Edit

Dynatrace Problems connector for Microsoft Sentinel

  • Article

This connector uses the Dynatrace Problem REST API to ingest problem events into Microsoft Sentinel Log Analytics

Connector attributes

Connector attribute Description
Log Analytics table(s) {{graphQueriesTableName}}
Data collection rules support Not currently supported
Supported by Dynatrace

Query samples

All Problem Events

DynatraceProblems

| summarize  arg_max(StartTime, *) by ProblemId

|  take 10

All Open Problem Events

DynatraceProblems

| summarize  arg_max(EndTime, *) by ProblemId

| where isnull(EndTime) or Status == "OPEN"

|  take 10

Error Problem Events

DynatraceProblems

| where SeverityLevel == "ERROR"

| summarize  arg_max(StartTime, *) by ProblemId

|  take 10

Availability Problem Events

DynatraceProblems

| where SeverityLevel == "AVAILABILITY"

| summarize  arg_max(StartTime, *) by ProblemId

|  take 10

Performance Problem Events

DynatraceProblems

| where SeverityLevel == "PERFORMANCE"

| summarize  arg_max(StartTime, *) by ProblemId

|  take 10

Count Problem Events by impact level

DynatraceProblems

| summarize  arg_max(StartTime, *) by ProblemId

| summarize count() by ImpactLevel

| take 10

Count Problem Events by severity level

DynatraceProblems

| summarize  arg_max(StartTime, *) by ProblemId

| summarize count() by SeverityLevel

| take 10

Prerequisites

To integrate with Dynatrace Problems make sure you have:

  • Dynatrace tenant (ex. xyz.dynatrace.com): You need a valid Dynatrace Tenant, to learn more about the Dynatrace platform Start your free trial.
  • Dynatrace Access Token: You need a Dynatrace Access Token, the token should have Read problems (problems.read) scope.

Vendor installation instructions

Dynatrace Problem Events to Microsoft Sentinel

Follow these instructions to generate an access token.

Next steps

For more information, go to the related solution in the Azure Marketplace.