Application Security writes to the following existing Dynatrace log files:
- The OneAgent Java code module log
- The Dynatrace Cluster server log and debug log
See below how you can fix potential issues regarding Application Security.
When you select Security from the Dynatrace menu, if you don't see a list of vulnerabilities, Application Security is either not activated or not enabled.
- If the Security page displays Runtime Vulnerability Detection, with the About, Gallery, Use cases, and Supported distributions sections, the Application Security feature isn't activated. To activate Application Security, contact a Dynatrace product specialist via in-product chat or speak to your account executive.
- If the Security page displays Enable settings to unlock full potential with an option to Activate settings, the Application Security feature is activated but not enabled. To enable Application Security, see Enable Application Security.
Check your management zones filter and the timeframe selector.
Check your firewall rules. This issue can be diagnosed via the JMX metrics and fixed by ensuring that the server process can access the Mission Control endpoint
A vulnerability might be identified incorrectly. Possible reasons for false positives include:
- The extracted information from the software component isn't correct and a wrong library was identified (for example, due to wrong information in the
- The identified version of the library has a version string (or a well-known identifier) that was incorrectly parsed or compared.
If you see any false positive results, please open a support ticket to help us improve Application Security monitoring.
Vulnerabilities can be missing if, for example, libraries aren't shipped with a
If the Java application process appears to be affected by Application Security, please open a support ticket.