Preview
OneAgent comes with a big set of features that are activated by default. Nevertheless, you always need to explicitly activate features added by newer versions of OneAgent and opt-in features. For details see, OneAgent Features and API Configuration.
To enable Developer Observability (Live Debugger), ensure that your One Agent is up to date and deployed correctly.
Dynatrace Live Debugger is only available on Dynatrace SaaS deployments with a DPS accounts that have the applicable rate card associated with the account. Please contact a Dynatrace product expert via live chat within your environment.
In order to enable the Live Debugger (as part of the Developer Observability product), the environment admin needs to enable the Live Debugger feature application through:
Go to Settings > Preferences > OneAgent features
Enable the live-debugging feature for Java, Node.js, or both, depending on your needs.
Enable Developer Observability
Go to Settings > Developer Observability > Enable Developer Observability
Create IAM policy using the details described in Grant permission to use the Live Debugger via an IAM policy.
Now you can enter the Live Debugger and select the services you would like to debug.
All supported values for each IAM permission and condition are listed below. Use them to define access policies based on a fine-grained set of permissions and conditions that can be enforced per service. For more information, see Working with policies.
Grants permission to set user-level Live Debugging breakpoints.
Conditions:
dev-obs:k8s.namespace.name - the name of the namespace that the pod is running in.
operators: IN, NOT IN, startsWith, NOT startsWith, =, !=
dev-obs:k8s.cluster.name - the name of the cluster that the pod is running in.
operators: IN, NOT IN, startsWith, NOT startsWith, =, !=
devobs:dt.host_group.id – ID of the host group.
operators: IN, NOT IN, startsWith, NOT startsWith, =, !=
dev-obs:dt.host.name - the name of the host.
operators: IN, NOT IN, startsWith, NOT startsWith, =, !=
Example policies:
Allow setting breakpoints for all instances:
ALLOW dev-obs:breakpoints:set;
Allow setting breakpoints for a particular host group:
ALLOW dev-obs:breakpoints:set WHERE devobs:dt.host_group.id = "myHostGroup";
Grants permission to manage environment-level Live Debugging breakpoints.
Example policy:
Allow managing breakpoints across the environment:
ALLOW dev-obs:breakpoints:manage;
If your application's code is being transpiled or bundled, you must include the source maps, either in-line or as separate files.
inline, both or true values for the sourceMaps option in the Babel config file (reference).inlineSourceMap: true or sourceMap: true as well as inlineSources: true in the TypeScript config file (reference).sourceMap: true as well as inlineSources: true in the TypeScript config file and use either the inline-source-map or source-map values for the devtool option in the Webpack config file.The Live Debugger works with uglified/minified code if it's provided with source maps, however, mangling (changing of variable names) should not be applied.
Webpack may automatically mangle variable names when used in production. To disable mangling in webpack, add the following to webpack.config.js:
const TerserPlugin = require("terser-webpack-plugin");module.exports = {// ...optimization: {minimizer: \[new TerserPlugin({terserOptions: {mangle: false,},})],},};
When debugging within a remote environment, knowing exactly what source code it is executing is imperative.
The Live Debugger integrates with your source-control provider to fetch the correct source code for every environment (see our source code security page for more info).
Configure the following environment variables to enable automatic source code fetching:
DT_LIVEDEBUGGER_COMMIT - String that indicates your git commitDT_LIVEDEBUGGER_REMOTE_ORIGIN - String that indicates your git remote originFor multiple sources, use the environment variable DT_LIVEDEBUGGER_SOURCES to initialize the SDK with information about the sources used in your application.
DT_LIVEDEBUGGER _SOURCES is a semicolon-separated list with either a source control repository and revision information, or a path on the local filesystem to a JAR file.
Dynatrace Live Debugger offers data masking rules to let you control sensitive data, giving you the ability to specify which data it should not collect and display to users.
You can set the data masking rules through the Live Debugger Settings page:
Redact by variable name
When masking by variable name, the entire value of any variable matching that name will be redacted.
For example, adding a rule for the variable name secretKey replaces the output secretKey:12345 with secretKey:\*\*\*.
Redact by regex
When masking by regular expression, all matches to that expression will be redacted.
For example, adding a rule regarding the variable value \[0-9]+ will replace nameAndPassword:LordHelmet-12345 with nameAndPassword:LordHelmet-\*\*\*\*.
Defined rules can be reordered, and they are executed in the order in which they appear on the Sensitive data masking page.
The redacted data is replaced, by default, with the string \*\*\*.
You can choose a custom string for the rule, or replace it with a SHA-256 hash. For example, adding a rule for the variable name secretKey with a custom replacement of REDACTED replaces the output secretKey:12345 with secretKey:REDACTED.
Data redaction settings only apply to breakpoints set after the configuration change.
To use the Live Debugger module, enable the Live Debugger ActiveGate module by setting debugging_enabled to true in the custom.properties file and then restarting ActiveGate.
If you are using a proxy, configure it within the Environment ActiveGate as described in Proxy for ActiveGate.