Real User Monitoring (RUM) operates within an HTTP ecosystem and relies on a set of requests, headers, and cookies to capture and report real user data, and to link it with backend distributed traces. For RUM to work as expected, your infrastructure—including firewalls, proxies, load balancers, content delivery networks, web servers, and any other components in the request path—must allow these requests, headers, and cookies to pass through unaltered. In addition, OneAgent uses the headers described in Span and trace context propagation in Distributed Traces Classic for distributed tracing, which also need to pass through your infrastructure.
On web applications, the RUM JavaScript is either injected automatically or inserted manually into webpages. The RUM monitoring code is loaded as an external file unless you use the snippet format inline code—and even then, the Session Replay monitoring code is loaded as a separate file. Once active, the RUM JavaScript starts sending beacon requests to report the captured RUM data.
For RUM to function fully, both requests for the RUM monitoring code and RUM beacons must pass through your infrastructure.
js-cdn.dynatrace.com/jstag/.ruxitagentjs_.For details on the default URL and the available configuration options, see Configure the Real User Monitoring code source.
RUM beacons report the data captured by the RUM JavaScript back to a beacon endpoint.
/bf that is part of a Cluster ActiveGatein the Dynatrace SaaS infrastructure./rb_<id>.POST body contains the payload, sent with the text/plain content type. For Session Replay, the application/octet-stream content type can also be used.POST requests may be preceded by CORS preflight requests, which are OPTIONS requests.For the available beacon endpoint configuration options, see Configure beacon endpoint for web applications.
RUM uses the following HTTP headers, all of which must be allowed to pass through your infrastructure.
| Header | Purpose |
|---|---|
| Set by the RUM JavaScript when configured as described in Link cross-origin XHR user actions and their distributed traces to carry information required for correlating cross-origin XHRs. |
| Set by the RUM JavaScript to carry IDs required for RUM beacon routing, user session aggregation, and RUM correlation. |
| Set by the RUM JavaScript when the instrumented application modifies the standard |
| Set by OneAgent on the first instrumented server-side tier (the one closest to the browser) to forward context to downstream OneAgents, such as the detected application ID, the cookie domain, and any applicable custom injection rule. |
| OneAgent versions before 1.167 Legacy header set on the first instrumented server-side tier (the one closest to the browser) to preserve the original URL of the request in case of URL rewriting. |
| Set by OneAgent to prevent the .NET code module from capturing distributed traces for RUM beacons. |
| Header | Purpose |
|---|---|
Read by OneAgent to determine whether to compress the RUM JavaScript before delivery. | |
Set or modified by OneAgent on the first instrumented server-side tier (the one closest to the browser) when no | |
| Modified by OneAgent when cache control header optimizations are active. |
Set by the browser. Captured by OneAgent and by the beacon endpoint on the Cluster ActiveGate for RUM correlation. | |
Set by the browser. Read by OneAgent to evaluate browser exclusion rules, and captured by beacon endpoints for browser and OS detection. Setting it to |
| Header | Purpose |
|---|---|
| Set by OneAgent when its RUM health check is active, carrying the IDs of the OneAgent code modules involved in handling the request. |
| Set by OneAgent when its RUM health check is active, carrying the health check results. |
| Set by OneAgent to indicate that it has started injecting the RUM JavaScript, preventing duplicate injection. |
| Header | Purpose |
|---|---|
| Set by beacon endpoints for responses to |
Set by beacon endpoints for responses to RUM beacons. To control from which origins beacons are accepted, configure the beacon origin allowlist. Also set for responses to requests for the RUM monitoring code when they are handled via the Dynatrace CDN. | |
Set for responses to RUM beacons and requests for the RUM monitoring code. | |
Set for responses to requests for the RUM monitoring code; also read during HTML injection. | |
Adapted upon HTML injection, and set for responses to RUM beacons and requests for the RUM monitoring code. | |
Set for responses to RUM beacons and requests for the RUM monitoring code, and read during HTML injection. | |
When cache control header optimizations are active, OneAgent appends a suffix to the original header value. It may set the header if the application doesn't. | |
Set for responses to requests for the RUM monitoring code when they are handled via the Dynatrace CDN. | |
When cache control header optimizations are active, OneAgent subtracts 1 second from the original header value. The header is also set for responses to requests for the RUM monitoring code. | |
Set by OneAgent to carry information relevant for RUM correlation. | |
Set by OneAgent to place the | |
Set by the beacon endpoint on the Cluster ActiveGate. | |
Set by OneAgent to allow the RUM JavaScript to access the content of the | |
Read by OneAgent during HTML injection. | |
Set for responses to RUM beacons and requests for the RUM monitoring code. |
RUM uses the following cookies. All of these must be able to reach Dynatrace. For more details on how Dynatrace uses cookies, and for an explanation of the <suffix> used in the table, see Cookies and client-side storage for RUM and Session Replay.
| Cookie | Max size | Purpose |
|---|---|---|
| No set limitation, but usually less than 100 B | Tracks a visit across multiple requests. |
| 58 B | Required for routing RUM beacons; includes session ID for user session aggregation. |
| Max URL length | Serves as an intermediate storage for page-spanning actions. |
| Length of | Used to determine the top-level domain. |
| 45 B | Contains the visitor ID to correlate sessions. |
| 27 B | Stores the session timeout. |
| 20 B | Specifies the ID of the current recorded view. |
| 81 B | If Session Replay is enabled, stores the required values to keep the recording consistent through pages. |
dtsrVID cookie exists from RUM JavaScript version 1.325+ to RUM JavaScript version 1.333.
The optional cookie dtSR is available from RUM JavaScript version 1.335+.
OneAgent for Mobile sends beacon requests to report the captured RUM data. The beacon URL path depends on the configured beacon endpoint:
/mbeacon./dtmb.In addition to the POST requests that report the captured data, OneAgent for Mobile also sends GET requests to the beacon endpoint to retrieve configuration updates. Beacon responses have a text/plain content type.
The beacon URL includes a query string that must not be altered—this includes modifying, removing, or reordering parameters.
On mobile applications, the following HTTP headers are used, all of which must be allowed to pass through your infrastructure.
| Header | Purpose |
|---|---|
| Set when you use the Cordova Plugin and manually instrument native web requests. Links native web requests with their server-side distributed traces. |
| Set by OneAgent for Mobile to link the mobile part of a web request with the server-side distributed trace. |
| Header | Purpose |
|---|---|
Set for responses to RUM beacons. | |
Set by the ActiveGate beacon endpoint for responses to RUM beacons. |
The following cookies are used for hybrid applications that combine OneAgent for Mobile with the RUM JavaScript. They need to pass through your infrastructure unaltered.
| Cookie | Max size | Purpose |
|---|---|---|
| 92 B | Joins sessions captured by the OneAgent for Mobile and the RUM JavaScript. |
| 36 B | Propagates settings between OneAgent for Mobile and the RUM JavaScript. |