Set up permissions for Distributed Tracing

  • Latest Dynatrace
  • How-to guide
  • 1-min read

Before you start, make sure you've read and set the necessary Permissions in Grail.

Policy scope

Table permission

Read buckets data

storage:buckets:read

Read span data

storage:spans:read

Read entities data

storage:entities:read

Read log data

storage:logs:read

Read filter-segments data

storage:filter-segments:read

View sensitive fields trace data 1 2

storage:fieldsets:read WHERE storage:fieldset-name="builtin-sensitive-spans

storage:fieldsets:read WHERE storage:fieldset-name="builtin-request-attributes-spans

Read user app states

state:user-app-states:read

Write user app states

state:user-app-states:write

Delete user app states

state:user-app-states:delete

1

Sensitive attributes for spans are tagged as sensitive-spans in Global field reference.

2

To learn more about restricted view access to personal data and confidential request attributes, see Masking at display.

Related tags
Application ObservabilityDistributed TracingDistributed Tracing