Gain insights

Latest Dynatrace

Selecting a finding on the detection findings page opens a side window that enables you to

For findings from third-party sources, data displayed in this section is limited based on the external source information.

Get finding details

In Details, you can see information about

  • The action Runtime Application Protection took based on your monitoring rules. Potential values are Blocked, Allowedlisted, Audited.

  • The attack vector, detailing the method or path used in the attack.

  • The affected object, with an option to analyze it further in another app (for the desired object, select Open with from the context menu ).

  • The identified request, providing insights into the specific request involved.

  • The entry point, revealing where the access occurred.

  • The vulnerability, highlighting the specific weakness exploited.

finding details

For details about these items, see Concepts.

List source information

In Source, you can see a list of all the available information from the ingested finding.

Long values may be clipped. You can copy the full values via the context menu on their right.

For further analysis, you can open any of the listed values in another app.

Analyze logs

In Log analysis, you can

  • Have a quick overview of logs related to a particular finding and their severity within the selected timeframe.

  • Run recommended DQL queries for a quick analysis of logs related to a selected finding. This enables you to carry out fast investigations and root-cause analysis based on the relevant data.

    Select Run query to execute a query.

    See below for details on how to manage query results.

Display results

Results displayed in the results table are formatted and the most critical information is highlighted.

  • Use the date picker to apply the correct timeframe for your query. (1)

  • Expand rows for details. (2)

  • Use Column settings to add or remove table columns. (3)

  • Use the column title menu to sort, hide, or move columns. (4)

  • Use Enable line wrap to view longer log lines without horizontal scrolling. (5)

  • Display metadata information about the executed query. (6)

navigate logs

Search in results

After your query has returned records in the result table, you can search for keywords in this data. Use the Search in results field to filter the table by your keyword. This filtering won't execute a new query, but will only show the already returned and loaded results in your browser.

search for text

Show surrounding logs

See the related logs for every record to understand the data context better. First, find a relevant log line in the result table and expand it for details, then select Show surrounding logs. The surrounding logs are displayed for the context provided by the log record. For example, if the trace_id parameter is present, you'll see other records with the same trace ID; otherwise, you can see surrounding logs for the same topology entity.

show surrounding logs

You can quickly navigate between log details and related hosts, Kubernetes clusters, traces, or other entities. This helps you understand the impact of a single record in the context of related metrics and traces.

  • Select Run query for 15 logs before/after to navigate the logs.

  • Use Scroll to log to get back to the starting point.

navigate logs