This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
FAQ
Synthetic Monitoring
Browser monitors, HTTP monitors, synthetic locations.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Dynatrace SSL Monitoring for 1000+ Domains – Recommended Automation Approach

Selvam
Participant

‎29 Jun 2026 03:04 PM

We are planning to onboard SSL certificate monitoring for approximately 1000 domains in Dynatrace.

Manually creating individual SSL monitoring configurations is not scalable and will create significant operational overhead.

What is the recommended enterprise-scale approach for SSL monitoring in Dynatrace?

Specifically:

  • Can SSL monitors be created and managed through the Dynatrace API, Terraform, or Automation Workflows?
  • Is there a bulk import option available?
  • What are best practices for maintaining a large inventory of domains (e.g., from an Excel sheet, CMDB, or DNS records)?
  • How do organizations typically automate onboarding and offboarding of SSL monitors for hundreds or thousands of domains?

Looking for guidance on a scalable and maintainable solution rather than manual configuration.

0 Kudos
Reply
2 REPLIES 2

t_pawlak
Leader

‎29 Jun 2026 03:43 PM

Hi,
For an environment with 1000+ domains, I would definitely avoid managing SSL monitors manually.

My recommendation would be to treat SSL monitors as Infrastructure as Code and manage them with Terraform (preferred) or Monaco.

Terraform is particularly well suited because you can keep your inventory (CSV, YAML, JSON, CMDB export, etc.) outside of Dynatrace and use for_each to automatically create one monitor per domain. This makes onboarding and offboarding as simple as updating the inventory and re-running the deployment.

For example, we use a very similar approach for managing Dynatrace Management Zones. The configuration is generated from a table in tfvars, and Terraform iterates over the entries to create the required resources dynamically. Here's a simplified example of using a dynamic block:

    dynamic "rule" {
      for_each = var.synthetic_monitor_name_value != null ? [var.synthetic_monitor_name_value] : []
      content {
        type    = "ME"
        enabled = true
        attribute_rule {
          entity_type = "BROWSER_MONITOR"
          attribute_conditions {
            condition {
              key      = "BROWSER_MONITOR_TAGS"
              operator = "TAG_KEY_EQUALS"
              tag      = var.auto_tag_name
            }
          }
        }
      }
    }

You could apply the same concept to SSL monitors—store all domains in a variable or data file and let Terraform create or remove the monitors automatically. This approach scales much better than relying on manual configuration or bulk imports and keeps your Dynatrace configuration synchronized with your source of truth.

Reply

t_pawlak
Leader
In response to t_pawlak

‎29 Jun 2026 03:45 PM

Of course, you can also automate this directly through the Dynatrace API if you prefer to build your own provisioning process. The Synthetic Monitors API supports creating, updating, deleting, and listing monitors, so it's perfectly possible to synchronize your inventory from a CMDB, DNS, or another source of truth.
Synthetic API v2 
That said, I'd still lean towards Terraform (or Monaco) for long-term maintainability. Using Terraform with for_each gives you version-controlled, declarative configuration and makes onboarding/offboarding as simple as updating your inventory and applying the changes, rather than maintaining imperative API scripts.

0 Kudos
Reply
Ask a question

Featured Posts