This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Restricting access to Service metrics using security context

panumjp
Participant

‎04 Apr 2025 06:16 AM - last edited on ‎04 Apr 2025 08:43 AM by Community Team

Is it possible?

I have a service with security context configured, but I don't understand how security context should be propagated to time series created by the service.

For example dt.service.request.count used in graphs in service overview of Services application.

 

0 Kudos
Reply
4 REPLIES 4

panumjp
Participant

‎07 Apr 2025 03:18 PM

Thanks for the tip. This looks like good method to use if you need to restrict access by metric key. And that probably works well in use case where it is possible to have a metric key for every "security boundary".

 

In the "Host tags and properties" section of this documentation page https://docs.dynatrace.com/docs/manage/identity-access-management/use-cases/access-security-context
it states: "After you set the security context on a host, it will be used to automatically determine the security context for all logs, spans, metrics and events that are sent from this host."

I believe there is no equivalent functionality for services...

According to this page https://docs.dynatrace.com/docs/ingest-from/setup-on-k8s/guides/metadata-automation/k8s-metadata-tel...
security context enrichment for Service metrics in Kubernetes environments will be available in the future.

 

I like the idea of security context, but it's unfortunate that it's not available everywhere (or is it?). As a Dynatrace newbie, I find it quite challenging to determine from the documentation where it can and cannot be used.

 

0 Kudos
Reply

DanielS
DynaMight Guru
DynaMight Guru
In response to panumjp

‎07 Apr 2025 03:32 PM

As you say, @panumjp , this isn't an easy task. Based on my personal experience of using Dynatrace for over nine years, it's helpful to have a general overview of the platform to understand the scope of these tasks. My advice in these cases is to seek help from the community, which has many knowledgeable people willing to help. And if you need something more extensive than a question, I recommend finding a professional with specific experience who can help you build the foundation and explain the implications.

Dynatrace Certified Professional @ www.dosbyte.com
0 Kudos
Reply

jason_gs
Dynatrace Contributor
Dynatrace Contributor
In response to panumjp

‎08 Apr 2025 10:57 AM

We're starting to see service metrics in grail appearing: https://docs.dynatrace.com/docs/shortlink/release-notes-saas-sprint-310#calculated-service-metrics-i... but it'll be some time before there's parity with the builtin metrics from classic. Is it a must-have feature is the short term to control access to metrics; is this something you could do in the future?

0 Kudos
Reply
Ask a question

Featured Posts