Set up integration with Azure Monitor

In addition to monitoring your Azure workloads using OneAgent, Dynatrace provides integration with Azure Monitor which adds infrastructure monitoring to gain insight even into serverless application scenarios.

The integration uses Azure Monitor metrics for service insights, as well as Azure Resource Manager (ARM) to gather metadata.


  • Sufficient permissions to register an application with your Azure AD tenant, and assign the application to a role in your Azure Subscription.
  • An Azure service principal to access Azure APIs.
  • ActiveGate version 1.161+ (GA).
  • See the Dynatrace release notes for the latest enhancements and capabilities. We recommend that you keep your versions up to date.

Create an Azure service principal

To create a service principal, you must register your application in the Azure Active Directory.

Note: Dynatrace integration for Azure supports Azure Lighthouse, which allows Dynatrace to have multi-tenant access to Azure.

The instructions below refer to a common single-tenant access approach.

  1. Go to the Azure Management Portal and select Azure Active Directory.
  2. Select App registrations in the navigation pane of the selected Active Directory.
  3. Select New application registration at the top of the App registrations blade, and type the name of your application.
  4. Select Register.
  5. Copy the Application (client) ID, and save it for future retrieval. This ID is required to configure Dynatrace to connect to your Azure account.
  6. Select Certificates & secrets > New client secret to create a new security key.
  7. Type a key description and select a key duration in the Expires list.
  8. Select Add to save the new key, which displays the key value in the Value field. Copy the value and save it for future retrieval (along with your Client ID).

Important: This is your only chance to copy this value. You can't retrieve the key value after you leave the Key blade.

Grant access permissions for your service principal

You need at least reader permissions for Dynatrace to monitor your services.

Grant access to an Azure subscription

  1. On Azure Portal, select All services > General > Subscriptions.
  2. In the Subscriptions blade, enter your subscription.
  3. Select Access control (IAM) in the subscription navigation pane.
  4. Select Add and enter the Reader role.
  5. In the Select field, paste the description name or application (client) ID obtained when creating the Azure service principal.
  6. Select the application and Save to grant the service principal access to your subscription.

Configure Dynatrace to connect to your Azure environment

To connect Dynatrace to your Azure environment, you have to provide an Azure service principal, which Dynatrace uses to access Azure APIs to capture telemetry and metadata.

  1. In the desired Dynatrace environment, click Settings > Cloud and virtualization > Azure.

  2. Type a descriptive name for the connection.

  3. Enter the Client ID and Tenant ID obtained when creating the Azure service principal.

  4. Enter the Secret Key obtained when creating the Azure service principal.

    Connect Dynatrace to Azure

  5. Optional If there are services for which you want to capture service metrics from the Azure Monitor metrics API, you need to define a tag-based filter for those specific services.

  1. Optional Turn off automatic tag import. If turned on, resource tags are imported (resource group tags aren't imported).

  2. Select Connect to add the connection information to the list of Azure connections. You can edit connection information at any time.

Note: The integration accesses the following Azure API endpoints, so they need to be available from your environment:


After you have configured Dynatrace to connect to your Azure environment, Dynatrace immediately starts investigating the subscriptions and deployed services accessible for the service principal and starts monitoring them.

Set up monitoring notifications with Azure Alerts

After setting up Azure Monitor integration, you can start setting up monitoring notifications with Azure Alerts.

Azure Alerts is a unified notification hub for all types of important conditions found in Azure monitoring data. The integration of Azure Alerts enables you to consume alerts, which are automatically transformed into events that are leveraged by Davis AI for deeper insights.

To set up monitoring notifications with Azure Alerts

  1. Generate an API token with access scope Data ingest, e.g.: metrics and events.
  1. Configure one or more designated ActiveGates.

Note: The ActiveGate designated to consume Azure Alerts doesn't have to be the same ActiveGate that runs the Azure Monitor integration.

  1. Set up Azure Alert Rules.

Azure Alerts are consumed via webhooks that are configured in your Azure Alert Rules. The alerts are mapped to the closest known matching entity. This means that they either map to their related Azure resource entity or, as a fallback, to the Azure subscription of the resource.

To define action rules, use the settings below.



Enable the common alert schema


For more information, see Webhook rules in Azure documentation.

Alert types

The following alert types are supported.

Metric alerts

Metric alerts are complementary to Dynatrace integration of Azure Monitor metrics.

Metric alerts enable you to retrieve metric-based events without the need to push the metrics to Dynatrace. This is helpful in reducing API and network pressure, especially in cases where you might not need the metric (for example, for charting purposes).

The event type is defined based on alert Severity:

  • Sev-0 (Critical): ERROR_EVENT
  • Sev-1 (Error): PERFORMANCE_EVENT
  • Default (Informational): CUSTOM_ANNOTATION

Activity alerts

Dynatrace supports three types of activity notifications.

Activity Log Resource Health

The event type is defined based on severity Level:


See Configure resource health alerts using Azure portal in Azure documentation for more information.

Activity Log Service Health

The event type is defined based on IncidentType:

  • ActionRequired: ERROR_EVENT
  • Incident or Security + Error: ERROR_EVENT

See Create activity log alerts on service notifications using the Azure portal in Azure documentation for more information.

Activity Log Administrative


Estimate Azure consumption for metric queries from Azure Monitor

The table below shows the number of metrics captured for your Azure Services supported through the integration of Dynatrace with Azure Monitor.

Azure service Monitoring entity Additional dimensions Number of metrics
Load balancer1 Load balancer
Load balanced Virtual Machine
Application Gateway Application Gateway
Application Gateway - Backend Pool
Application Gateway - HTTP Status Group
Cosmos DB Cosmos DB Azure region, Database name, Collection name 11
Event-Hub Event-Hub
Event-Hub Namespace
IOT-Hub IOTHub 25
Redis Cache Redis Cache 13
ServiceBus ServiceBus Namespace
ServiceBus Queue
ServiceBus Topic
Azure SQL Azure SQL Database
Azure SQL ElasticPool
Azure Storage account Azure Storage account
Azure Storage account
Type (blob, table, etc.), Tier
Virtual Machine Virtual Machine 7
Virtual Machine Scale Sets Virtual Machine Scale Sets 7
Azure AppServices Azure AppService AppService Plan instances 14
Azure Functions Azure Functions AppService Plan instances1 12

1Functions based on consumption plan measure as one instance. 2Only standard tier exposes load balancer metrics via Azure Monitor metrics API.

Metrics queries

The query interval is 5 minutes with a resolution of 1 minute. Azure Resource Manager might throttle API requests, which will increase the interval to 10 or 15 minutes. For more details on request limits, see Throttling Resource Manager requests.