Configure ActiveGate
Whenever you need to configure an ActiveGate setting (for example, proxy, port, or memory dumps), do this in the custom.properties file and then restart ActiveGate. The custom.properties file is located in the ActiveGate configuration directory.
The custom.properties file is preserved during ActiveGate upgrade; it's copied in its entirety from your existing installation to the new one.
Keep in mind that custom.properties takes precedence over config.properties. Therefore, if a setting occurs in both files, the value of the setting in the custom.properties file will take precedence. Also, command line settings (if any) take precedence over those stored in custom.properties.
Restart required
If you modify the custom.properties file, restart the ActiveGate to put your changes into effect.
The ActiveGate properties that you can configure are described in the following tables. These properties are applicable for both Environment ActiveGates and Cluster ActiveGates.
Section: [dbAgent]
To use Database insights both flags in the [dbAgent] section must be set to true.
| Property | Default value |
|---|---|
dbAgent_enabled |
true |
Section: [connectivity]
| Property | Default value | Description |
|---|---|---|
dnsEntryPoint |
unset | Define the entry point for the ActiveGate (for example, https://sg1.mydomain.com:9999). Via this URL, the ActiveGate is accessed by Dynatrace OneAgent. If not set, an auto-detected endpoint will be used. This entry can be used if the ActiveGate is accessed via, for example, an external IP address or load balancer. Depending on your ActiveGate deployment, make sure you use the right prefix, http or https, otherwise your OneAgents won't be able to connect. |
Section: [com.compuware.apm.webserver]
| Property | Default value | Description |
|---|---|---|
port-ssl |
9999 |
The port where the ActiveGate listens for traffic from OneAgent—used for HTTPS connection. If you need to change the port value, see custom Plugin Module configuration |
port |
unset | The port where the ActiveGate listens for traffic from OneAgent—used for HTTP connection. It is disabled by default. On Linux, a value > 1024 is recommended, to ensure no root privileges are required. |
ssl-protocols |
TLSv1.2 |
Supported SSL protocols. Can be one or a list of the following values:TLSv1, TLSv1.1, TLSv1.2 |
excluded-ciphers |
unset | List of additionally excluded ciphers (ciphers are defined by a substring matching at least a part of the cipher name, for example _DHE_) |
ActiveGate version 1.165+
certificate-file |
unset | Path to PKCS#12 file containing certificates to be used by ActiveGate web server. Please also see Configuration of custom SSL certificate on ActiveGate. |
ActiveGate version 1.165+
certificate-password |
unset | Password to open the certificate file. |
ActiveGate version 1.165+
certificate-alias |
unset | Friendly name of the certificate in the PKCS#12 file. |
Section: [http.client]
For details on proper use of [http.client] properties, see Setting up proxy for ActiveGate.
| Property | Default value | Description |
|---|---|---|
proxy-server |
unset | Proxy server address |
proxy-port |
unset | Proxy port (numeric) |
proxy-user |
unset | Proxy user name (optional) |
proxy-password |
unset | Proxy password (optional). The password provided in the proxy-password property is obfuscated following ActiveGate restart and the obfuscated password is stored in the proxy-password-encr property. |
Section: [http.client.external]
For details on proper use of [http.client.external] properties, see Setting up proxy for ActiveGate.
| Property | Default value | Description |
|---|---|---|
proxy-server |
unset | Proxy server address |
proxy-port |
unset | Proxy port (numeric) |
proxy-user |
unset | Proxy user name (optional) |
proxy-password |
unset | Proxy password (optional). The password provided in the proxy-password property is obfuscated following ActiveGate restart and the obfuscated password is stored in the proxy-password-encr property. |
Section: [collector]
| Property | Default value | Description |
|---|---|---|
MSGrouter |
true |
ActiveGate enables routing of OneAgent and other ActiveGate traffic through Dynatrace. |
ActiveGate version 1.159 or earlier
VMwareAgentEnabled |
Environment ActiveGate: true; Cluster ActiveGate: true |
ActiveGate can be used to monitor VMware. The value of this property isn't respected by Environment ActiveGate, which can be used to monitor VMware. |
ActiveGate version 1.159 or earlier
AWSAgentEnabled |
Environment ActiveGate: false; Cluster ActiveGate: true |
Forces this ActiveGate to ignore dynatrace agent traffic. This setting is required to retrieve CloudTrail logs that are stored in AWS S3 buckets. |
LogDiskBufferPath |
/tmp/diskbuffer |
Local path for log buffer. The property default may be different depending on the operating system. |
restInterface |
true |
ActiveGate can be used to access the Dynatrace Environment API. To use your ActiveGate to make API calls with this feature, the URL must follow this pattern: https://<GATEWAY>/e/<ENVIRONMENT>/api/v1/<API> Only calls from the Environment API v1 are available with this feature. These call have /api/v1/ in the URL. Configuration API (/api/config/) and Environment API v2 (/api/v2/) are not available via ActiveGate. |
ActiveGate version 1.149 or earlier
enableHttpChecks |
false |
HTTP Monitors in ActiveGate. For later releases, see ActiveGate configuration for HTTP monitors |
DumpSupported |
false |
ActiveGate allows you to temporarily store memory dumps from OneAgent. Additional configuration in section [dump] is required. |
ActiveGate version 1.169+
trustedstore |
unset | Your trusted keystore (optional). The property trustedstore should contain the path to the file holding trusted certificates. That path should be relative to the ActiveGate SSL directory. Please also see Configuration of trusted root certificates on ActiveGate. |
ActiveGate version 1.169+
trustedstore-password |
changeit | Password of your trusted keystore (optional) which is encrypted during ActiveGate start. The obfuscated password is then stored in trustedstore-password-encr. |
ActiveGate version 1.169+
trustedstore-type |
JKS | Java default format of key and certificate databases (optional). The second supported format is PKCS12. |
Section: [aws_monitoring]
ActiveGate version 1.161+
| Property | Default value | Description |
|---|---|---|
aws_monitoring_enabled |
Environment ActiveGate: false; Cluster ActiveGate: true |
This setting is required to retrieve CloudTrail logs that are stored in AWS S3 buckets. |
Section: [vmware_monitoring]
ActiveGate version 1.161+
| Property | Default value | Description |
|---|---|---|
vmware_monitoring_enabled |
Environment ActiveGate: true; Cluster ActiveGate: true |
ActiveGate can be used to monitor VMware. |
Section: [synthetic]
ActiveGate version 1.151+
| Property | Default value | Description |
|---|---|---|
proxy-server |
unset | Proxy server address |
proxy-port |
unset | Proxy port (numeric) |
proxy-user |
unset | Proxy user name (optional) |
proxy-password |
unset | Proxy password (optional). The password provided in the proxy-password property is obfuscated following ActiveGate restart and the obfuscated password is stored in the proxy-password-encr property. |
proxy-off |
unset | Disable proxy communication between ACtiveGate and tested resource |
proxy-non-proxy-hosts |
unset | Do not use proxy when communicating with these hosts |
synthetic_enabled |
false in the Default deployment mode. true in the Synthetic monitoring deployment mode. |
Enables this ActiveGate to execute synthetic monitors in private locations. Note that starting with ActiveGate version 1.159, changing this property to true works only if you earlier ran a clean installation of your ActiveGate and selected Synthetic monitoring as a deployment mode. If you installed the ActiveGate in the Default deployment mode and then set this proporty to true, you won't be able to use this ActiveGate for synthetic monitoring. In such case, you must reinstall the ActiveGate enabling the Synthetic monitoring deployment mode. For more information, see Installing synthetic-enabled ActiveGate |
Section: [dump]
| Property | Default value | Description |
|---|---|---|
dumpDir |
dump |
Valid path of the storage directory used for dump storage |
maxSizeGb |
100 |
Storage quota in GBs. If full, the oldest dumps are overwritten until enough space is available to store a new dump. |
maxAgeDays |
7 |
Maximum age of a memory dump in days until the dump is automatically overwritten |
maxConcurrentUploads |
5 |
Maximum number of concurrent dump uploads from OneAgents |
downloadUrl |
unset | A custom download URL (for example, if ActiveGate is behind a load balancer or if ActiveGate only detected an IP address but the customer wishes to have a FQDN). The URL must contain the correct schema and port. |