This page introduces the default communication layer used by AppMon components, and provides access to information about configuring the settings needed to deploy AppMon into a networked environment.
The communication layer handles data transmission between AppMon components, which includes the Agent, Collector, Server, Frontend Server, and Client. The communication layer compresses, encrypts and authenticates and provides optimal performance and high throughput.
This table shows the default communication ports used for communication between AppMon components.
|Components to connect||Port non-SSL||Port SSL or e. HTTP||Protocol||Comment|
|Client to frontend server||2021||TCP||For AppMon 6.5 and later, non-SSL connections are no longer supported.|
|Client to Frontend Server||8023||HTTP||Tunnel using HTTP. Sent data is by default encrypted.|
|Frontend Server to Server||2031||TCP||The communication port between the Frontend Server and the Backend Server.|
|Collector to Server||(6698)||6699||TCP||For AppMon 6.5 and later, non-SSL connections are no longer supported. For compatibility reasons with pre-6.5 collectors the 6698 plain port is still available and must be activated using the Client running in debug mode.|
|Collector to Server||8033||HTTP||Tunnel using HTTP. Sent data is by default encrypted.|
|Collector to Server||8040||8041||HTTP(S)||For HTTP-based Agent connections1|
|Agent to Collector||9998||9998||TCP||Also applies to demo scenarios with Server-embedded Collector.|
|Agent to Collector||8042||8043||HTTP(S)||The Node.js Agent uses this connection.1|
|Memory Analysis Server to Server||7788||TCP||For AppMon 6.5 and later, non-SSL connections are no longer supported.|
|Browser to Server||8020||8021||HTTP(S)||Web interface for RESTful Server administration, to start the Webstart Client.|
|AppMon Web to Frontend Server||9911||HTTPS||Port on which browser-based dashboards get their data.|
|Web Server Slave Agent to Web Server Master Agent||8001||UDP||The UDP port on which the Web Server Master Agent should listen for data packets of the Web Server Slave Agent|
1 These ports are used for the Node.js Agent (Linux only) to connect the Collector to the Server. There is no UI to change them. Edit communication port in
Ensure that your firewall configuration allows communication between the components.
For performance reasons, do not pass communication between the AppMon Agent and the Collector through firewalls. Place a Collector as close as possible to Agents.
Set up AppMon Server communication
You can configure most AppMon Server connections using the AppMon Client. Select Settings > Dynatrace Server > Services.
For machines with multiple network interface cards, the Server can be bound to a specific network adapter. This is useful when you want to disallow connections from other connected networks. To do this, enter the optional bind address next to the service port you want to restrict. Both host name and IP address work. You can specify bind address for both Client connections and Collector connections to the AppMon Server.
By default, AppMon Server also uses the machine's DNS hostname, which may be ambiguous or unacceptable. To manually specify a name for the AppMon Server, stop the AppMon Server service, then edit the
DT_HOME/server/conf/server.config.xml file. Modify the
name attribute of the
server tag (XPath:
/dynatrace/serverconfig/settings/server/@name). Save your changes and start the AppMon Server.
<settings> ... <server tunnelenabled="true" tunneladdress="" tunnelport="8023" upperdeletiontriggerlimitenabled="false" upperdeletiontriggerlimit="51200" lowerdeletiontriggerlimit="1024" eventstatistics="false" id="12345678" jmxexportmanagement="false" jmxexportmonitoring="false" jmxport="1099" name="MyNewHostName" watchdogtimeout="10" selfmonitoringenabled="true" hascollector="true" /> ... </settings>
Make a backup copy of this file before you edit.
If a configured port is already in use, or cannot be bound for any other reason, the Server restart fails. You must manually change the port to a free port. To do this, edit the corresponding attribute in the
server.config.xml file in
settings tag (for example, XPath) specifies the ports for the single components:
- AppMon Client:
- AppMon Collector:
- AppMon Memory Analysis Server:
Set up AppMon Client connections
Two set of parameters are responsible for the Client to Server connections:
- Client side settings: the Client uses them to connect to the Server.
- Server side settings: the Server uses them to listen for the Client.
Non-SSL connections are not allowed for Client to Server connections.
Client side settings
To connect the Client to the Server you must specify host/IP and port. Use Settings > Dynatrace Server > Connectivity if you need to make changes to the default Client connection settings.
The connection types are as follows:
- Default: The default connection is SSL encrypted and compressed.
- HTTP Tunnel: The HTTP Tunnel uses only HTTP traffic between the AppMon Client and the AppMon Server. Use this setting if restrictive firewalls are in use and/or if reverse proxies must forward the traffic.
- Via Proxy: You can specify a forward proxy with this setting. Use this setting if a forward proxy (HTTP Connect) must forward the traffic.
- HTTP Tunnel Via Proxy: This connection style combines the HTTP tunnel with the ability to specify a forward proxy. Use this setting if the traffic must be routed through a proxy chain that consists of forward and reverse proxies.
For changes to take effect, the Server must be restarted.
Server side settings
Use Settings > Dynatrace Server > Services > General > Client Connection Settings. Here you can specify the port where the Server listens for the Client; enable HTTP tunnel connections, and specify the port for such a connection.
For changes to take effect, the Server must be restarted.
Set Up AppMon Collector communication
Once a Collector is connected to the AppMon Server, you can change Collector connection settings such as the Server port to connect to or listen for, at the General tab of the Services item from the Dynatrace Server Settings dialog box.
You can specify communications settings in the configuration file. See Collector configuration file to learn how.
Secure connections (SSL)
For AppMon 6.5 and later, only SSL connections for Collector to Server connections. For compatibility, any pre 6.5 Collector wanting to connect to the Server can use the plain Server port. To enable that port, select the Allow non-SSL connections check box. This starts the plain Collector port on the next restart of the Server.
Non-SSL communication is not available in AppMon 6.5 and later.
Set up Server-embedded Collector connections
Only demo or POC environments can use the Server-embedded Collector and are allowed to bypass the stand-alone Collector and directly connect Agents to the AppMon Server.
So by default, the Allow Agent Connections to Dynatrace Server check box is not selected, which closes this port on the Server.
Set up built-in webserver connections
The AppMon Server has a built-in web server that offers SOAP/REST web services for automation and the remote installation of AppMon Clients using Java Web Start. You can also use JMX to monitor AppMon Server and AppMon Client internals. This is similar to the SOAP/REST web services. All related settings are available in the Management tab of the Services item.
The AppMon Server requires sufficient user privileges, depending on the automation operation.
Set up Webstart Client communication
Use settings in the Webstart tab of the Services item to set up the connection between the Webstart Client and the AppMon Server. See Configure Webstart Client for more information.
Set up E-mail communication
See Email configuration for more information.
Set up AppMon Memory Analysis Server communication
Use the Dynatrace Memory Analysis Server tab of the Services item to configure the connection settings to the AppMon Memory Analysis Server. See Set up a Memory Analysis Server for more information.
Setup AppMon Web communication
See server.config.xml to configure communication ports for AppMon Web.