Set up integration with Azure Monitor

The following instructions are used to connect Dynatrace to your Azure environment to enable cloud infrastructure monitoring.

Before you begin

The following are required to connect to your Azure environment:

  • Sufficient permissions to register an application with your Azure AD tenant, and assign the application to a role in your Azure Subscription. Make sure you have the right permissions to perform these steps.
  • An Azure Service Principal to access Azure APIs.
  • Minimum Dynatrace version 1.144
  • Minimum Environment ActiveGate version 1.161 (GA)
  • To get the latest enhancements and capabilities, see the Dynatrace release notes. It's recommended that you keep your versions up-to-date.

Create an Azure Service Principal

To create a Service Principal, you must register your application in the Azure Active Directory.

  1. Go to the Azure Management Portal and click Azure Active Directory.

  2. Click App registrations in the navigation pane of the selected Active Directory.

  3. Click New application registration at the top of the App registrations blade, then type the name of your application. Make sure that Web app / API is selected as the application type.

  4. Type the Sign-on URL based on your application name. This does not have to be an actual sign-on page (for example,

    Configure Azure Monitor - create app register

  5. Click Create. When the application is created, copy the Application ID, and place it where you can easily retrieve it. This becomes your Client ID once you've set up your connection, and is required to configure Dynatrace to connect to your Azure Subscription.

    Configure Azure Monitor - create app ID

  6. Click Settings to display the Settings pane, then click Keys to display the Keys blade.

  7. Type a Key description, then select a key duration in the Expires list.

  8. Click Save at the top of the Keys blade. This saves the key and displays the key value in the Value field. Highlight the value and copy it, and place it where you can easily retrieve it (along with your Client ID).

    Configure Azure Monitor - create client ID

Important: This is your only chance to copy this value. You can't retrieve the key value after you leave the Key blade.

Find your Azure Tenant ID

With the Active Directory blade open, you can now get your Tenant ID. Click Properties in the navigation pane of the Azure Active Directory blade and copy the Directory ID. This is your Azure Tenant ID, which is needed to configure Dynatrace to connect to your Azure Subscription. Keep this ID with your Client ID and Key value.

Configure azure - Tenant ID

Grant access permissions for your Service Principal

With the Azure Active Directory RBAC, you have full control on which scope Dynatrace can access your environment.

  • Directory
  • Subscriptions
  • Resource Groups
  • Resources

At a minimum, "reader" permissions are required for Dynatrace to monitor your services.

Grant access to an Azure Subscription

As an example, you can see how to grant permission for a single subscription.

You need the subscription name and Client ID to complete the service endpoint and connect Dynatrace to your Azure Subscription.

To get the subscription name and Client ID

  1. Click All services > General > Subscriptions.

  2. In the Subscriptions blade, select the subscription you're using.

  3. Copy the subscription ID at the top of the Subscription blade. Keep this ID with your Client ID, Key value, and Azure Tenant ID. Then click Access control (IAM) in the subscription navigation pane.

    Configure Azure Monitor - create subscription

  4. Click Add, then select Reader as the role.

  5. In the Select field, paste the Client ID (Application ID) you saved to find the application you created in Create an Azure Service Principal.

  6. Select the application and click Save to grant the Service Principal access to your subscription.

Configure Dynatrace to connect to your Azure Subscription

To properly map the Azure monitoring metrics and Azure Resource Manager metadata to Dynatrace, you must connect your Azure account to Dynatrace for monitoring. This includes providing either the Client ID or Tenant ID and the Secret Key from your Azure Management Portal for access.

  1. In the desired Dynatrace environment, click Settings > Cloud and virtualization > Azure.

  2. Type a descriptive name for the connection.

  3. Enter the Client ID you obtained when creating the Create an Azure Service Principal.

  4. Enter the Tenant ID, which is the Directory ID in the properties for the Active Directory in the Azure Management Portal.

  5. Enter the Secret Key, which is the key value obtained when creating the Create an Azure Service Principal.

    Configure Azure Monitor - connect to Dynatrace

  6. Click Connect to add the connection information to the list of Azure connections. You can edit connection information at any time.

My Azure environment is successfully connected - What's next?

Once you have configured Dynatrace to connect to your Azure environment, Dynatrace immedieatly starts investigating your deployed services and starts monitoring them using Azure Monitor.

Estimate Azure consumption for metric queries from Azure Monitor

The table below shows the number of metrics captured for your Azure Services supported through the integration of Dynatrace with Azure Monitor.

Azure service Monitoring entity Additional dimensions Number of metrics
Loadbalancer Loadbalancer
Loadbalanced Virtual Machine
Application Gateway Application Gateway
Application Gateway - Backend Pool
Application Gateway - HTTP Status Group
Cosmos DB Cosmos DB Azure region, Database name, Collection name 2
Event-Hub Event-Hub
Event-Hub Namespace
IOT-Hub IOTHub 25
Redis Cache Redis Cache 13
ServiceBus ServiceBus Namespace
ServiceBus Queue
ServiceBus Topic
Azure SQL Azure SQL Database
Azure SQL ElasticPool
Azure Storage account Azure Storage account
Azure Storage account
Type (blob, table, etc.), Tier
Virtual machines Virtual machines 7
Virtual machines scale sets Virtual machine scale sets 7
Azure AppServices Azure AppService AppService plan instances 14
Azure Functions Azure Functions AppService plan instances1 12

1Functions based on Consumption Plan measure as 1 instance.

Metrics queries

Query interval is 5 minutes with a resolution of 1-minute. Azure Resource Manager may throttle API requests which will increase interval to 10 or 15 minutes. For more details on request limits see [Throttling Resource Manager requests] (

For more details on how Azure Monitor metric queries are metered and priced see Azure Pricing.

Advanced Configuration

The integration accesses the following Azure API endpoints:

  • https://*

Known limitations

  • Azure Monitor integration is only available for the public cloud, not the sovereign clouds (such as Azure Government) or Azure Stack.
  • Azure integration is not supported on multi environment ActiveGates.