Microsoft Active Directory monitoringMicrosoft Active Directory monitoring
Monitor health and performance of the Microsoft Active Directory, all-on-one.
Extension
- Product information
- Release notes
Overview
Get insights into performance and usage of the Microsoft ActiveDirectory services:
- DHCP, DNS, DFS, LDAP, ATQ, Kerberos and NTLM
- AD Network adapters and AD/LSA database
- AD replication status
- LDAP BIND performance, FSMO consistency, AD database disk usage
- System-dependent services status like time synchronization, volume health and network adapter health
This extension obtains signals through WMI queries and execution of the PowerShell snippets, depending on where is the source of specific metric. It is designed to work on the AD hosts where the OneAgent is already deployed.
⚠️ Note: important change. This extension replaces previously available Active Directory monitoring extensions This Dynatrace extension supersedes both Active Directory services and Active Directory extended monitoring extensions.
- Please remove both Active Directory services and Active Directory extended monitoring extensions
- Revisit any metric alerts and dashboards you've created using AD metrics provided by the previously used extensions. You may need to replace previously used metrics with the new ones, as some metrics might have their IDs changed.
Use cases
- Operational monitoring of your Active Directory services, tenant, for usage, performance and availability
- Analyze trends and baselines of the Active Directory services usage
- Raise alerts on anomalies detected
- Monitor vital AD log signals in Dynatrace
Get started
This extension is designed to run locally on your AD servers. It doesn't offer remote monitoring of your AD servers. Additionally, compared to typical extensions, which run as LOCAL SERVICE , this one requires privileges elevated to LOCAL SYSTEM, in order to obtain AD metrics that can only be obtained through execution of the PowerShell scripts.
To start using this extension:
- Install OneAgent on your AD servers
- Configure the Dynatrace OneAgent EEC to run this extension with elevated
LOCAL SYSTEMaccount privileges. To achieve this, inC:ProgramData\dynatrace\oneagent\agent\config\extensionsuser.conffile on AD servers where the extension is intended to run, add a lineelevated_privileges_extensions=[com.dynatrace.extension.active-directory-python-unabridged:*]- Meaning of this line: elevated_privileges_extensions is a comma-separated list of extensions to run as
LOCAL SYSTEM(instead of the defaultLOCAL SERVICE). The format is:<extensionName>:<extensionVersion> - See Q&A section for more details on why the privileged mode is required.
- Activate this extension using the in-product Dynatrace Hub.
- In the extension configuration, enable it on your Active Directory hosts
- When asked on the extension's Active Directory Configuration screen, provide an API token with
entities.readandsettings.writescopes- You need to generate token on your Dynatrace tenant, in Menu > Access Tokens; make sure to give it with
entities.readandsettings.writescopes - Insert the Access Token into the
API keyconfiguration field
- You need to generate token on your Dynatrace tenant, in Menu > Access Tokens; make sure to give it with
- You may choose which feature sets you want to activate.
- Disable feature sets that are not relevant to your environment.
- This way you will avoid errors reported in the extension log, when the extension will try to retrieve metrics that are not available.
- See Q&A section for more details.
- Make sure that log monitoring is enabled to be able to efficiently troubleshoot the monitoring.
- Make sure to remove both Active Directory services and Active Directory extended monitoring extensions
- You don't need Active Directory services extension anymore, as this new extension delivers all metrics previously offered by the Active Directory services extension.
- You don't need Active Directory extended monitoring extension anymore, as this new extension delivers all metrics previously offered by the Active Directory extended monitoring extension.
- Note that if you keep the previous extensions intact, you may end up with double metric values.
Details
This extension is intended to work locally on the AD server. It executes:
- WMI queries to obtain metrics from the local WMI metrics store on the AD server where the extension runs.
- PowerShell snippets to access Windows registry and specific AD metrics available only through PowerShell. Several of these metrics map to metrics available through commonly used DCDIAG tool.
- API calls against the OS Service Monitoring, to report AD services availability
- Log ingestion of the AD services logs
Additionally, it delivers:
- Alert templates for time skew monitoring, database file space, ATQ thread usage and replication consistency
- Topology rules and screen definitions that weave this extension metrics into the host entities instantiated by the OneAgent that runs on AD servers
- Log ingest rules, applied on AD hosts, which further enable alerting on AD services-related issues logged into Windows logs system
- Log processing rules, which enrich logs ingested with a field that flag AD-related context where content pertains to AD services
- Log event extraction rules, which scan logs ingested for AD-related context and trigger alerts when log information carries potential AD issue or error information
Log ingest configured by this extension By default, this extension sets up log ingestion rules on hosts where it is installed. AD services logs are used to generate events and further alert on service anomalies and malfunctions.
You can disable log ingestion with a settings toggle in the extension configuration screen. Note that this setting does not control any other log ingestion rules that might have been configured on hosts where this extension has been activated.
Following log ingestion rules are being set up by this extension:
- Windows Event Log
- source is
- Active Directory Web Services
- DFS Replication
- Directory Service
- DNS Server
- and log record level is in (ERROR WARN CRITICAL SEVERE)
- source is
- Windows Log
- source is
- Windows Application Log
- Windows System Log,
- Security
- source is
And the following events from each event provider.
| Event Provider | Event IDs |
|---|---|
| Microsoft-Windows-ADFS | 102, 104, 111, 356, 385, 509, 546, 549, 1034, 1036 |
| Microsoft-Windows-Directory-Services-SAM | 12299, 16643 |
| Microsoft-Windows-Time-Service | 21, 34, 36 |
| DNSAPI | 11150, 11162, 11151, 11155, 11163, 11167, 11154, 11166, 11152, 11153, 11164, 11165 |
| Microsoft-Windows-Kerberos-Key-Distribution-Center | 6, 15, 17 |
| Microsoft-Windows-Security-Auditing | 1102, 4616, 4621, 4649, 4660, 4675, 4707, 4710, 4712, 4715, 4716, 4730, 4740, 4743, 4764, 4766, 4771, 4866, 4867, 4935, 5025, 5030, 5034, 5035, 5037, 5139, 5141, 5483, 5484, 6008, 6145 |
| Microsoft-Windows-CertificationAuthority | 0, 3, 5, 9, 16, 17, 19, 20, 21, 22, 23, 28, 33, 34, 35, 38, 39, 40, 42, 43, 44, 48, 49, 51, 59, 60, 63, 65, 74, 75, 78, 82, 83, 86, 87, 90, 92, 94, 95, 96, 98, 99, 100, 102, 106, 107, 130, 132 |
| Microsoft-Windows-OnlineResponder | 39, 60, 92 |
Compatibility information
- Only on-premises Active Directory deployments are supported
- OneAgent 1.305+ is required (elevated user permissions support is required)
- Azure AD is not supported
- This extension has been verified with Windows Server 2016, 2019, 2022
- Activate this extension locally on your AD hosts. Remote AD monitoring is not supported.
Q&A
Q: What is the DDU Consumption of this extension?
A: The formula for DDU consumption of the extension is:
( 67 * Number of Domain Controllers
+ (26 * Number of DNS Servers)
+ (11 * Number of DHCPv6 Servers)
+ (15 * Number of DHCPv4 Servers)
) * 525.6 DDUs/year
DDU cost above does not include log lines ingested any possible Log events or Custom events triggered by the extension. For more information on this, please visit the DDU log event cost and DDU custom event cost pages.
Q: I see this extension failing with an Error status in my environment?
A: Verify whether you have specific services running on your AD server. If a service is not running - disable feature set describing that service in the extension configuration. Example error text you may encounter:
**Cannot execute query: DHCPServerv6 on device ******** err:Exception occurred. (Invalid class )**
means you should disable the DHCPv6 feature set because your AD server does not run DHCPv6 service, so extension won't be able to obtain metrics for this service.
Q: Why I can't find NTLM Authentications and Kerberos Authentications metrics?
A: Windows Server 2022 brought a change to the metrics set returned by the Win32_PerfRawData_Lsa_SecuritySystemWideStatistics class. Because of this change, the AD extension is unable to report on "NTLM Authentications" and "Kerberos Authentications" metrics and these metrics have been removed from the extension. Consequently, these metrics won't be reported also when this extension is activated on earlier Windows servers. More information on this change and reasons behind it can be found on Microsoft KB pages.
Q: Does this extension collect KPIs available from DCDIAG?
A: Equivalents of the DCDIAG KPIs are available in Dynatrace:
- NTDS Service - monitored through OneAgent OS Service Monitoring
- Services - monitored through OneAgent OS Service Monitoring
- Replications - similar data is available through parsing of the
repadminoutputs, in this extension - FSMO KnowsOfRoleHolders - can be found as part of the FSMO role holder ping/LDAP metrics
- Advertising - delivered by the FSMO role holder consistency metric
Q: Why do I need to enable elevated privileges for this extension if OneAgent already runs under LocalSystem?
A: Although OneAgent typically runs as LocalSystem account, Python extensions run as LocalService. The LocalService account has the minimum privileges on the local computer, which means it can't run PowerShell snippets that read AD performance counters, access WMI objects that store AD metrics, or run AD-specific cmdlets like repadmin and dcdiag. Therefore, OneAgent needs to be explicitly instructed to run this extension with LocalSystem privileges.
Q: What is the Dynatrace API token used for?
A: API token is required to enable integration of the AD-related log ingestion and the OS service monitoring with out of the box host-level reporting. No metrics are ingested using the API token. API token is used to allow the services to be seen on the Dynatrace Host UA screen and the logs on the AD Instance UA screen.
Q: What do I need OS Service Monitoring for?
A: The extension utilizes the API token to add entries into the OneAgent's OS Service Monitoring. The OneAgent will ingest availibility metrics and alerts so you know when a critical service is down. In some cases log events can refer to the OS Service which emitted the event.
Q: Why is the extension invoking net.exe process periodically?
A: Complete replication status reporting requires information on the SYSVOL share availability on the domain controller. SYSVOL is where all the GPOs (Group Policy Objects) and on-event scripts are located to be shared by all DCs in the domain. If SYSVOL wasn't mounted the DC wouldn't be able to pull GPOs and if users have any on-logon scripts they also wouldn't be run. Extension runs net view command to check availability of the SYSVOL share, which is reported in the SYSVOL Health metric.
Extension content
Content typeNumber of items included
alerts
4
screen injections
1
screen dql table
26
document dashboard
1
metric metadata
127
screen layout
26
generic relationship
25
screen entities lists
14
generic type
13
screen properties
12
screen message cards
20
dashboards
1
metric query
4
screen chart groups
58
Feature sets
Below is a complete list of the feature sets provided in this version. To ensure a good fit for your needs, individual feature sets can be activated and deactivated by your administrator during configuration.
Feature setsNumber of metrics included
| Metric name | Metric key | Description | Unit |
|---|---|---|---|
| DFS Replication conflict files size | active-directory.dfs.server.replicatedfolders.conflictspaceinuse.bytes.total | Total byte size of DFS replication service of conflict files | Byte |
| DFS Replication deleted files size | active-directory.dfs.server.replicatedfolders.deletedspaceinuse.bytes.total | Total byte size of DFS replication service of the deleted files | Byte |
| DFS Replication staging folder size | active-directory.dfs.server.replicatedfolders.stagingspaceinuse.bytes.total | Total byte size of DFS replication service of staging folder | Byte |
| DFS redundant file replication update records | active-directory.dfs.server.replicatedfolders.updates.dropped | Number of redundant file replication update records | Count |
| DFS retried file installs | active-directory.dfs.server.replicatedfolders.fileinstalls.retried | Number of retried file installs | Count |
| Metric name | Metric key | Description | Unit |
|---|---|---|---|
| DHCP received requests/s | active-directory.dhcp.server.requests.persec | Rate of DHCP requests received by the DHCP server | PerSecond |
| DHCP received releases/s | active-directory.dhcp.server.releases.persec | Rate of DHCP releases received by the DHCP server | PerSecond |
| DHCP received declines/s | active-directory.dhcp.server.declines.persec | Rate of DHCP declines received by the DHCP server | PerSecond |
| DHCP failover ack messages received/s | active-directory.dhcp.server.failover.bndack.received.persec | Number of DHCP failover Binding Ack messages received | PerSecond |
| DHCP failover ack messages sent/s | active-directory.dhcp.server.failover.bndack.sent.persec | Number of DHCP failover Binding Ack messages sent | PerSecond |
| DHCP binding updates dropped | active-directory.dhcp.server.failover.bndupd.dropped | Number of binding updates dropped | Count |
| DHCP failover update pending messages | active-directory.dhcp.server.failover.bndupd.pendinginoutbound.queue | Number of pending outbound DHCP failover Binding Update messages | Count |
| DHCP failover update messages received/s | active-directory.dhcp.server.failover.bndupd.received.persec | Number of DHCP failover Binding Update messages received | PerSecond |
| DHCP failover update messages sent/s | active-directory.dhcp.server.failover.bndupd.sent.persec | Number of DHCP failover Binding Update messages sent | PerSecond |
| Metric name | Metric key | Description | Unit |
|---|---|---|---|
| ESENT Database I/O reads rate (Local Security Authority) | active-directory.lsass.esent.database.io.reads.persec.count | Number of ESENT Database I/O reads per second for the Local Security Authority | PerSecond |
| ESENT Database I/O read latency (Local Security Authority) | active-directory.lsass.esent.database.io.reads.latency.avg.count | ESENT Database I/O read latency for the Local Security Authority | MilliSecond |
| ESENT Database I/O writes rate (Local Security Authority) | active-directory.lsass.esent.database.io.writes.persec.count | Number of ESENT Database I/O writes per second for the Local Security Authority | PerSecond |
| ESENT Database I/O write latency (Local Security Authority) | active-directory.lsass.esent.database.io.writes.latency.avg.count | ESENT Database I/O write latency for the Local Security Authority | MilliSecond |
| ESENT Log I/O reads rate (Local Security Authority) | active-directory.lsass.esent.log.io.reads.persec.count | Number of ESENT Database log I/O reads per second for the Local Security Authority | PerSecond |
| ESENT Log I/O read latency (Local Security Authority) | active-directory.lsass.esent.log.io.reads.latency.avg.count | ESENT Log I/O read latency for the Local Security Authority | MilliSecond |
| ESENT Log I/O writes rate (Local Security Authority) | active-directory.lsass.esent.log.io.writes.persec.count | Number of ESENT Database log I/O writes per second for the Local Security Authority | PerSecond |
| ESENT Log I/O writes latency (Local Security Authorityy) | active-directory.lsass.esent.log.io.writes.latency.avg.count | ESENT Log I/O writes latency for the Local Security Authority | MilliSecond |
| Metric name | Metric key | Description | Unit |
|---|---|---|---|
| DHCP received renews/s v6 | active-directory.dhcp.server.v6.renews.persec | Rate of DHCP renews received by the DHCP Server v6 | PerSecond |
| DHCP received releases/s v6 | active-directory.dhcp.server.v6.releases.persec | Rate of DHCP releases received by the DHCP Server v6 | PerSecond |
| DHCP received declines/s v6 | active-directory.dhcp.server.v6.declines.persec | Rate of DHCP declines recevied by the DHCP Server v6 | PerSecond |
| DHCP received requests/s v6 | active-directory.dhcp.server.v6.requests.persec | Rate of DHCP requests received by the DHCP Server v6 | PerSecond |
| DHCP received solicits/s v6 | active-directory.dhcp.server.v6.solicits.persec | Rate of DHCP solicits received by the DHCP Server v6 | PerSecond |
| DHCP received rebinds/s v6 | active-directory.dhcp.server.v6.rebinds.persec | Rate of DHCP rebinds received by the DHCP Server v6 | PerSecond |
| Metric name | Metric key | Description | Unit |
|---|---|---|---|
| DHCP Scope Delay v4 | active-directory.dhcp.server.scope.delay | DHCP Scope Delay v4 in milliseconds | MilliSecond |
| DHCP Scope Addresses Free v4 | active-directory.dhcp.server.scope.addresses.free | Number of DHCPv4 scope addresses free | Count |
| DHCP Scope Addresses Used v4 | active-directory.dhcp.server.scope.addresses.used | Number of DHCPv4 scope addresses used | Count |
| DHCP Scope Addresses Reserved v4 | active-directory.dhcp.server.scope.addresses.reserved | Number of DHCPv4 scope addresses reserved | Count |
| Percent of DHCP Scope Addresses Used v4 | active-directory.dhcp.server.scope.addresses.used.pct | Percent of DHCPv4 scope addresses used | Percent |
| DHCP Scope Pending Offers v4 | active-directory.dhcp.server.scope.pending.offers | Number of DHCPv4 scope pending offers | Count |
| Metric name | Metric key | Description | Unit |
|---|---|---|---|
| Good Network Adapter Count | active-directory.network.goodadapter.total | The number of enabled network adapters that can ping the Domain DNS Server. | Count |
| Bad Network Adapter Count | active-directory.network.badadapter.total | The number of enabled network adapters that cannot ping the Domain DNS Server. | Count |
| Total Network Adapter Count | active-directory.network.adapter.total | The total number of enabled network adapters. | Count |
| Metric name | Metric key | Description | Unit |
|---|---|---|---|
| LDAP Binds | active-directory.ldap.server.ldapbindtime.binds.persec | Time spent to complete LDAP bindings | MilliSecond |
| LDAP Successful Binds | active-directory.ldap.server.ldapsuccessfulbinds.persec | Successful binds per second | PerSecond |
| LDAP Writes per second | active-directory.ldap.server.ldapwrites.persec | The rate at which LDAP clients perform write operations | PerSecond |
| LDAP UDP Operations per second | active-directory.ldap.server.ldapudpoperations.persec | The number of User Datagram Protocol (UDP) operations that the LDAP server is processing per second | PerSecond |
| LDAP Active threads total | active-directory.ldap.server.ldapactivethreads.total | The current number of threads in use by the LDAP subsystem of the local directory service | Count |
| LDAP Client Sessions | active-directory.ldap.server.ldapclientsessions.total | The number of sessions of connected LDAP clients | Count |
| LDAP Searches per second | active-directory.ldap.server.ldapsearches.persec | The number of search operations per second performed by LDAP clients | PerSecond |
| LDAP Bind Time | active-directory.ldap.server.bindtime.millis | Time taken to bind to the fsmo role holder using LDAP | MilliSecond |
| LDAP Bind Availability | active-directory.ldap.bind.availability | Whether or not the domain controller can bind to the domain DNS server | Count |
| Metric name | Metric key | Description | Unit |
|---|---|---|---|
| Shared Resource Available | active-directory.replication.shared.available | Percentage of replication shared resources that are available | Percent |
| Replication - Destination Delta | active-directory.replication.destination.delta | Replication time delta between this server and the destination server. | Second |
| Replication - Source Delta | active-directory.replication.source.delta | Replication time delta between this server and the source server. | Second |
| Replication - Destination Errors | active-directory.replication.destination.errors | Replication errors between this server and the destination server. | Count |
| Replication - Source Errors | active-directory.replication.source.errors | Replication errors between this server and the source server. | Count |
| Metric name | Metric key | Description | Unit |
|---|---|---|---|
| Kerberos Replication Partner Count | active-directory.replication.partner.count | Kerberos replication partners count in Active Directory domain | Count |
| Replication Queue Count | active-directory.replication.queue.count | Count of items in replication queue by Active Directory Domain Controller monitor | Count |
| Global Catalog Search Response Time | active-directory.globalcatalog.searchtime.millis | Global catalog search response time of Domain Controller | MilliSecond |
| Replication Consistency Status | active-directory.replication.consistency.status | Whether or not strict replication consistency is enabled | Count |
| Time Skew in seconds | active-directory.timeskew.secs | Time difference between the local domain controller and a target domain controller | Second |
| Lost and Found Objects | active-directory.lostandfound.object.count.total | Count of lost and found objects by Active Directory Domain monitor | Count |
| FSMO Role Holder Consistency | active-directory.fsmoroleholder.consistency | Whether or not the domain controllers agree on who the FSMO role holders are | Count |
| FSMO Check | active-directory.fsmo.check | Contains a 'message' dimension about whether or not the correct services can be found from the domain controller | Count |
| SYSVOL Health | active-directory.sysvol.health | The SYSVOL share's health | Count |
| Metric name | Metric key | Description | Unit |
|---|---|---|---|
| Used processor time | active-directory.server.host.cpu.time.processor | Percent of used processor time | Percent |
| Idle processor time | active-directory.server.host.cpu.time.idle | Percent of idle processor time | Percent |
| User processor time | active-directory.server.host.cpu.time.user | Percent of user processor time | Percent |
| Number of Logical Processors | active-directory.server.host.cpu.logical.processors | Number of Logical Processors | Count |
| Service processor time | active-directory.service.cpu.time | Percent of processor time spend on a service | Percent |
| Metric name | Metric key | Description | Unit |
|---|---|---|---|
| NTLM Binds per second | active-directory.lsass.server.ntlm.binds.persec.count | Average NTLM binds per second | PerSecond |
| Metric name | Metric key | Description | Unit |
|---|---|---|---|
| DHCP Scope Addresses Free v6 | active-directory.dhcp.server.v6.scope.addresses.free | Number of DHCPv6 scope addresses free | Count |
| DHCP Scope Addresses Used v6 | active-directory.dhcp.server.v6.scope.addresses.used | Number of DHCPv6 scope addresses used | Count |
| DHCP Scope Addresses Reserved v6 | active-directory.dhcp.server.v6.scope.addresses.reserved | Number of DHCPv6 scope addresses reserved | Count |
| Percent of DHCP Scope Addresses Used v6 | active-directory.dhcp.server.v6.scope.addresses.used.pct | Percent of DHCPv6 scope addresses used | Percent |
| DHCP Scope Pending Advertises v6 | active-directory.dhcp.server.v6.scope.pending.advertises | Number of DHCPv6 scope pending advertises | Count |
| Metric name | Metric key | Description | Unit |
|---|---|---|---|
| DRA Successful synch requests total | active-directory.dra.server.drasynchrequestssuccessful.total | Number of successful DRA synchronization requests | Count |
| DRA Synch requests total | active-directory.dra.server.drasynchrequestsmade.total | Number of total DRA synchronization requests made | Count |
| Metric name | Metric key | Description | Unit |
|---|---|---|---|
| Disk Free Space | active-directory.database.diskfree.total | Free disk space of the disk containing the database file. | Byte |
| Total Disk Space | active-directory.database.disk.total | Total disk space of the disk containing the AD database file. | Byte |
| Disk Free Space Percentage | active-directory.database.diskfree | Percent of free disk space of the disk containing the database file. | Percent |
| Metric name | Metric key | Description | Unit |
|---|---|---|---|
| Network Login Profile logons | active-directory.network.login.logons.count | Number of network logons on the network login profile | Count |
| Number of logons | active-directory.network.logons.total.count | Number of network logons | Count |
| Logons per second | active-directory.network.logons.persec.count | Number of network logons per second | PerSecond |
| Metric name | Metric key | Description | Unit |
|---|---|---|---|
| DFS received bytes/s | active-directory.dfs.server.replicationconnections.bytesreceived.persec | Average number of received bytes per second | BytePerSecond |
| DFS bytes received on connection | active-directory.dfs.server.replicationconnections.bytesreceived.total | Total number of bytes received on the connection | Byte |
| DFS files received on connection | active-directory.dfs.server.replicationconnections.filesreceived.total | Number of files that were received on the connection | Count |
| Metric name | Metric key | Description | Unit |
|---|---|---|---|
| Database adds per second | active-directory.database.adds.persec.count | Number of Active Directory Database adds per second | PerSecond |
| Database modifies per second | active-directory.database.modifies.persec.count | Number of Active Directory Database modifies per second | PerSecond |
| Database deletes per second | active-directory.database.deletes.persec.count | Number of Active Directory Database deletes per second | PerSecond |
| Database recycles per second | active-directory.database.recycles.persec.count | Number of Active Directory Database recycles per second | PerSecond |
| Metric name | Metric key | Description | Unit |
|---|---|---|---|
| ATQ Outstanding queued requests total | active-directory.atq.server.atqoutstandingqueuedrequests.total | Current number of requests in the queue | Count |
| ATQ Estimated queue delay | active-directory.atq.server.atqestimatedqueuedelay.persec | How long a request has to wait in the queue | Second |
| ATQ Request latency | active-directory.atq.server.atqrequestlatency.persec | Time it takes to produce a request | Second |
| ATQ Threads LDAP total | active-directory.atq.server.atqthreadsldap.total | The number of threads used by the LDAP server as determined by LDAP policy | Count |
| ATQ Threads Other total | active-directory.atq.server.atqthreadsother.total | The number of threads used by the other services | Count |
| ATQ Threads total | active-directory.atq.server.atqthreadstotal.total | All Threads currently allocated | Count |
| ATQ Average Thread Usage | active-directory.atq.server.average.thread.usage | Average usage of threads in Domain Controller ATQ | Percent |
| Metric name | Metric key | Description | Unit |
|---|---|---|---|
| DNS dynamic update queued requests | active-directory.dns.server.dynamicupdate.queued.total.count | Total number of dynamic update requests queued by the DNS server | Count |
| DNS caching memory | active-directory.dns.server.caching.memory.total | Total caching memory used by DNS server | Byte |
| DNS database node memory | active-directory.dns.server.databasenode.memory.total | Total database node memory used by DNS server | Byte |
| DNS Nbstat memory | active-directory.dns.server.nbstat.memory.total | Total Nbstat memory used by DNS server | Byte |
| DNS TCP message memory | active-directory.dns.server.tcpmessage.memory.total | Total TCP message memory used by DNS server | Byte |
| DNS dynamic update requests | active-directory.dns.server.dynamicupdate.received.total.count | Total number of dynamic update requests received by the DNS server | Count |
| DNS rejected dynamic updates | active-directory.dns.server.dynamicupdate.rejected.total.count | Total number of dynamic updates rejected by the DNS server | Count |
| DNS dynamic update timeouts | active-directory.dns.server.dynamicupdate.timeouts.total.count | Total number of dynamic update timeouts of the DNS server | Count |
| DNS written dynamic updates | active-directory.dns.server.dynamicupdate.writtentodatabase.total.count | Total number of dynamic updates written to the database by the DNS server | Count |
| DNS empty dynamic update requests/s | active-directory.dns.server.dynamicupdate.nooperation.persec | Average number of No-operation/Empty dynamic update requests per second | PerSecond |
| DNS dynamic update requests/s | active-directory.dns.server.dynamicupdate.received.persec | Average number of dynamic update requests received by the DNS server per second | PerSecond |
| DNS written dynamic updates/s | active-directory.dns.server.dynamicupdate.writtentodatabase.persec | Average number of dynamic updates written to the database by the DNS server per second | PerSecond |
| DNS recursive queries/s | active-directory.dns.server.recursive.queries.persec | Average number of recursive queries received by DNS server per second | PerSecond |
| DNS recursive query failures/s | active-directory.dns.server.recursive.queryfailure.persec | Average number of recursive query failures per second | PerSecond |
| DNS recursive query timeouts/s | active-directory.dns.server.recursive.timeout.persec | Average number of recursive query sending timeouts per second | PerSecond |
| DNS secure update requests | active-directory.dns.server.secureupdate.received.total | Total number of secure update requests received by the DNS server | Count |
| DNS failed secure updates | active-directory.dns.server.secureupdate.failure.total | Total number of secure updates failed of the DNS server | Count |
| DNS secure update requests/s | active-directory.dns.server.secureupdate.received.persec | Average number of secure update requests received by the DNS server per second | PerSecond |
| DNS TCP responses/s | active-directory.dns.server.tcpresponse.sent.persec | Average number of TCP responses sent by DNS server per second | PerSecond |
| DNS queries received/s | active-directory.dns.server.totalquery.received.persec | Average number of queries received by DNS server per second | PerSecond |
| DNS responses sent/s | active-directory.dns.server.totalresponse.sent.persec | Average number of responses sent by DNS server per second | PerSecond |
| DNS UDP queries received/s | active-directory.dns.server.udpquery.received.persec | Average number of UDP queries received by DNS server per second | PerSecond |
| DNS UDP responses sent/s | active-directory.dns.server.udpresponse.sent.persec | Average number of UDP responses sent by DNS server per second | PerSecond |
| - | active-directory.dns.server.unmatchedresponses.received.count | - | - |
| DNS failed zone transfers | active-directory.dns.server.zonetransfer.failure.total | Total number of failed zone transfers of the master DNS server | Count |
| DNS successful zone transfers | active-directory.dns.server.zonetransfer.success.total | Total number of successful zone transfers of the master DNS server | Count |
Full version history
To have more information on how to install the downloaded package, please follow the instructions on this page.
ReleaseDate
Full version history
Patch level changes:
- Fixed bugs preventing ATQ, DRA, Network and NTLM metrics collection under certain conditions.
- Fixed the query collecting the active-directory.service.cpu.time metric.
- Fixed a bug preventing tasks from being submitted under a local service account.
Full version history
⚠️IMPORTANT CHANGE: This extension release requires Dynatrace cluster version 1.310 or later.
New features:
- Added the Dynatrace Platform (a.k.a. Gen3) dashboard
Full version history
New features:
- This extension replaces previously available Active Directory monitoring extensions.
It supersedes both Active Directory services and Active Directory extended monitoring extensions.
- You don't need Active Directory services extension anymore, as this new extension delivers all metrics previously offered by the Active Directory services extension.
- You don't need Active Directory extended monitoring extension anymore, as this new extension delivers all metrics previously offered by the Active Directory extended monitoring extension.
Note that this is a Breaking change for those previously available extensions. Revisit any metric alerts and dashboards you've created using AD metrics provided by the previously used extensions. You may need to replace previously used metrics with the new ones, as some metrics might have their IDs changed.
