This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Allocation of ASUs at host level

Go to solution
AntonioSousa
DynaMight Guru
DynaMight Guru

‎13 Sep 2022 07:40 PM - last edited on ‎14 Sep 2022 12:27 PM by Community Team

If we have a certain amount of ASUs (Application Security Units), how can we tell Dynatrace to use them in certain hosts? We can control which processes are being monitored, but we seem to be unable to do it at a host level. Before putting in a Product Idea, can someone confirm?

Antonio Sousa
Reply
3 REPLIES 3

Go to solution
Julius_Loman
DynaMight Legend
DynaMight Legend

‎13 Sep 2022 07:59 PM

@AntonioSousa , you can manage it only by using the security monitoring rules . You can also define it on a host level (monitor if host has some tag) or by MZ zone. The security rules are currently very limited, unfortunately. There is even no preview of the rules.

Certified Dynatrace Master | Alanata a.s., Slovakia, Dynatrace Master Partner
Reply

Go to solution
AntonioSousa
DynaMight Guru
DynaMight Guru
In response to Julius_Loman

‎13 Sep 2022 10:53 PM

@Julius_Loman,

Yes, the security monitoring rules accepts a host tag, but the rules seem to be processed at the process level. My main issue is on how to say that I don't want to monitor a specific host? So, if a certain host has a certain tag ("equals"), does that mean that it applies to all processes running on that host, and that it is not monitored? And that that host does not consume ASUs?

Antonio Sousa
Reply

Go to solution
Julius_Loman
DynaMight Legend
DynaMight Legend
In response to AntonioSousa

‎14 Sep 2022 07:50 AM

@AntonioSousa ASU consumption is triggered by AppSec monitored processes not by hosts, but it consumes the value of the host unit for each started hour a process is monitored. So if you don't have any appsec monitored processes running, you don't consume ASU. If you have appsec unsupported technology running, you don't consume ASU. If you have a supported process running and appsec rules evaluate to monitor it, it consumes the host unit value from the ASU. If you have multiple processes, the consumption happens just once for the host (not for each process).

Whole ASU licensing is quite a pain now as you don't have any visibility into how much is consumed, you can't preview the appsec rules or even see if a process is appsec monitored or not.

Certified Dynatrace Master | Alanata a.s., Slovakia, Dynatrace Master Partner
Reply
Ask a question

Featured Posts