Data privacy and exchange in Managed deployments

Dynatrace Managed cluster administrators have access to a number of data-privacy settings that affect the sharing of sensitive end-user data.

  • See data data privacy section for information on privacy settings that suit your organization's needs.

All Dynatrace Managed clusters exchange information with Dynatrace Mission Control, at least once, or periodically.

  • See data exchange section for information on data that Dynatrace receives from and pushes to your clusters.

You may want to opt-out of certain communications, such as allowing Dynatrace to proactively access your clusters and environments. However, some messages are mandatory and can't be switched off.

Category Data exchange Opt out
Pro-active support Report usage and billing information. No
Pro-active support Report Dynatrace cluster health. No
Pro-active support Report cluster and OneAgent events to Dynatrace Mission Control. Yes
Pro-active support Dynatrace deployment health monitoring. Yes
Pro-active support Allow Dynatrace ONE remote access to environment monitoring settings. Yes
Pro-active support Allow Dynatrace ONE to change your configuration. Yes
Privacy Send information about monitored technologies and feature usage. Yes
Privacy Send usage data from the browser to improve Dynatrace. Yes
Privacy Use Mission Control as email notifications sender. Yes
Dynatrace community Share telemetry data to support Dynatrace AI improvements. Yes
Domain name and SSL certificates Enable management of domain name and SSL certificates. Yes

Data privacy

All settings are enabled by default. Proper configuration of these settings depends on the unique needs of your organization. In addition to pro-active support settings, you'll also find settings related to new Community-user setup and domain name management. Please see below for details on the available controls.

To ensure GDPR compliance, you must be aware of what personal data is captured by Dynatrace and you must configure Dynatrace to protect personal data.

  • To configure data privacy settings within your Managed environment, go to Settings > Preferences.

  • To configure Dynatrace ONE remote access and ability to change configuration, go to Settings > Remote access permissions.

Note: You must have cluster administrator privileges to access the Preferences page.

Pro-active support

Dynatrace Managed provides fully automated self-management capabilities that keep your system secure, reliable, and up-to-date. To achieve this, Dynatrace needs to send certain information to the Dynatrace Mission Control.

Report usage and billing information

Each Dynatrace Managed cluster reports license-relevant consumption data such as number of host units, custom metrics or log monitoring for each environment.

Report Dynatrace cluster health

When enabled, Dynatrace clusters send status information, including cluster IDs, privacy flags, time zones, traffic levels, and maintenance windows. Server state, including number of CPU cores, CPU load, and used/free storage are reported on a per-cluster basis.

Report cluster and OneAgent events to Dynatrace Mission Control

For each event, clusters send type, severity level, time stamp, and description detail so that Dynatrace ONE can remotely analyze and address problems or incompatibilities in your environment. When disabled, your organization is responsible for monitoring system events and collecting log files necessary for problem resolution prior to contacting Dynatrace ONE.

Dynatrace deployment health monitoring

Dynatrace Managed installation contain a Dynatrace OneAgent that provides self-monitoring of cluster health.

Allow Dynatrace ONE remote access to environment monitoring settings

In the case of detected events, Dynatrace ONE can remotely check the monitoring settings of your cluster configuration.

Allow Dynatrace ONE to change your configuration

When enabled, Dynatrace ONE can remotely optimize your environment's monitoring settings to ensure optimum performance and stability.

Privacy

Report information about monitored technologies and feature usage

Dynatrace proactively sends alerts for incompatibilities or technology-specific risks related to your environment. Dynatrace can report information about installed OneAgent versions, process technologies, hosts, ActiveGates, and other related entities and configurations. The retrieved information may be used for support and to improve Dynatrace offerings. Dynatrace may use this data (if aggregated and it can't be used to identify end users) for industry analyses, benchmarking, and analytics. Learn more about how Dynatrace sends information about monitored technologies in your environment.

Help us improve Dynatrace for your users by sending usage data from browsers

Dynatrace uses Woopra (a customer-analytics provider headquartered in San Francisco, California) to analyze the usage of Dynatrace Managed and provides customers with better experience. Woopra utilizes cookies that are stored on each end user’s computer. Thereby, information such as IP address, geolocation, browser or device type, along with user-action details within Dynatrace Managed are captured. Disabling this setting prevents such usage data from being sent.

Use Mission Control as email notifications sender

Enable your own SMTP server to determine how Dynatrace delivers email notifications, reports, and other communications to users and administrators.

  • To configure your own SMTP server, log into the Cluster Management Console and go to Settings > Emails >SMTP server.

You can find more information on configuring your own SMTP server in Configure an SMTP server connection.

Dynatrace community

Create Dynatrace Community user account upon login

The Dynatrace Community provides an Internet forum for customers and digital performance experts to connect with each other and share ideas. Registered users can ask questions and view answers at Dynatrace Answers and create support tickets.

Integrate Dynatrace Help and Answers user-forum content into in-product search results

The search bar in Dynatrace UI can be used to query external content in both the Dynatrace Answers user forum and within our online documentation. When disabled, users must to search these sites independently to find answers to their questions.

Manage domain name & SSL certificates

Enable this setting to generate a domain name (a subdomain of dynatrace-managed.com) with a trusted certificate for your Dynatrace Managed cluster. The Certificate Authority (CA) is Let's Encrypt. Certificates are downloaded by HTTPS (REST API) via Mission Control.

Enable management of domain name and SSL certificates

Enable this setting to generate a domain name (a subdomain of dynatrace-managed.com) with a trusted certificate for your Dynatrace Managed cluster. All users in your environment can then access Dynatrace at <prefix>.dynatrace-managed.com. Please note that this process may take a few minutes. Once complete, you'll be able to access the new URL. Disabling this option results in SSL certificates and the cluster URL being rolled back to the previous version. Remember to update your SSO IdP settings with this URL.

Data exchange

The following information transparently documents the data that Dynatrace receives from and pushes to your clusters. Note that all communication between clusters and Mission Control is encrypted and always cluster-initiated only. Dynatrace isn't able to initiate a connection to customer clusters.

Installation

Frequency: Once during installation and during every upgrade
Cluster request: License key
Mission Control response: Account name, license name, OneAgent installation flag (true/false), OneAgent download URL

Registration

Frequency: Once (after first startup)
Cluster request: License key, cluster ID
Mission Control response: Registration status, username, password

License

Frequency: Once every 5 minutes
Cluster request: No cluster request
Mission Control response: License status, cluster ID, license key, license details, license model

Health check

Frequency: Once every 5 minutes
Cluster request: Cluster ID, privacy settings, time zone, traffic size, update/maintenance window. Each cluster node adds technical details including OS name and version, number of CPU cores, CPU load, total RAM, free RAM, total disk storage, used storage, server state, master node flag (true/false), and startup time stamp. Each Cluster ActiveGate adds its version, OS name and version, status, certificate issuer, and type (e.g., beacon forwarder).
Mission Control response: Health status, message

Consumption

Frequency: Once each hour
Cluster request: Cluster ID, consumption timeframe. Each environment adds the number of new problems, RUM sessions, synthetic monitors. Every host adds a category, a list of monitored technologies, and monitoring timeframes. For each synthetic monitor, the ID, description, type, success count, failure count and action count are transmitted.
Mission Control response: Status, remaining RUM sessions, consumed RUM overage, host units overage, remaining synthetic monitors, consumed synthetic monitors overage. For each environment, its ID, consumed RUM sessions, consumed synthetic monitors, and host units are returned.

Heartbeat

Frequency: Once each minute, or every 5 minutes if remote access is disabled.
Cluster request: Cluster ID, node ID, source type (e.g., server)
Mission Control response: Remote UI request flag (true/false), Websocket URLs

Updates

Frequency: Once each hour
Cluster request: No cluster request
Mission Control response: For cluster updates: version, description, download URL, size. For OneAgent and JavaScript tag updates: label, version, download URLs. For ActiveGate updates: label, version, download URLs

Note

We never send host names or other information that may compromise your cluster's security.