Telemetry
Your SonarQube Server installation sends telemetry data to SonarSource daily. This data helps us understand how SonarQube Server is used, which helps us improve our products.
No personally identifiable information is sent
The telemetry feature only sends anonymized, non-project-specific data related to which features of the product are being used.
Personal data, such as usernames or email addresses, is never sent. Neither is source code nor any project-specific data such as project name, repository, or author is ever sent. No IP addresses are ever sent.
The data is sent securely, held under restricted access, and not published outside of SonarSource.
Protecting your privacy is important to us. If you have any concerns about telemetry data collection, please email us at security@sonarsource.com
.
Turning it off
You can disable telemetry at any time by setting the sonar.telemetry.enable
property to false
in <sonarqubeHome>conf/sonar.properties
. By default, it is set to true
.
What information is sent?
Once a day (every 24 hours), SonarQube Server sends a JSON payload to https://telemetry.sonarsource.com/sonarqube
.
The data that is sent consists of anonymized information about:
- The SonarQube Server instance: Version, license type, edition, database type, etc.
- Each project on the instance, consisting of:
- A technical identifier that does not reveal any project-specific details.
- Project characteristics such as last analysis time, number of findings, and new code definition.
- Each user on the instance, consisting of:
- A technical identifier that does not reveal any personal information about the user.
- Information about the user's usage of the instance, such as last activity time and current status.
- Each quality gate on the instance, consisting of:
- A technical identifier that does not reveal any project-specific details.
- A quality gate compliance status (see Clean as You Code).
- Quality gate conditions.
- Each quality profile of the instance, consisting of:
- A technical identifier that does not reveal any project-specific details.
- Quality profile characteristics such as language, if default, built-in, or parent is built-in.
- Number of rules that are activated, deactivated, or overridden in the quality profile.
- Each branch on the instance, consisting of:
- A technical identifier that does not reveal any branch-specific details.
- Branch characteristics, such as its new code definition.
Here is an example of a telemetry payload:
Issue types are deprecated. The related fields will be updated in the future.
Was this page helpful?