.id, policy.scope |
policy deleted |
org.id, policy.id, policy.scope |
policy binding created |
org.id, binding.id, binding.scope, project.id (when project-scoped) |
policy binding updated |
org.id, binding.id |
policy binding deleted |
org.id, binding.id |
Clusters
| Event |
Attribute keys |
cluster created |
org.id, project.id, cluster.id |
cluster updated |
org.id, project.id, cluster.id |
cluster deleted |
org.id, project.id, cluster.id |
cluster tunnel token rotated |
org.id, project.id, cluster.id |
Sandboxes
| Event |
Attribute keys |
sandbox stopped |
org.id, project.id, sandbox.id |
sandbox token issued |
org.id, project.id, token.id, token.ttl_ms |
AWS connections & credentials
| Event |
Attribute keys |
aws connection created |
org.id, project.id, connection.id |
aws connection updated |
org.id, project.id, connection.id |
aws connection deleted |
org.id, project.id, connection.id |
credential created |
org.id, project.id, credential.id |
credential updated |
org.id, project.id, credential.id |
credential deleted |
org.id, project.id, credential.id |
MCP servers
| Event |
Attribute keys |
mcp server created |
org.id, project.id, mcp_server.id, mcp_server.auth_type |
mcp server updated |
org.id, project.id, mcp_server.id |
mcp server deleted |
org.id, project.id, mcp_server.id |
mcp server oauth completed |
org.id, project.id, mcp_server.id |
Agent tokens
| Event |
Attribute keys |
agent token created |
org.id, token.id, token.expires_at (when set) |
agent token revoked |
org.id, token.id |
Spending limits
| Event |
Attribute keys |
spending limit set |
org.id, limit.cents, token.id (when token-scoped), target.user.id (when user-scoped) |
spending limit removed |
org.id, limit.id |
What is NOT sent
Product telemetry is strictly limited to lifecycle and metadata events. The following are never included:
- Conversation content — prompts, responses, and message history
- Tool-call arguments or results — MCP tool inputs, Kubernetes API responses, shell output
- Memory contents — agent memory entries and workspace file contents
- File contents — files read, written, or transferred by agents
- Credentials — API keys, tokens, or secrets
All attribute values are identifiers (IDs, names, numeric thresholds). No free-text or user-generated content is captured.
Point at your own collector
Self-hosted and marketplace operators can send telemetry to any OTLP/HTTP-compatible collector:
OTEL_EXPORTER_OTLP_ENDPOINT=https://otel.example.com
OTEL_EXPORTER_OTLP_API_KEY=your-collector-api-key
This works with any OpenTelemetry-compatible backend — Grafana Alloy, Datadog, Honeycomb, a self-hosted OpenTelemetry Collector, or any other system that accepts OTLP/HTTP log records.
SaaS opt-out
Organizations on SaaS deployments that require product telemetry to be fully disabled can discuss an org-level opt-out toggle during evaluation. Talk to us if this is a requirement.