Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.langsight.dev/llms.txt

Use this file to discover all available pages before exploring further.

Full schema

# .langsight.yaml

# MCP servers to monitor — GLOBAL (admin view only)
# These servers are monitored by the embedded health check loop and visible
# to admins when no project is selected in the dashboard.
# Per-project servers are registered via the dashboard UI or PUT /api/servers/metadata/{name}
# and are NOT defined here. See mcp/mcp-servers-dashboard for per-project server management.
servers:
  - name: postgres-mcp             # required — unique identifier
    transport: stdio                # stdio | sse | streamable_http
    command: python                 # stdio only: executable
    args: [server.py]               # stdio only: arguments
    env:                            # stdio only: environment variables
      DB_HOST: localhost
    url: http://localhost:8080/sse  # sse/streamable_http only
    tags: [production, data]        # optional labels
    timeout_seconds: 5              # default: 5
    # Optional: backend liveness probe (v0.8.4)
    # Calls health_tool after tools/list on every check.
    # Failure → DEGRADED (backend down) instead of DOWN (MCP unreachable).
    health_tool: search_entities    # tool name to call as a probe
    health_tool_args:               # arguments passed to the tool
      query: "test"
      count: 1
    # Optional: v0.3 circuit breaker per-server override
    circuit_breaker:
      failure_threshold: 5    # open after N consecutive failures
      cooldown_seconds: 60    # disable for N seconds
      half_open_max_calls: 2  # test with N calls before closing

# Alerting configuration
alerts:
  slack_webhook: https://hooks.slack.com/...   # optional
  error_rate_threshold: 0.05                    # 5%
  latency_spike_multiplier: 3.0                 # 3x baseline
  consecutive_failures: 2                       # before DOWN alert

# Storage backend
# Valid modes: postgres | clickhouse | dual (default: dual)
# SQLite has been removed in v0.2.0 — use docker compose up -d
storage:
  mode: dual   # Postgres (metadata) + ClickHouse (analytics)

  # PostgreSQL — required for mode: postgres or dual
  # postgres_url: postgresql://user:pass@localhost:5432/langsight

  # ClickHouse — required for mode: clickhouse or dual
  clickhouse_url: http://localhost:8123
  clickhouse_database: langsight
  clickhouse_username: langsight
  clickhouse_password: ""

# LLM provider for langsight investigate
investigate:
  provider: anthropic              # anthropic | openai | gemini | ollama
  model: claude-sonnet-4-6        # optional — defaults per provider
  base_url: null                  # optional — for Ollama remotes

# Tool call pricing rules for langsight costs (non-LLM tool calls)
# LLM span costs are calculated from token counts — see Settings → Model Pricing
costs:
  rules:
    - server: openai-mcp
      tool: chat_completion
      cost_per_call: 0.005
    - server: "*"
      tool: "*"
      cost_per_call: 0.001

# PII protection — omit input_args and output_result from all spans
# When enabled, payload panels in the Trace tab are empty
redact_payloads: false

# Embedded monitor (v0.9.0+)
# langsight serve starts a background health check loop by default.
# Set monitor_enabled: false to run the API without a monitor (advanced).
monitor_enabled: true              # default: true
monitor_interval_seconds: 60       # default: 60 — seconds between check cycles
LLM provider API keys must be set as environment variables (ANTHROPIC_API_KEY, OPENAI_API_KEY, GEMINI_API_KEY). Never put them in .langsight.yaml — the file may be committed to version control.

Environment variable overrides

All settings can be overridden with environment variables using the LANGSIGHT_ prefix:
YAML keyEnv varNotes
storage.modeLANGSIGHT_STORAGE_MODE
storage.clickhouse_urlLANGSIGHT_CLICKHOUSE_URL
storage.postgres_urlLANGSIGHT_POSTGRES_URL
alerts.slack_webhookLANGSIGHT_SLACK_WEBHOOK
health_check_interval_secondsLANGSIGHT_HEALTH_CHECK_INTERVAL_SECONDS
redact_payloadsLANGSIGHT_REDACT_PAYLOADStrue or false
monitor_enabledLANGSIGHT_MONITOR_ENABLEDtrue (default) or false — controls the embedded monitor loop inside langsight serve. Set false to run the API without a background health check loop.
monitor_interval_secondsLANGSIGHT_MONITOR_INTERVAL_SECONDSSeconds between health check cycles when the embedded monitor is enabled (default: 60).
(admin bootstrap)LANGSIGHT_ADMIN_EMAILFirst-run only — creates admin account
(admin bootstrap)LANGSIGHT_ADMIN_PASSWORDFirst-run only
(auth)AUTH_SECRETRequired for the Next.js dashboard — session signing secret (min 32 chars). Generate with openssl rand -base64 32. Set as AUTH_SECRET in the dashboard container (also exposed as NEXTAUTH_SECRET). This is a dashboard-only variable; FastAPI does not use it.
(CORS)LANGSIGHT_CORS_ORIGINSComma-separated allowed origins (default: http://localhost:3003). Set explicitly for production deployments.
(proxy trust)LANGSIGHT_TRUSTED_PROXY_CIDRSComma-separated CIDRs for trusted proxy headers (default: 127.0.0.1/32,::1/128)
(ClickHouse auth)CLICKHOUSE_USERClickHouse username
(ClickHouse auth)CLICKHOUSE_PASSWORDClickHouse password
(API workers)LANGSIGHT_WORKERSUvicorn worker processes. Default: 1. Set > 1 only when LANGSIGHT_REDIS_URL is configured — without Redis, multi-worker mode fails at startup.
(Redis)LANGSIGHT_REDIS_URLRedis connection URI. Required for LANGSIGHT_WORKERS > 1. Supports redis://, redis+sentinel://, redis+cluster://. Example: redis://:password@redis:6379. Leave empty for single-instance mode.
(Postgres pool)LANGSIGHT_PG_POOL_MAXMaximum Postgres connection pool size (default: 50). Lower this on small instances where Postgres max_connections is constrained.
(Prometheus)LANGSIGHT_METRICS_TOKENBearer token required to scrape GET /metrics. When not set, /metrics returns 503 (not open). Generate with python -c "import secrets; print(secrets.token_hex(32))".
LANGSIGHT_ADMIN_EMAIL and LANGSIGHT_ADMIN_PASSWORD are consumed once on first run to create the initial admin user. After that, manage users via Settings → Users in the dashboard.
NEXT_PUBLIC_LANGSIGHT_API_KEY is no longer required for the dashboard. Dashboard authentication is handled server-side via NextAuth — the session is never exposed to the browser. API keys are for SDK and CLI access only.
LANGSIGHT_WORKERS > 1 is supported when LANGSIGHT_REDIS_URL is set. Without Redis, the API fails at startup with a RuntimeError explaining what to configure.To enable multi-worker mode: set LANGSIGHT_REDIS_URL and start Redis (docker compose --profile redis up -d).When LANGSIGHT_REDIS_URL is not set, LANGSIGHT_WORKERS must remain at 1. This is the default behavior and requires no configuration for single-instance deployments.

Global payload redaction (server-side)

An admin can enforce payload redaction at the instance level, overriding individual SDK redact_payloads settings. When enabled, the server strips input_args, output_result, llm_input, and llm_output from all incoming spans before they are stored.

Via the dashboard

Go to Settings -> Instance -> Data Privacy and toggle Redact all payloads on.

Via the API

# Check current setting
curl http://localhost:8000/api/settings \
  -H "X-API-Key: ls_your_key"

# Enable global redaction
curl -X PUT http://localhost:8000/api/settings \
  -H "X-API-Key: ls_your_key" \
  -H "Content-Type: application/json" \
  -d '{"redact_payloads": true}'
Settings object: 
{
  "redact_payloads": true
}

How it works

LayerSettingEffect
SDKLangSightClient(redact_payloads=True)Client omits payloads before sending
ServerPUT /api/settings {"redact_payloads": true}Server strips payloads on ingestion
BothServer setting winsEven if SDK sends payloads, server strips them
The server-side toggle is enforced in the POST /api/traces/spans handler before spans are written to storage. This guarantees no payload data reaches ClickHouse regardless of how individual SDK clients are configured.
Enabling global redaction means payload panels in the Trace tab will be empty across the entire instance. Span timing, status, cost, and token counts are still captured.

Slack alert configuration

For a full guide on Slack setup, alert types, the Alert Inbox lifecycle, and debugging, see Alerts & Notifications.

Webhook URL resolution order

PrioritySourceHow to set
1 (highest)Dashboard — Settings → NotificationsSaved to Postgres fired_alerts table — persists across restarts
2.langsight.yamlalerts.slack_webhook: https://hooks.slack.com/...
3Environment variableLANGSIGHT_SLACK_WEBHOOK=https://hooks.slack.com/...

Alert types

Alert typeTriggered byDefault
mcp_downMCP server health check transitions to DOWN (CLI monitor)On
mcp_recoveredMCP server transitions from DOWN back to UP (CLI monitor)On
agent_failureSpan batch ingested with unhealthy health tag (API)On
slo_breachedSLO evaluator returns breached for any defined SLO (API)On
anomaly_criticalZ-score anomalyz>= 3.0 (API)On
anomaly_warningZ-score anomalyz>= 2.0 (API)Off
security_criticalSecurity scan returns a CRITICAL severity finding (API)On
security_highSecurity scan returns a HIGH severity finding (API)Off
All fired alerts are persisted to the Postgres fired_alerts table and accessible in the Alert Inbox at Dashboard → Alerts, regardless of whether Slack is configured or alert type toggles are on.

Prometheus scrape configuration

LangSight exposes a GET /metrics endpoint in Prometheus text exposition format. LANGSIGHT_METRICS_TOKEN is required. When the token is not set:
  • /metrics returns 503 Service Unavailable (not open access).
  • LangSight logs a warning at startup.
  • Prometheus scrape targets will show as DOWN until the token is configured.
Generate a token and set it before scraping: 
# Generate
python -c "import secrets; print(secrets.token_hex(32))"

# Set in your environment / docker-compose.yml
LANGSIGHT_METRICS_TOKEN=<generated-value>
When set, the endpoint requires Authorization: Bearer <token>. Requests without the header, or with the wrong token, receive 401 Unauthorized.
RequestResponse
No LANGSIGHT_METRICS_TOKEN set503 Service Unavailable
Authorization: Bearer <wrong-token>401 Unauthorized
Authorization: Bearer <correct-token>200 OK — Prometheus text format
Configure Prometheus to pass the token as a bearer token: 
# prometheus.yml
scrape_configs:
  - job_name: langsight
    scrape_interval: 15s
    bearer_token: your-secret-scrape-token
    static_configs:
      - targets: ["localhost:8000"]   # or "api:8000" inside Docker Compose
    metrics_path: /metrics
See Monitoring for available metrics, Grafana dashboard tips, and SSE live event feed usage.

Dashboard authentication

The dashboard authenticates users through the following flow:
  1. The user logs in via the NextAuth login page (/auth/signin).
  2. NextAuth creates a server-side session signed with LANGSIGHT_AUTH_SECRET.
  3. Every dashboard API call goes through the Next.js proxy at /api/proxy/*.
  4. The proxy reads the session server-side, injects X-User-Id and X-User-Role headers, and forwards the request to FastAPI.
  5. FastAPI trusts those headers only when the request originates from localhost (127.0.0.1 / ::1).
This means no API keys are needed in the browser and no session tokens are exposed to client-side JavaScript.
FastAPI must not be directly internet-accessible. It must sit behind the Next.js proxy (or a reverse proxy you control). If FastAPI is exposed publicly, external clients could set X-User-Id / X-User-Role headers directly and bypass authentication.