# Telemetry and privacy

> **Warning:** This product is in Beta stage and we may release breaking changes. The documentation here matches the release version listed in the table of contents.

The SonarQube CLI collects two kinds of data:

* **Anonymous usage telemetry** — which commands are run, on what platform, and whether they succeeded.
* **Crash reports** via [Sentry](https://sentry.io) — unhandled exceptions, scrubbed of personal paths.

Both are enabled by default. They share a single opt-out and transmit no source code, no file contents, and no secrets.

## What telemetry collects

Telemetry helps us understand how the CLI is used so we can prioritize improvements, catch regressions, and decide which platforms and integrations to invest in. At a high level, events capture which commands are run, whether they succeed, the CLI version and operating system, and — when you're authenticated — which SonarQube connection the command ran against. We also record which AI coding agent invoked the CLI when one is detectable, so we can shape the integrations accordingly.

Events are buffered locally in `~/.sonar/sonarqube-cli/state.json` and flushed asynchronously to SonarSource's telemetry endpoint.

## What telemetry doesn't collect

* File contents.
* File paths or filenames inside your repositories.
* Project names or keys (only server-side UUIDs).
* Command arguments, flag values, or output.
* Any token or credential value.

## What crash reports contain

Sentry is used for crash reporting only. When the CLI hits an unhandled exception, it sends:

* The exception type and message.
* The stack trace, **with your home directory path scrubbed** before transmission.
* The CLI version and OS.

Crash reports are tied to the same opt-out as telemetry — turning off telemetry also turns off Sentry.

## Disable telemetry and crash reporting

For an individual developer:

```bash
sonar config telemetry --disabled
```

To re-enable:

```bash
sonar config telemetry --enabled
```

The setting persists in `~/.sonar/sonarqube-cli/state.json` (`telemetry.enabled`).

### Disable only crash reporting

To keep anonymous usage telemetry but disable Sentry crash reports, set this environment variable:

```bash
export SONARQUBE_CLI_DISABLE_SENTRY=1
```

This is rarely needed — most organizations either accept both or disable both.

## Rolling out an opt-out across a fleet

For a scaled rollout where policy requires telemetry off by default:

* Push `sonar config telemetry --disabled` into your developer-environment bootstrap (Ansible, Chef, dotfiles repo, IT-managed onboarding script). This persists the setting in `state.json` on every machine.
* Or set `SONARQUBE_CLI_DISABLE_SENTRY=1` in your shared developer environment to disable crash reporting only.

The opt-out is per-machine. No central org-level switch exists yet.

## Related pages <a href="#related-pages" id="related-pages"></a>

* [State and storage](/sonarqube-cli/administration/state-and-storage.md)
* [Environment variables](/sonarqube-cli/using-sonarqube-cli/environment-variables.md)
* [`sonar config telemetry`](/sonarqube-cli/using-sonarqube-cli/commands.md#sonar-config-telemetry)


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.sonarsource.com/sonarqube-cli/administration/telemetry-and-privacy.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.