Skip to content

Anonymous Telemetry

ThreadLens includes an optional, anonymous telemetry pipeline that helps the maintainers understand how the self-hosted product is used. Telemetry is off by default and requires two explicit opt-in gates before any data leaves your instance.

Telemetry only flows when both of these conditions are true:

  1. Infrastructure opt-in: The environment variable SCOUT_TELEMETRY_OPT_IN is set to 1. Without this, the telemetry client is a no-op regardless of any UI setting.
  2. UI consent: The user has explicitly accepted telemetry in the onboarding wizard, the bottom-left consent toast, or the Settings → Privacy page.

If either gate is closed, no events are sent.

CategoryEvent nameWhen it fires
Heartbeatinstance_startedOnce per API process start
Heartbeatinstance_pingOnce every 24 hours
Heartbeatinstance_consent_changedOnce per consent change
Feature usagefeature_used:scout_runWhen a scout run is started
Feature usagefeature_used:query_suggestWhen query suggestions are requested
Feature usagefeature_used:report_createWhen a report is generated
Feature usagefeature_used:schedule_createWhen a schedule is created
Feature usagefeature_used:filter_jobWhen a filter job is created
Errorserror:onboarding_saveWhen onboarding save returns a server error
Errorserror:scout_runWhen a scout run ends in failed status

Every event includes: event_name, event_time_unix_ms, scout_version, deployment_type (docker/local), os_platform (linux/darwin/windows/unknown), and source (server/client).

A random instance_id (UUID) is generated on first launch and stored in the local database. This lets the team count instances, not people.

  • Personal data, usernames, or email addresses
  • Query text, prompt content, post content, or report content
  • API keys, environment variable values, or file paths
  • Hostnames, IP addresses, MAC addresses, or container IDs
  • Error messages, stack traces, or HTTP request bodies
  • Project IDs, project names, or record counts

Add the following to your .env file and restart Docker:

Terminal window
SCOUT_TELEMETRY_OPT_IN=1

After restarting, the onboarding wizard (for new installs) or a bottom-left toast (for existing installs) will prompt for consent.

  • From the UI: Go to Settings → Privacy and toggle the consent switch off.
  • From the environment: Remove or unset SCOUT_TELEMETRY_OPT_IN from your .env file and restart Docker. This is the infrastructure-level kill switch and overrides any UI setting.

Events are sent via HTTPS to telemetry.threadlens.dev, a Cloudflare Worker that writes to Cloudflare Analytics Engine. The worker validates every event against a strict schema and rejects anything outside the allow-list.

Cloudflare Analytics Engine retains data for 90 days by default. No telemetry data is exported to third-party analytics services.

The telemetry pipeline is fully open-source:

  • Go API recorder: open-core/apps/api/internal/telemetry/
  • Browser client: open-core/apps/web/src/lib/telemetry.js
  • Worker source: infra/cloudflare/telemetry-worker/