Dynatrace provides the following native OTLP ingest endpoints:
Calls to the API endpoints need to adhere to the following protocol details:
Also, make sure Send W3C Trace Context HTTP headers
is enabled.
The protocol specification can be found at OTLP Specification.
The SaaS endpoint and ActiveGate instances provide endpoints for all three signal types (traces, metrics, and logs) under OpenTelemetry's default paths.
/v1/traces
/v1/metrics
/v1/logs
Using these paths, you only need to prepend one of the following base URLs, applicable to the type of environment, and specify your environment ID.
Environment ActiveGates listen by default on port 9999
. If you changed that port, adjust the port in the URL accordingly.
Containerized ActiveGates do not support OTLP log ingest yet.
The following example URLs illustrate combinations of base URLs and paths for signal types.
ActiveGate Type | Signal Type | URL |
---|---|---|
SaaS | Traces |
|
Metrics |
| |
Logs |
| |
Environment ActiveGate1 | Traces |
|
Metrics |
| |
Logs2 |
| |
1 Environment ActiveGates listen by default on port 2 Containerized ActiveGates do not support OTLP log ingest yet. |
Vanilla OTLP exports to ActiveGate require manual enrichment of Dynatrace host information to have the correct topology information. When exporting to OneAgent, this happens automatically.
To do so, make sure your traces have the correct mapping resource attributes set. The list of applicable attributes can be found in (or imported from) the enrichment files.
Authentication is handled using an API access token and the Authorization
HTTP header.
Authorization: Api-Token dt.....
To obtain an access token, in Dynatrace, go to Access Tokens. Use the following access scopes for the signals you are exporting.
openTelemetryTrace.ingest
metrics.ingest
logs.ingest
Of course, you can also combine scopes. For more information on access tokens, see Dynatrace API - Tokens and authentication.
Verify that the following are true:
TCP port is not blocked
Because OTLP communication with ActiveGate takes place over the ports 443 (for SaaS and Managed) or 9999 (for Environment ActiveGates), make sure that the TCP port in question is not blocked by a firewall or any other network management solution you might be using.
Your system's certificate trust store is up to date
To avoid any possible SSL certificate issues with expired or missing default root certificates, make sure that your system's certificate trust store is up to date.
Using the Collector as an intermediate gateway allows you to streamline and optimize your telemetry data and requests centrally. See Collector use cases for more information and sample configurations for popular Collector use cases.
See Dynatrace Collector for more details on how to configure a Collector instance.
Whether you need to use TLS and authenticate your requests against the Collector depends on your particular Collector setup/configuration. By default, the OTLP receiver is configured for plain-text HTTP and does not require authentication.
The eventual outbound connection from the Collector to Dynatrace always requires authentication and TLS.
Verify that the following are true:
Network ports not blocked
Make sure the network ports required by the configured receiver instances are not blocked by a firewall or any other network management solution used as part of your infrastructure.
OneAgent provides a dedicated OTLP endpoint for localhost-only and traces-only OpenTelemetry exports.
127.0.0.1
(localhost)OneAgent does not support content compression using the HTTP header Content-Encoding
yet. Pay particular attention to that when instrumenting a Ruby application as the OpenTelemetry SDK for Ruby uses by default Content-Encoding: gzip
.
If you need to use content compression, please export to SaaS, the Collector, or ActiveGate.
To send traces to OneAgent, you first need to enable the Extension Execution Controller. You can do this globally for the whole environment, for host groups, or only for specific hosts.
Host group
and select the host group you want to configure.
The Host group property is not displayed when the selected host doesn't belong to any host group.
<group name>
link, where <group name>
is the name of the host group that you want to configure.With the EEC enabled, the OneAgent installations on the respective hosts will start accepting OTLP traces on URL http://localhost:14499/otlp/v1/traces
.
OneAgent uses the TCP port 14499 as default port for this endpoint. You can change the port with oneagentctl
.
The EEC ingestion endpoint is only available with Full-Stack and Infrastructure Monitoring deployments. It is not available with containerized setups. Please use ActiveGate as export endpoint for container applications.
Because it's a local-only endpoint, OneAgent does not require authentication.
Make sure there are no local restrictions for the used TCP port (default: 14499)
Because the OTLP communication is exclusively local, there should not be much network configuration to consider unless you have restricted local network communication, in which case you need to make sure there are no local restrictions on the used TCP port (default: 14499).
Ingestion API | OneAgent endpoint |
---|---|
|
|