1
Q
How to get effective values for any setting?
A
- Generate API token
- Swagger UI –> Classic Environment v2
- GET /settings/effectiveValues api endpoint
- SchemaID and Scope from the URL
2
Q
How to update effective value for a setting?
A
- Generate API token
- Swagger UI –> Classic Environment v2
- POST /settings/object api endpoint
- Fill in JSON object as needed (get ‘values’ from the GET response of effectivevalues API)
3
Q
What are the three types of Authn/Authz connection?
A
Local / SAML / SCIM.
Local - user accounts are all managed within Dynatrace.
SAML - user accounts and groups are synced from an external IdP and local groups are mapped to SAML group claims.
SCIM - users and groups originate in the IdP and all authn/authz is offloaded to the IdP.
4
Q
What permission type is recommended and what are all the permission types?
A
Policy-based permissions are the most recommended.
Account management permissions are required to manage the Dynatrace account.
Role-based and Management-Zone-based permissions are possible, however less recommended than policy-based permissions.
5
Q
Default retention period for default events, security events, custom security events and biz events
A
default_events - 35 days
default_security_events - 3 years
default security_custom_events - 1 year
default_bizevents - 35 days
6
Q
Default retention period for logs, metrics, traces (spans)
A
default logs - 35 days
default metrics - 15 months
default_spans - 10 days
7
Q
Default retention for system events and app snapshots
A
dt_system_events - 1 years
default_application_snapshots - 10 days
8
Q
What are the types of rules you can create for Management Zones
A
Monitored Entity
Dimensional Data
Entity Selector
9
Q
When they are set up, what 3 management zone rules will make sure the components of a k8s application will be covered?
A
Services on K8s Namespace.
Browser monitors.
HTTP monitors.
10
Q
How to add metadata?
A
Use DT_{CUSTOM_PROPERTY} env var for process or host-level metadata.
Using OneAgent installation parameter –set-host-property.
Use oneagentctl CLI parameter –set-host-property
Use annotations in K8s
11
Q
How to add tags?
A
Manually via UI.
Automatic rules in the UI.
Using Monitored Entities API.
Using DT_TAGS env vars for processes and process groups.
Using OneAgent installation parameter –set-host-tag.
Using oneagenctl CLI parameter –set-host-tag
12
Q
What are the different types of fallback mode for network zones
A
Any ActiveGate (default) -> try default zone, then any other ActiveGate.
DefaultZone -> try default zone, then discard traffic.
None -> traffic discarded.
13
Q
What are the different types of services?
A
Web Request Services.
Web Services - defined by Web Services Description Language (WSDL).
Database Services.
14
Q
What Dynatrace concepts are considered to identify Database Services?
A
Commits.
Queries.
Modifications.
15
Q
What Dynatrace concepts are considered to identify Web Services?
A
Service name.
targetNamespace.
16
Q
When a database request is detected, what information is used to define the unique monitored database service?
A
Database name or schemas.
Database vendor.
Database IP address / port.
17
Q
What Dynatrace concepts are considered to identify Web Request Services?
A
Web server name.
Context root.
Web application ID.
18
Q
What is the benefit of Service Detection Rules?
A
They tailor out-of-the-box detection to make sure microservices are correctly detected / grouped / identified as Services in Dynatrace.
19
Q
What is Adaptive Traffic Management
A
OneAgent automatically adjusts the rate of trace data collection every 15 mins to stay within the Full-Stack GiB threshold for a given environment.
Dynatrace has some default settings that can be overridden.
20
Q
For what languages can you create custom services?
A
Java
.NET
Go
PHP
21
Q
A
22
Q
For what data types can a custom bucket be made?
A
Logs
Spans
Event
Security event
Biz events
23
Q
How does Adaptive Traffic Management adjust the sampling of requests?
A
OneAgent first calculates a list of top requests starting each minute, from which it captures:
- Most traces of unique and rare requests
- Fewer traces, but still a high volume, of frequent requests
24
Q
A
25
What is the hierarchy of ActiveGates and why is it important?
Level 1 - Environment AG
Level 2 - Cluster AG
Level 3 - Embedded AG (embedded in cluster nodes)
ActiveGates can only send data to higher hierarchy levels.
26
How to assign host groups?
When using the web UI to set up the OneAgent installation.
When using the OneAgent CLI tool.
In the Dynatrace Deployment status page.
Through Dynatrace API.
27
What are the 2 types of ActiveGate and which ones do you need for Saas / Managed?
Environment & Cluster.
SaaS - only Environment AG.
Managed - both, but Cluster is more important.
28
How to activate/deactivate modules in ActiveGate?
The custom.properties file
29
What are ActiveGate groups used for?
Perform bulk actions on AGs - managing Extensions 2.0 / connecting to CloudFoundry
30
What are the ActiveGate token possible statuses?
Absent (AG still using tenant tokens)
Expiring (in 30 days or less)
Invalid (invalid format)
Unknown (valid format, not recognised)
Valid
31
How to assign ActiveGate to a group?
During installation --set-group.
Using remote configuration in the deployment status page.
In the custom.properties file.
32
What are the types of ActiveGate tokens?
Seed token.
Individual token (replaces the seed token on initial connection to DT).
33
What information is included in the metadata of an ActiveGate token?
ActiveGate type.
Creation / expiration date.
ID.
Last used date.
Name.
Owner.
isSeedToken.
34
What are the best ways to access custom Metrics data in Dynatrace?
After ingestion, use Data Explorer or a Timeseries DQL command or a GET request of the Metrics v2 endpoint
35
What types of data can be ingested via the API?
Metrics
Events
Logs
OTEL metrics
OTEL logs
OTEL spans
36
What things are needed for custom log ingestion? (No particular order)
Define custom log sources.
Define log ingest rules.
Define log processing rules.
Also, OpenPipeline can be used.
37
What Dynatrace services provide an OTLP API endpoint?
SaaS
Dynatrace Collector
Environment ActiveGate
OneAgent (traces only)
38
What languages are supported by OpenTelemetry?
(Not C or C#)
C++
Go
.NET
Ruby
Elixir
Java
PHP
Rust
Erlang
JavaScript
Python
39
What is an App in the DT Hub?
Small, self-contained, and focused on use cases to integrate applications / third party software into DT
40
What is an Extension in the DT Hub?
Used to expand the DT monitoring capability by integrating with other platform to ingest logs / metrics.
41
How can one troubleshoot issues with ActiveGate extensions?
Check log files under the remotepluginmodule directory.
42
What is EEC?
Extension Execution Controller - the Dynatrace component running extensions.
EEC on OneAgent queries local data sources.
EEC on ActiveGate queries remote data sources.
43
How does an Extension run on an ActiveGate?
The ActiveGate must be part of an AG group, and the group must be instructed to run the Extension
44
How does the AWS integration work?
It queries the CloudWatch API.
45
How do you monitor non-default AWS cloud services?
Install an ActiveGate in AWS.
Allow AG to access AWS URLs.
AWS admin access.
AWS monitoring policy + role-based authentication.
46
How does the Azure integration work?
Deploy the Azure Native Dynatrace Service in Azure.
No ActiveGate is required.
OneAgent is needed for code-level monitoring of VMs and App Services.
47
How does the GCP integration work?
Create a GKE Autopilot Cluster.
Create a custom role.
Create an access token for Dynatrace.
48
What are the benefits of K8s Cloud-Native Full Stack Monitoring?
Eliminates race conditions.
Storage space and performance.
Application and host monitoring (full stack).
Kubernetes platform observability.
49
What are the benefits of K8s platform monitoring?
No OneAgent is needed (cheaper).
Out-of-the-box alerting and anomaly detection.
50
What are the limitations of K8s platform monitoring?
No application observability.
No full-stack monitoring.
51
What are the benefits of K8s Application Observability?
Injection through K8s admission controller.
Namespace selector for granular control.
Eliminates race conditions.
52
What are the limitations of K8s Application Observability?
No host metrics are captured.
Topology limited to pods and containers.
53
What are the pros and cons of K8s host monitoring?
Pro: Collection of host metrics and process data.
Con: No application observability.
54
What are the pros and cons of K8s classic full-stack?
Pro: Full stack monitoring.
Con: Limited by race conditions.
55
How does the K8s Cloud-Native Full Stack monitoring deployment mode work?
Dynatrace Operator: Manages rollout, config, lifecycle, and updates of OneAgent, DynaKube and ActiveGate.
Dynatrace Webhook: Validates DynaKube definitions, converts definitions with older API versions, and injects config into pods.
Dynatrace CSI driver: Optional. Deployed as a daemonset, provides a writeable volume storage for OneAgent binaries - minimises network and storage consumption.
ActiveGate: Dedicated to the K8s monitoring, cannot be used for anything else.
56
How does the K8s platform monitoring deployment mode work?
Dynatrace Operator: Manages rollout, config, lifecycle, and updates of ActiveGate and DynaKube.
Dynatrace Webhook: Validates DynaKube definitions, converts definitions with older API versions, and injects config into pods.
ActiveGate: Can only get the info that the K8s API provides about the platform.
57
How does the K8s Application Observability deployment mode work?
Can be turned on / off per namespace.
Dynatrace Operator: Manages rollout, config, lifecycle, and updates of ActiveGate and DynaKube.
Dynatrace Webhook: Validates DynaKube definitions, converts definitions with older API versions, and injects config into pods.
Dynatrace CSI driver: Deployed as a daemonset, provides a writeable volume storage for OneAgent binaries - minimises network and storage consumption.
ActiveGate: No access to K8s API, only forwards pod info to DT.
58
How does the K8s host monitoring deployment mode work?
Dynatrace Operator: Manages rollout, config, lifecycle and updates of OneAgent, DynaKube and ActiveGate.
Dynatrace Webhook: Validates DynaKube definitions, converts definitions with older API versions.
Dynatrace CSI Pod: Provides storage to OneAgent.
ActiveGate: Used for routing data from OneAgent.
59
How does the K8s classic full-stack monitoring mode work?
Dynatrace Operator: Manages rollout, config, lifecycle and updates of OneAgent, DynaKube and ActiveGate.
Dynatrace Webhook: Validates DynaKube definitions, converts definitions with older API versions.
ActiveGate: Routes data from OneAgent and from the Pods.
Because there's no CSI driver, the OneAgent pods can only monitor new pods (i.e. all pods must be dropped and allowed to come back up)
60
What is DynaKube?
Custom resource managed by Dynatrace Operator.
Defines the config of the Dynatrace components in the cluster.
i.e. ActiveGate config / API URL of Dynatrace environment / Log monitoring capabilities
61
In RUM, what is the thing that captures the user actions?
Ruxit
62
How is data sent back to Dynatrace from a user's browser?
Via 'rb_*' ruxit beacons / packets
63
What are the injection formats for Agentless RUM? And what are their pros / cons?
These get config and monitoring code updates with new Application or new OneAgent installed:
JavaScript tag (jsTagComplete)
Code snippet synchronous (syncCS)
Code snippet deferred (asyncCS)
When updating the App or OneAgent, you need to update the following:
Inline code (jsInlineScript)
OneAgent JavaScript tag (jsTag)
OneAgent JS tag with SRI (jsTagSri)
64
How is the jsTagComplete injection format for RUM done?
JavaScript tag.
Insert JS tag into web app code.
65
How is the syncCS injection format for RUM done?
Code snippet synchronous.
JS code snippet (incl. config) with basic functionality is manually inserted. Full functionality of monitoring code is loaded synchronously.
66
How is the asynCS injection format for RUM done?
Code snippet deferred (async).
JS code snippet (incl. config) with basic functionality is manually inserted. Full functionality of monitoring code is loaded asynchronously.
67
How is the jsInlineScript injection format for RUM done?
Inline code.
Complete config and monitoring code (lots of code) is inserted into web app code.
68
How is the jsTag injection format for RUM done?
OneAgent JS tag.
JS tag inserted into code. Monitoring code is loaded from Dynatrace CDN.
69
How is the jsTagSri injection format for RUM done?
OneAgent JS tag with SRI.
JS tag (incl. config, a ref to external monitoring code + integrity hash for the code) inserted into code. Monitoring code is loaded from Dynatrace CDN.
70
What mobile platforms are supported for RUM?
Android
iOS
tvOS
Cordova
React Native
Flutter
Xamarin
Others can be supported with Dynatrace OpenKit
71
What are the three types of Network Availability Monitoring (NAM)?
ICMP
TCP
DNS
72
What is required to have a private synthetic location?
A synthetic-enabled ActiveGate.
Chromium (downloaded with ActiveGate installer, can also be installed via internet from S3 or a custom repo).
73
What credential types are supported by Credential Vault?
Username-password.
Certificates.
Tokens.
74
What permissions are needed for using credential vault?
Read-write cred vault: View environment permission.
Use cred in synthetic monitor: Change monitoring settings permission.
75
What does the variable oneagent_paas_token contain when using Ansible to deploy OneAgent?
The PaaS token retrieved from the PaaS integration page
76
What does Dynatrace call the hosts without OneAgent that communicate with a monitored host?
Monitoring candidate
77
What methods can be used to deploy a OneAgent?
Dynatrace OneAgent installation API(?)
Ansible collection.
78
What variables are needed for the OneAgent Ansible role?
oneagent_environment_url: URL of DT env.
oneagent_paas_token: PaaS token.
oneagent_install_args: installation parameters as a list.
79
oneagentctl can be used to... (3 things)
Do post-install config at individual host level.
Check version.
Restart OneAgent after doing post-install config.
80
At what levels can data privacy settings be controlled?
Globally.
Application level.
Service level.
Host group level.
81
What are the different levets of data protection?
Masking at capture, at storage / ingest and at display
82
What does masking at capture mean?
Data is masked immediately upon capture. It's not sent or stored in its original form, only masked form.
Can be done at the user's device + in OneAgent.
83
What does masking at storage / ingest mean?
Data is sent to the environment, analysed, then masked before storage
84
What does masking at display mean?
Data is stored in its original form and is only masked when viewed by unauthorised users (controlled by View Sensitive Request Data permission).
85
What is tracked in an audit log?
When the change was made, what was changed, and by whom
86
How long are audit logs stored for?
30 days
87
What RUM data privacy settings can be configured and what are their defaults?
User actions - not masked by default.
IPs and GPS coords - masked by default.
Personal data in URIs - not masked by default.
Whether to use persistent cookies - no by default.
88
What level of IP and GPS masking is done?
IPs - final octate is masked, we can determine the ISP.
GPS - can determine the general location within a country.
89
What session replay privacy settings can be controlled?
Opt-in mode (session replay is deactivated until activate with API call).
URL exclusion.
Content masking preferences from predefined options.
90
What is masked with 'Mask All' and when should it be used?
All text, user input, attributes values, and images.
Use for troubleshooting when order of interaction is important.
91
What is masked with 'Mask User Input' and when should it be used?
All user input, including options in list boxes.
When confidential info is only from user input.
92
What is masked with 'Allow List' and when should it be used?
Elements that are specified are not masked.
Ensures that even new elements in code updates are masked.
93
What is masked with 'Block List' and when should it be used?
Elements that are specified are masked.
All the elements are provided by default, clear the ones that you don't want to be masked.
94
What methods are available for masking logs at capture?
RegEx pattern.
SHA-256 hash or a string.
SHA-1 hash is deprecated.
95
What method do you use for masking logs at ingest?
Create log processing rule or in OpenPipeline
96
What are the benefits of a Simple Contract subscription
Annual spend commitment.
No extra charges if you go over.
Predictable and allows for natural growth / progression.
97
What is available in the Account Management Portal for utilisation?
View spends forecasting, alerting, drilldowns.
Breakdown per environment, capability and per day.
98
What log observability capabilities consume licenses?
Ingest, process, retain / store, query
99
What can config as code do?
Create config templates.
Manage interdependencies without needing unique IDs.
Promote configs between envs alongside the app deployments.
Use git workflow and version control.
100
What are the configs as code tool options?
Dynatrace Monaco, Terraform
101
What are the default Workflow actions?
Run JS, Execute DQL query, HTTP request
102
What's the relation b/w SLOs and SRG?
SLOs help define performance targets, SRG helps enforce them automatically.
103
What are out-of-the-box integrations for problem alerting?
OpsGenie
VictorOps
PagerDuty
Jira
Slack
MS Teams
ServiceNow
104
What are custom integrations for problem alerting?
Email
Webhook
105
How do alerting profiles relate to problem notification integrations?
Alerting profiles serve as a filter when sending out problem notifications
106
Dynatrace Community, what is a product idea
A suggestion from users for a new feature, enhancement, or improvement to Dynatrace
107
What is the licensing model for OneAgent?
Per-host basis, the amount of RAM is the measuring stick for 'host units'
Dynatrace Pro
flashcards
Decks in class (1)
# Cards
