• Home
  • Platform modules
  • Application Security
  • Vulnerability Analytics
  • Code-level vulnerabilities
  • Monitoring rules - Code-level Vulnerability Analytics

Monitoring rules - Code-level Vulnerability Analytics

Code-level Vulnerability Analytics rules override the global code-level vulnerability detection control.

Prerequisites

Enable Code-level Vulnerability Analytics.

Create custom monitoring rules

  1. In the Dynatrace menu, go to Settings and select Application security > Vulnerability Analytics > Monitoring rules: Code-level.
  2. Select Add new rule.
  3. Define the criteria for this rule:
    • Select or enter a process group to which you want to apply this configuration.
    • Leave empty if you want the rule to apply to any supported process groups.
  4. Specify how to control a vulnerability that matches the rule criteria:
    • Do not monitor – Code-level vulnerabilities for the selected process group are ignored.
    • Monitor – Code-level vulnerabilities for the selected process group are reported.
  5. Optionally, add a comment.
  6. Select Save changes.

You can edit, disable, enable, or remove rules at any time.

Note: Monitoring rules are ordered; the first matching rule applies.

FAQ

  • What happens if I change the order of the rules?
    • The first matching rule applies.
  • What happens if a Do not monitor rule that applies gets added?
    • New vulnerabilities for the processes that match the rule won't be created.
    • Existing vulnerabilities that only relate to matching processes are resolved.
  • What happens if a Do not monitor rule is deleted or doesn't apply anymore?
    • New vulnerabilities for the processes that match the rule will be created.
    • Related resolved vulnerabilities are reopened.