cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Monitoring SaaS Web Applications (like Office 365)

alberto-jesus_1
Contributor

Hi,

 

We are getting different aproaches to SaaS monitoring. In case of SaaS WebServices or API's it's easy to monitor from the backend perspective using Custom Resources. From Applications perspective, they are handled as 3rd parties to get some insights.

 

The problem is to monitor SaaS Web Applications like Office 365, SaleForce, etc. In that case there are only two ways to monitor using Dynatrace:

 

- Manually update of pages injecting JavaScript tag (not possible in most of SaaS web applications).

- Using browser extension which could be an alternative for Development team, not for final users (just Chrome and Edge are BE compliant and requires an extension installation).

 

Is there any other approach to monitor SaaS web applications like Office 365? I am thinking about instrument the proxy if it is a supported technology, do you have previous experiences doing so?

 

Thanks in advance.

 

Alberto.

4 REPLIES 4

Julius_Loman
DynaMight Legend
DynaMight Legend

Hello Alberto,


two approaches you have mentioned are the standard ones and work quite well.
Besides that, if you just need to monitor SaaS services from your corporate network, one possible approach would be to use a reverse proxy such as NGINX (with OneAgent installed) to proxy the communication to SaaS services. I use this approach from time to time and typically it works very well.

So basically it will work for a corporate network, even if HTTP proxies are not used. It will require several things:

  • a host with NGINX, Apache HTTP or other webserver with reverse proxy that will proxy the communication
  • your local DNS resolution service in your corporate network must point the SaaS hostname to your reverse proxy (e.g. saaservice.com will point to your reverse proxy)
  • valid https certificate at the reverse proxy. As you will need to get certificate for a public service, you won't get that from a public certificate authority and you will need to use your internal one (corporate CA), so the https connections will be trusted.

Traditional HTTPS proxy will not work for at least two reasons - typically SaaS services are HTTPS, so it must be a man-in-the-middle proxy which is not a typical case. Secondly, HTTP proxies are not supported by Dynatrace and it would require nontrivial effort to support them.

Certified Dynatrace Master | Alanata a.s., Slovakia, Dynatrace Master Partner

fstekelenburg
DynaMight Pro
DynaMight Pro

With the 📢 Support ending for the Chrome and MS Edge browser extension and the increasing use of SaaS applications the topic of monitoring SaaS web applications, or web applications that do not allow agentless or OneAgent deployment (internal or external) becomes more and more important.

For monitoring RUM from the corporate network an alternative might be, as neatly described above by @JuliusLoman, by using a reversed proxy.

A somewhat similar approach may be an application delivery controllers like F5 Big-IP, that can inject code in pages that pass this platform. F5 does also offer a similar solution: Overview of BIG-IP Analytics CSPM injection (f5.com)

The other alternative suggested above and more often in the community:

Agentless RUM (JavaScript) injection

Other monitoring suggestions are Synthetic Monitoring and the use of (REST) API if that is available. (Solved: Has anyone done Workday SAAS application integration with Dynatrace?)
Which are fine to measure a SaaS application (metrics), but not for real user / end-user experience monitoring.

So, to spark this topic up, it would be interesting how the Dynatrace community is going to cope with the demise of the browser extension, and what experiences there are with alternatives available. Mentioned or not mentioned.



Kind regards, Frans Stekelenburg                 Certified Dynatrace Associate | measure.works, Dynatrace Partner

Many thanks for suggesting these as potential alternatives. The reverse proxy option will not work in our organization, as it is not allowed. 

The F5 solution may work. Do you know if Azure Application Gateway also supports the injection of code into pages?

I am not that familiar with AAG, but someone else in the Community might very well be. 🙂
I do not find it directly in the specs on Azure Application Gateway features | Microsoft Learn

Kind regards, Frans Stekelenburg                 Certified Dynatrace Associate | measure.works, Dynatrace Partner

Featured Posts