Dynatrace NAM captures performance metrics from the network by sniffing wire data traffic. NAM offers the ability to identify and track each client IP address and optionally look into the user session, including URLs accessed and user name submitted. This information is needed to monitor performance, provide high-quality service monitoring, and quickly resolve issues when problems are detected.
What NAM does with personal data
- NAM mainly captures a client IP address as required for network performance management. NAM can be configured to capture URLs, user names, and other personal data to provide better detail about user sessions that experience performance problems.
- NAM tracks user activity over the network, but it doesn't record or track personal data such as birth dates, social security numbers, credit card numbers, pictures, and social preferences (unless explicitly configured to do so). This is because Dynatrace products are focused on clicks, response times, and service communication, not specific input values.
- Collected data ages out and is automatically deleted over time, typically within a few weeks, so the EU citizen's right to erasure is handled by default.
How safe is the personal client information?
personal information (such as passwords and credit card numbers) is not analyzed or recorded by the NAM Probe, depending on the configuration settings. When the NAM Probe analyzes the HTTP request/response body information, it has an insight into personal data however, this data is not recorded unless you intentionally configure the NAM Probe to do so. If the recording is necessary (e.g., for the purpose of HTTP request body content analysis), recorded data can be irreversibly masked.
In a scenario where the NAM Probe is configured to store header data (see Sequenced Transactions and Header Data) on disk including:
- Request header
- Request parameters (from URL)
- POST data
- POST data (raw)
- Request cookie in the HTTP request section
- Response header
- Response cookie in HTTP response section
The data is stored in
The NAM Probe discards the packets and all the information contained therein other than the performance and availability metrics immediately after the packet has been processed.
User identity (login name) tracking and storage is optional. If required, Network Application Monitoring can be configured so that no per-client information is captured or stored at all. The information is then aggregated per server, per page (URL), and per network location, with no possibility to trace it back to an individual user.
NAM does not store full information on client transactions, and it controls user access to the information through access rights management. NAM does not store the information. However, if configured to do so it can be stored in a single irreversibly masked form. As a result, there is no threat of a malicious user escalating access rights to acquire personal information stored in the system.