Can I use a single private Security Gateway for multiple environments?

For customers who use multiple monitoring environments, it can be cumbersome to set up and maintain multiple private Security Gateways. Therefore, Dynatrace offers the option of manually re-configuring a private Security Gateway to support multiple environments. This significantly reduces maintenance and setup overhead. Thanks to this feature, you don't need to deploy multiple Security Gateways and adjust firewall settings for each Security Gateway installation.

Such multi-environment Security Gateways are capable of handling all traffic from the environments they are associated with.

To configure an existing Security Gateway for multi-environment support:

Create a file called that lists each Dynatrace environment you want the Security Gateway to support. Use the following format:

tenant = <tenant1_ID>;<tenant1_token>
tenant = <tenant2_ID>;<tenant2_token>

Where the tenant_ID corresponds to environment ID. For security reasons, you can no longer find the tenant_token in the Dynatrace web UI.

Save the file to the following folder:

on Linux: /var/lib/dynatace/gateway/config
on Windows %ProgramData%\dynatrace\gateway\config

Restart the Security Gateway.


All environments that are to be supported by the same Security Gateway must run on the same cluster. If your Security Gateway configuration for multiple environments fails, please contact Support.

On Linux, <conf_dir>/ is deleted during Security Gateway update. Therefore, when updating Security Gateway:

  1. Make a copy of the file.
  2. Update Security Gateway.
  3. Stop Security Gateway.
  4. Restore the file.
  5. Start Security Gateway.