Monitoring rules - Code-level Vulnerability Analytics

Code-level Vulnerability Analytics rules override the global code-level vulnerability detection control.

Prerequisites

In the Dynatrace menu, go to Settings and select Application security > Vulnerability Analytics > Monitoring rules: Code-level.
Select Add new rule.
Define the criteria for this rule:
- Select or enter a process group to which you want to apply this configuration.
- Leave empty if you want the rule to apply to any supported process groups.
Specify how to control a vulnerability that matches the rule criteria:
- Do not monitor – Code-level vulnerabilities for the selected process group are ignored.
- Monitor – Code-level vulnerabilities for the selected process group are reported.
Optionally, add a comment.
Select Save changes.

You can edit, disable, enable, or remove rules at any time.

Monitoring rules are ordered; the first matching rule applies.

What happens if I change the order of the rules?
- The first matching rule applies.
What happens if a Do not monitor rule that applies gets added?
- New vulnerabilities for the processes that match the rule won't be created.
- Existing vulnerabilities that only relate to matching processes are resolved.
What happens if a Do not monitor rule is deleted or doesn't apply anymore?
- New vulnerabilities for the processes that match the rule will be created.
- Related resolved vulnerabilities are reopened.