21 Jan 2020 11:10 AM - last edited on 05 Oct 2022 09:57 AM by Ana_Kuzmenchuk
Hello.
Our Dynatrace managed installation contains multiple environments. Each environment dedicated to particular application and supposed to be used by defined support teams. In order to provide them with the best service I need to know how often every environment accessed by the support guys: do they really use Dynatrace or we are wasting our host unit licenses on it or what kind of reports they run most often.
Is there any way to figure out using any kind of system log?
I think access.log analogue would be sufficient end enough.
Solved! Go to Solution.
21 Jan 2020 11:31 AM
If you have two Dynatrace managed environments, you can instrument you DT servers with the OneAgent. That way you can get RUM data and analyze it like a normal web application.
You can also take a look at the Audit logs to get the information that you are looking for https://www.dynatrace.com/support/help/how-to-use-dynatrace/data-privacy-and-security/configuration/...
21 Jan 2020 11:47 AM
What you need is actually audit.user.log available at each cluster node. This is a sample entry:
2020-01-21 09:37:11 UTC {"eventType":"LOGIN","tenantId":"environment-identifier-uuid","userId":"radoslaw.s","userIdType":"USER_NAME","userOrigination":"Forwarded: 1.2.3.4","sessionId":"3213123213","identity":"your.node.ip","identityCategory":"WEB_UI","success":true,"timestamp":1579599431280,"message":null,"jsonPatch":null}
To have a full overview, you need to process log files from all cluster nodes.
21 Jan 2020 12:26 PM
easiest to execute is api call (f.e. for last 1 day): curl -X GET "https://<your_environment>/api/v2/auditlogs?filter=eventType%28LOGIN%29&from=now-1d&sort=-timestamp" -H "accept: application/json; charset=utf-8" -H "Authorization: Api-Token <your_api_token_with_auditlog_rights>"
first you need to enable audit logs (use link in previous post)