Privacy

Telemetry

oktsec collects anonymous telemetry data about general usage to help guide development priorities. Participation is optional, and you may opt out at any time.

Frequency

Once per version

Method

HEAD request

Body

None

What is collected

When you run oktsec for the first time on a new version, it sends a single anonymous request with:

version0.11.2oktsec version

os / archdarwin/arm64Operating system and architecture

agents3Number of configured agents (count only)

rules5Number of custom rule overrides (count only)

gatewayyes/noWhether the MCP gateway is enabled

llmyes/noWhether the LLM analysis layer is enabled

modeobserveDeployment mode

No user data, hostnames, IP addresses, agent names, API keys, or configuration details are transmitted. The request contains only the fields listed above.

What is NOT collected

IP addresses

Hostnames or machine identifiers

Agent names or configuration

API keys, secrets, or credentials

Message content or detection results

File paths or directory structures

How to opt out

Either method permanently disables telemetry. No data is sent after opting out.

Option 1: Environment variable

export OKTSEC_NO_TELEMETRY=1

Option 2: Marker file

touch ~/.oktsec/.no-telemetry

Source code

The telemetry client is open source and auditable. The implementation is 60 lines of Go. It sends a single HEAD request with query parameters. No request body.

internal/telemetry/ping.go