You can create your own fine-grained monitoring rules for code-level vulnerabilities based on resource attributes, and define multiple conditions for one rule. When creating a rule, you can check if conditions apply and how many process groups are affected. The rules you create override the global code-level vulnerability detection control for the selected technology.
Enable Code-level Vulnerability Analytics.
Go to Settings and select Application security > Vulnerability Analytics > Monitoring rules: Code-level.
Select Add new rule.
optional Name your rule (if not, a name will be assigned to it automatically once you create the rule, based on your criteria).
For Code-level vulnerability control, specify how to control a vulnerability that matches the rule criteria:
optional If you want the rule to apply only to a subset of your environment, for Specify where the rule is applied, select Add new condition and provide the resource attributes that should be used to identify that part of the environment (for example, dt.entity.process_group
, aws.region
). For details, see Enrich ingested data with Dynatrace-specific dimensions.
optional To check if a rule applies, select Preview matching process group instances. This lists process group instances that currently match the criteria.
Select Save changes.
You can edit, disable, enable, or remove rules at any time.
Monitoring rules are ordered; the first matching rule applies.