Data privacy and exchange in Managed deployments
Dynatrace Managed cluster administrators have access to a number of data-privacy settings that may affect the sharing of personal or confidential end-user data.
- See data data privacy section for information on privacy settings that suit your organization's needs.
All Dynatrace Managed clusters exchange information with Dynatrace Mission Control, at least once, or periodically.
- See data exchange section for information on data that Dynatrace receives from and pushes to your clusters.
You may want to opt-out of certain communications, such as allowing Dynatrace to proactively access your clusters and environments. However, some messages are mandatory and can't be switched off.
|Category||Data exchange||Opt out|
|Pro-active support||Report usage and billing information.||No|
|Pro-active support||Report Dynatrace cluster health.||No|
|Dynatrace support resources||Synchronize users' e-mail addresses2, first and last name, assigned permissions, and environment UUIDs||No|
|Pro-active support||Report cluster and OneAgent events to Dynatrace Mission Control.||Yes1|
|Pro-active support||Dynatrace deployment health monitoring.||Yes1|
|Pro-active support||Allow Dynatrace ONE remote access to environment monitoring settings.||Yes1|
|Pro-active support||Allow Dynatrace ONE to change your configuration.||Yes1|
|Privacy||Send information about monitored technologies and feature usage.||Yes|
|Privacy||Use Mission Control as email notifications sender.||Yes|
|Dynatrace support resources|
Send users invitation to create a Dynatrace account on first login.
|Dynatrace support resources||Include results from Dynatrace Documentation in the platform search.||Yes|
|Domain name and SSL certificates||Enable management of domain name and SSL certificates.||Yes|
This setting varies depending on your licensing. If this setting is disabled and you want to adjust it, contact Dynatrace ONE.
Affects users with a permission Cluster administrator, View product usage & manage account info, Access account, or Manage support tickets
All settings are enabled by default. Proper configuration of these settings depends on the unique needs of your organization. In addition to pro-active support settings, you'll also find settings related to new Community-user setup and domain name management. Please see below for details on the available controls.
To ensure GDPR compliance, you must be aware of what personal data is captured by Dynatrace and you must configure Dynatrace to protect personal data.
To configure data privacy settings within your Managed environment, in the Dynatrace menu, go to Settings > Preferences.
To configure Dynatrace ONE remote access and ability to change configuration, in the Dynatrace menu, go to Settings > Remote access permissions.
Note: You must have cluster administrator privileges to access the Preferences page.
Dynatrace Managed provides fully automated self-management capabilities that keep your system secure, reliable, and up-to-date. To achieve this, Dynatrace needs to send certain information to the Dynatrace Mission Control.
Report usage and billing information
Each Dynatrace Managed cluster reports license-relevant consumption data such as number of host units, custom metrics or log monitoring for each environment.
Report Dynatrace cluster health
Dynatrace clusters send status information, including cluster IDs, privacy flags, time zones, traffic levels, and maintenance windows. Server state, including number of CPU cores, CPU load, and used/free storage are reported on a per-cluster basis.
Report cluster and OneAgent events to Dynatrace Mission Control
For each event, clusters send type, severity level, time stamp, and description detail so that Dynatrace ONE can remotely analyze and address problems or incompatibilities in your environment. When disabled, your organization is responsible for monitoring system events and collecting log files necessary for problem resolution prior to contacting Dynatrace ONE.
Dynatrace deployment health monitoring
Dynatrace Managed installations include Dynatrace OneAgent, which provides self-monitoring of cluster health. Monitoring is enabled in Full-Stack Monitoring mode. In addition to infrastructure and Dynatrace service metrics, the following is captured:
- User information such as IP address
- Geolocation of users
- Browser or device type
- User-action details within Dynatrace Managed such as clicks or page loads
- Dynatrace Managed processes logs
Allow Dynatrace ONE remote access to environment monitoring settings
In the case of detected events, Dynatrace ONE can remotely check the monitoring settings of your cluster configuration.
Allow Dynatrace ONE to change your configuration
When enabled, Dynatrace ONE can remotely optimize your environment's monitoring settings to ensure optimum performance and stability.
Report information about monitored technologies and feature usage
Dynatrace proactively sends alerts for incompatibilities or technology-specific risks related to your environment. Dynatrace can report information about installed OneAgent versions, process technologies, hosts, ActiveGates, and other related entities and configurations. The retrieved information may be used for support and to improve Dynatrace offerings. Dynatrace may use this data (if aggregated and it can't be used to identify end users) for industry analyses, benchmarking, and analytics. Learn more about how Dynatrace sends information about monitored technologies in your environment.
Help us improve Dynatrace for your users by sending usage data from browsers
User behavior information is now part of Dynatrace deployment health monitoring. Dynatrace no longer sends user data to 3rd party companies.Managed version 1.214 and below
For older versions, Dynatrace uses Woopra (a customer-analytics provider headquartered in San Francisco, California) to analyze the usage of Dynatrace Managed and provides customers with better experience. Woopra utilizes cookies that are stored on each end user’s computer. Thereby, information such as IP address, geolocation, browser or device type, along with user-action details within Dynatrace Managed are captured. Disabling this setting prevents such usage data from being sent.
Use Mission Control as email notifications sender
Enable your own SMTP server to determine how Dynatrace delivers email notifications, reports, and other communications to users and administrators.
- To configure your own SMTP server, in the Dynatrace menu, go to Settings > Emails > SMTP server.
You can find more information on configuring your own SMTP server in Configure an SMTP server connection.
Create Dynatrace Community user account upon login
The Dynatrace Community provides an Internet forum for customers and digital performance experts to connect with each other and share ideas. Registered users can ask questions and view answers at Dynatrace Community and create support tickets.
Integrate Dynatrace Documentation and Community content into in-product search results
The search bar in Dynatrace UI can be used to query external content in both the Dynatrace Community user forum and within our online documentation. When disabled, users must to search these sites independently to find answers to their questions.
Manage domain name & SSL certificates
Enable this setting to generate a domain name (a subdomain of dynatrace-managed.com) with a trusted certificate for your Dynatrace Managed cluster. The Certificate Authority (CA) is Let's Encrypt. Certificates are downloaded by HTTPS (REST API) via Mission Control.
Enable management of domain name and SSL certificates
Enable this setting to generate a domain name (a subdomain of
dynatrace-managed.com) with a trusted certificate for your Dynatrace Managed cluster. All users in your environment can then access Dynatrace at
Please note that this process may take a few minutes. Once complete, you'll be able to access the new URL.
Disabling this option results in SSL certificates and the cluster URL being rolled back to the previous version.
Remember to update your SSO IdP settings with this URL.
The following information transparently documents the mandatory data that Dynatrace receives from your Dynatrace Managed cluster. Note that all communication between clusters and Mission Control is encrypted and always cluster-initiated only. Dynatrace isn't able to initiate a connection to customer clusters.
Frequency: Once during installation and during every upgrade
Cluster request: License key
Mission Control response: Account name, license name, OneAgent installation flag (
false), OneAgent download URL
Frequency: Once (after first startup)
Cluster request: License key, cluster ID
Mission Control response: Registration status, username, password
Frequency: Once every 5 minutes
Cluster request: No cluster request
Mission Control response: License status, cluster ID, license key, license details, license model
Frequency: Once every 5 minutes
Cluster request: Cluster ID, privacy settings, time zone, traffic size, update/maintenance window. Each cluster node adds technical details including OS name and version, number of CPU cores, CPU load, total RAM, free RAM, total disk storage, used storage, server state, seed node flag (
false), and startup time stamp. Each Cluster ActiveGate adds its version, OS name and version, status, certificate issuer, and type (e.g., beacon forwarder).
Mission Control response: Health status, message
Frequency: Once each hour
Cluster request: Cluster ID, consumption timeframe. Each environment adds the number of new problems, RUM sessions, synthetic monitors. Every host adds a category, a list of monitored technologies, and monitoring timeframes. For each synthetic monitor, the ID, description, type, success count, failure count and action count are transmitted. See Export licensing data.
Mission Control response: Status, remaining RUM sessions, consumed RUM overage, host units overage, remaining synthetic monitors, consumed synthetic monitors overage. For each environment, its ID, consumed RUM sessions, consumed synthetic monitors, and host units are returned.
Frequency: Once each minute, or every 5 minutes if remote access is disabled.
Cluster request: Cluster ID, node ID, source type (e.g., server)
Mission Control response: Remote UI request flag (true/false), Websocket URLs
Frequency: Once each hour
Cluster request: No cluster request
Frequency: Every 30 to 60 minutes.
Cluster request: No cluster-specific exposure, no personal data.
Mission Control response: Images and text describing the capabilities and extensions available in Dynatrace Hub.
Application Security searches for vulnerabilities in your environment based on vulnerability feeds.
Frequency: When updates are available
Cluster request: Vulnerability feed data
Mission Control response: Vulnerability feed data
We never send host names or other information that may compromise your cluster's security.