18 Aug 2020 12:53 AM - last edited on 26 Apr 2021 04:56 AM by MaciejNeumann
First of all I am quite new with the Dynatrace so I apologize in advance if a question is misunderstood or strange.
We have Dynatrace managed including Cluster ActiveGate .
We monitor some external web and mobile applications that are reported to Dynatrace through public endpoint.
We received a request to monitor an internal application SAP Fiori. In the code snippet I provide to SAP team, a public endpoint name is listed and it doesn't pass Security Team verification.
I tried renaming public endpoint name to Dynatrace server name and we loaded the snippet into SAP Fiori. At the start dynatrace.js scipt sent request to the Dynatrace server as expected, but after that ruxit and all another requests addresses the public endpoint.
Is it supported? Am I doing something wrong? Is there another way to separate external and internal systems that are monitored using agentless RUM?
Solved! Go to Solution.
Why SAP team rejected public endpoint? What's missing there?
Anyway... you can try with workarounding that. Check: https://www.dynatrace.com/support/help/shortlink/agentless-rum#insertion-methods
you could try with providing the :8443 cluster endpoint e.g.:
So you can test the URL with e.g.:
Thanks for your answer.
It rejected by Security team because of public endpoint have public IP that published to the internet and connections from internal sources to external IP will compromise network security.
(Clarification - public endpoint is NLB with external virtual IP).
I did all steps as described in the blog https://blogs.sap.com/2018/07/17/monitoring-a-fiori-launchpad-on-sap-cloud-portal-using-dynatrace./
and modified the code snippet JS file with cluster activegate name instead of endpoint name.
From Developer tools i see dynatrace.js request that goes to the cluster node, but ruxitagent.js goes to the public endpoint.
@Anatoly G., out of security, does that also apply to outside communication through a proxy?
And did you solve this in the end?