This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Pre-requisites of alerts Migration from Splunk to Dynatrace

Yougendra-More
Newcomer_

‎11 Jun 2025 11:08 AM - last edited on ‎11 Jun 2025 11:56 AM by Community Team

Hi Community,

We are in the process of transitioning our alerting and monitoring workflows from Splunk to Dynatrace, and I’m looking for guidance on the technical pre-requisites and migration considerations involved in this process.

Specifically, I’m interested in understanding:

  • Baseline Requirements: What foundational configurations (e.g., custom metrics ingestion, tagging strategies, management zones, entity modeling) should be in place in Dynatrace before replicating Splunk alerts?
  • Alert Mapping Strategy: How do Splunk alerts (based on saved searches or correlation rules) translate into Dynatrace’s problem detection model, Davis AI, and custom event-based alerts?
  • Data Source Alignment: Are there recommended approaches for ensuring parity between Splunk data sources and Dynatrace-monitored entities (e.g., log ingestion, OneAgent coverage, API integrations)?
  • Automation & Tooling: Are there any tools, APIs, or scripts available to automate or streamline the alert migration process?
  • Governance & Tuning: Best practices for managing alert noise, threshold tuning, and aligning with Dynatrace’s AI-driven root cause analysis.
  • Lessons Learned: Any known challenges, limitations, or gotchas from teams who have already completed this migration?

If there’s any official documentation, migration playbooks, or community-shared templates, I’d greatly appreciate the pointers.

Thanks in advance for your insights!

Best regards,

Labels:
0 Kudos
Reply
2 REPLIES 2

lubrman
Advisor

‎16 Jun 2025 10:13 AM

Hi @Yougendra-More 

This is quite a complex topic that depends on many aspects, especially how deeply Splunk is integrated and what exactly you're monitoring with it, as well as which variant of Dynatrace you have — whether it's Managed or SaaS.

Splunk is primarily considered a log management tool, while Dynatrace is more of an APM (Application Performance Monitoring) or observability platform.

This results in significant differences in how the tools are configured.

Some time ago, we also transitioned from the Cisco family — specifically from AppDynamics — to Dynatrace. It required our teams to reframe their understanding of what APM is in the context of Dynatrace and how it works. This was especially important regarding the approach to AI, problem detection, and generation. It also involved creating new metrics, which may have different names in various tools, and offer completely different options for how to alert or monitor those issues.

As for integrations and APIs, Dynatrace provides many possibilities. Tracing in Dynatrace offers powerful support for using OpenTelemetry (OTEL).
https://www.dynatrace.com/technologies/opentelemetry/

When it comes to API capabilities, Dynatrace has a wide range of APIs that can be used to automate multi-level operations.

0 Kudos
Reply

lubrman
Advisor

‎16 Jun 2025 10:20 AM

example dynatrace api 
https://docs.dynatrace.com/managed/whats-new/dynatrace-api/sprint-316


You can also integrate various exporters if you're using something like Prometheus.

However, I would start with a detailed analysis of the key metrics currently collected by Splunk and assess whether they can be replaced by Dynatrace. If it's not possible to replace them directly with a built-in metric, JMX, or OpenTelemetry (OTEL), I would consider using a custom exporter as an alternative.

I definitely recommend checking out the observability posts by Andreas Grabner.



0 Kudos
Reply
Ask a question

Featured Posts