Business event processing with OpenPipeline

Latest Dynatrace
Tutorial
5-min read
Published May 13, 2026

OpenPipeline can be used to convert different incoming ingest sources to business events. This is useful if logs or traces contain business-relevant information, or no other ingest path for business events is available.

All business event processors in OpenPipeline share the same baseline configuration fields. These fields determine how incoming records are evaluated, enriched, and transformed into business events.

Field	Description	Examples
Name	Identifies the use case for the pipeline creation.	`OrderBusinessEventFromLog`, `Credit Card Validation`, `External API Order`
Matching condition	Condition that must be met for the record to be converted into a business event.	DQL matchers
Event provider	Identifies the source or component that emitted the event. Can be taken from the payload or defined statically.	Field name: `event.provider` Static string: `customlog`
Event type	Identifies the business event type. Takes either a field from the payload or a static string.	Field name: `event.type` Static string: `biz.fromlog.order`
Fields extraction	Determines which attributes from the record are included in the business event.	`Extract all fields`, `Fields to extract`, `Fields not to extract`

Overview

Business events can be ingested directly via API ingestion. This is the preferred path when upstream applications already emit JSON payloads that include the event fields required for processing (for example, event.type, event.provider, and other custom attributes). When the incoming JSON already conforms to the Business Events schema, no additional extraction is necessary, and the payload can be forwarded as a business event directly to Dynatrace.

See JSON example

{
  "event.provider": "easytrade.api",
  "event.type": "buy-asset",
  "timestamp": "2026-03-13T12:13:00Z",
  "service": {
    "name": "easytrade-checkout-service",
    "id": "svc-easytrade-01"
  },
  "order": {
    "orderId": "ord-2002",
    "amount": 3500.50,
    "currency": "USD",
    "assetType": "bond"
  },
  "customer": {
    "id": "cust-900",
    "tier": "premium"
  },
  "request": {
    "is_failed": false
  }
}

If your API payload already contains the required event fields, it can be sent directly to Dynatrace without additional steps. However, you can use OpenPipeline to route or enrich API-ingested events when further processing is required.

Process API-based business events

To add further processing to your business event:

Go to Settings > Process and contextualize > OpenPipeline > Business events.
Create a pipeline for your API events in Pipelines > Pipeline.
Extract a metric from your payload:
1. Name your pipeline easytrade api pipeline.
2. Go to Metric extraction and select the Value metric type in the processor.
3. Add a descriptive Metric name, such as: premium customer revenue.
4. Set the Matching condition: event.type == "buy-asset" AND customer.tier == "premium".
5. Set the Metric key: biz.easytrade.premium.revenue.
6. Set Field extraction: order.amount.
7. Select Pre-defined dimensions and add: dt.entity.service and service.name.
8. Save changes.
Add a dynamic route that forwards matching events to your pipeline:
1. Go to Dynamic routing > Dynamic route.
2. Name your route: easyTrade API route.
3. Add the matching condition: event.provider == "easytrade.api".
4. Select the pipeline where your API business events are enriched: easytrade api pipeline.
5. Save your configuration.

Business events processing examples

In the following examples, you can see how ingest pipeline processing can be used to meet your technical and administrative requirements.

Example 1: Add a new calculated field to the pipeline

As a user, you need to add a calculated dollar trading volume value to the pipeline.

{
 "action":"buy",
 "accountId":6,
 "amount":10,
 "instrumentId":1,
 "price":157.025
}

Processor name: Add field
Matcher: matchesValue(action, "buy")
Transformation fields:

Name	Type	Optional	is Array	Read-only
amount	double	false	false	true
price	double	false	false	true

Processor definition: FIELDS_ADD(trading_volume: price*amount)

Example 2: Mask your data

You need to hide the CVV field on your credit card in an incoming JSON payload.

{
 "action": "payment",
 "creditCardNumber":"5570001112223344",
 "valid":"12/27",
 "cvv":"001"
}

Processor name: Mask field
Matcher: matchesValue(action, "payment")
Transformation fields:

Name	Type	Optional	is Array	Read-only
cvv	string	false	false	false

Processor definition: FIELDS_ADD(cvv: SHA1(cvv))

Example 3: Drop event attribute

You need to drop the birthdate field in an incoming JSON payload.

{
 "action": "newUser",
 "firstName":"Frank",
 "lastName": "Underwud",
 "birthDate": "10.01.1967"
}

Processor name: Drop field
Matcher: matchesValue(action, "newUser")
Transformation fields:

Name	Type	Optional	is Array	Read-only
birthDate	string	false	false	false

Processor definition: FIELDS_REMOVE(birthDate)

Example 4: Parse nested JSON

You need to parse attributes from a nested JSON in order to have them as top-level attributes in Grail.

{
  "action":"sell",
  "details":{
     "accountId":6,
     "amount":10,
     "instrumentId":1,
     "price":157.025
   }
 }

Processor name: Parse field
Matcher: matchesValue(action, "sell")
Transformation fields:

Name	Type	Optional	is Array	Read-only
details	string	false	false	false

Processor definition: PARSE(details,"JSON{INTEGER:accountId,INTEGER:amount,INTEGER:instrumentId,DOUBLE:price}(flat=true)") | FIELDS_REMOVE(details)

Example 5: Parse error message

In this example, you need to remove the voucher code from the error message field below to have the ability to count how often the same error message appears. The solution below leverages the Dynatrace Pattern language for parsing.

{
"timestamp":"2023-01-18T10:50:23.777000000Z",
"cartId":"58583939",
"error.message":"The voucher [XY-892940] is not valid!",
"error.messageKey":"error.voucher "
}

Processor name: Parse error message
Matcher: matchesValue(error.messageKey, "error.voucher ")
Transformation fields:

Name	Type	Optional	is Array	Read-only
error.message	string	no	no	no

Processor definition: FIELDS_ADD(final:REPLACE_PATTERN(error.message, "LD:p1 '[' LD:to_be_masked ']' LD:p2 ", "${p1}${p2}"))
Result: The voucher is not valid!.