Collaborate with other apps

  • Latest Dynatrace
  • How-to guide

Investigations Investigations lets you interact with other apps to enrich your analysis, correlate data across domains, and streamline workflows. You can:

Download nodes as a Notebooks document

From Investigations Investigations, you can download nodes and results as a new Notebooks Notebooks document. For details, see Download nodes.

Navigate to other apps

For example, from Investigations Investigations, you can

  • Open queries in another app.

    1. Select Open with at the right below the query input.
    2. Select an app from the available options.
    open with for queries
    open with for queries

  • Open monitored entities field values in another app.

    1. In the query results table, select a dt.entity.[...] field value.
    2. Select Open with Open with and select an app from the available options.
    open with from query results table
    open with from query results table

  • Open a distributed trace by its trace ID in another app.

    1. In the query results table, select the field that contains a trace ID value, such as trace_id or trace.id.
    2. Select Open with Open with and select an app from the available options.

Navigate to Investigations

To open Investigations Investigations from other apps, such as Logs and Events Logs & Events, Kubernetes (new) Kubernetes, Vulnerabilities Vulnerabilities, or Threats & Exploits Threats & Exploits, look for and select the Open with option in the respective apps.

For example, from Kubernetes (new) Kubernetes, you can instantly view pod logs and begin analyzing operational or performance issues using Investigations Investigations.

  1. In Kubernetes (new) Kubernetes, go to Pods and select a pod for which you want to view logs.

  2. Select More actions, then select Open with.

  3. Select Investigations Investigations from the list of available apps.

    This generates a query in Investigations Investigations to fetch all relevant logs from the pod and allows you to carry on the investigation from there.

open kubernetes pods in Investigations
open kubernetes pods in Investigations

View source references

When an investigation is opened from another Dynatrace app, a reference to the source is automatically added. You can view all sources in the right‑hand panel next to the results table, in the References tab alongside Evidence and Performance metrics. Each source entry displays the name of the originating item and the icon of the source app. Select a source to open it directly in a new browser tab.

This functionality is currently available for Threats & Exploits Threats & Exploits, with support for additional apps coming later.

Related topics

Related tags
Threat Observability