This page showcases new features, changes, and bug fixes in Dynatrace SaaS version 1.317. It contains:
Application Observability | Log Analytics
You can now use the Retain with Included Queries model at the bucket level and mix on-demand queries with included queries for selected timeframes. This solution helps to control costs by allowing you to run only included queries and have volume-based pricing based on retention rather than usage-based pricing on scanned data.
For configuration details, see Take control of log query costs using Retain with Included Queries.
With the newly introduced Retain with Included Queries pricing model
The image below shows a warning message when a user (restricted to included queries) attempts to query data outside of the allowed timeframe.
Platform
We have started rolling out the Grail-native Smartscape storage into production. It comes with new DQL functionality to work with Smartscape nodes and edges. The storage is running in parallel to the existing classic entity storage. We are not making any changes to the topology that is stored in the classic entity storage and you should continue to use it as usual.
Currently, the Smartscape on Grail storage does not contain any data. Over the following months we will kick off preview programs of new functionality that will utilize the new storage.
The new storage comes with new DQL commands that allow you to query nodes and edges and to traverse the topology. For more information, see Smartscape on Grail.
Stay tuned for upcoming preview programs in the area of Cloud monitoring and Kubernetes monitoring in the next months.
Platform
Dynatrace now automatically adds relevant fields for metric extraction. This saves time by applying consistent defaults (for example, k8s.namespace.name
, dt.cost.costcenter
), thus simplifying setup and reducing repetitive steps.
Platform
You can now transform metrics records in OpenPipeline by renaming fields, adjusting values, adding new attributes and more DQL functions to fit your analytics and cost optimization needs. Assigning a security context enables granular, record-based access control—ideal for restricting visibility of sensitive KPIs or powering real-time dashboards for specific teams. No configuration or action is required to enable this feature.
Platform | Settings
Fixed an issue where buttons were rendered off-screen when configuring Java service definitions on certain display sizes.
Application Observability | Log Analytics
We harmonized the data exploration experience in the Logs app and Distributed Tracing app. Both apps share the layout, table experience, and filtering and are optimized for productivity and readability.
Application Observability | Log Analytics
Improved empty state messaging to clearly indicate query issues and guide users with relevant suggestions.
Application Observability | Distributed Traces
Explore related logs: Seamlessly navigate between traces and their associated logs in a unified, side-by-side interface. This integrated approach eliminating context switching and accelerating troubleshooting with complete system behavior visibility.
Improved waterfall visualization: Experience redesigned trace waterfall with enhanced iconography and descriptions for web requests, queue interactions, and database statements.
Full end-to-end trace visibility: Gain complete visibility into complex transaction flows with the ability to see full end-to-end traces, across multiple IBM MQ message queues even when spanning different trace IDs.
Major performance improvements: Experience significant performance enhancements.
Application Observability | Distributed Traces
Added a new trace sampling setting for RPC requests, allowing configuration of how OneAgent samples specific Remote Procedure Calls (RPCs). This can be set at the global environment level or scoped to a process group, host group, Kubernetes cluster, or namespace.
Business Analytics | Business Analytics
Streamlined triage of potential security incidents with an updated redirect to the Threats & Exploits page.
Platform | OneAgent
OneAgent version 1.317+
Introduced a new feature flag on the Log Agent Feature Flag configurations page for enabling structured Event Data parsing. This flag is disabled by default.
When enabled, structured data is collected from Windows event logs—first from the User Data branch, or if unavailable, from the Event Data branch and its sub-branches. The collected data is transmitted as attributes alongside the recorded content.
Attribute names are derived from available information such as tag names, the value of the name field, or, when tag names are repeated and the name field is empty, a sequential number is appended to the tag name.
Sub-branches without values and tags labeled as Binary are omitted.
Application Observability | Log Analytics
Logs app now provides more filtering options through the context menu in both the table and details panel:
starts with
operator for values longer than 100 charactersgreater than
and less than
operators for numerical valuesApplication Observability | Log Analytics
You can now retrieve up to 50,000 log records using the limit
command in advanced DQL mode. This enhancement provides better flexibility and visibility when analyzing large volumes of log data.
Digital Experience | RUM Mobile
Added a new case to the withCustomInstrumentationConfig
view modifier that allows to specify the action name. Use .useControlName(customName)
to define the action name.
Digital Experience | Synthetic
The JRE has been updated to version 17.0.14 to benefit from performance improvements, enhanced security vulnerability protection, and bug fixes.
Platform | DQL
smartscapeId()
, toSmartscapeId()
, asSmartscapeId()
New DQL functions are now available: smartscapeId()
, toSmartscapeId()
, asSmartscapeId()
SmartscapeId("HOST", 0xA)
and SmartscapeId("HOST", 10)
– Constructs a ["HOST, 0xA]
Smartscape ID, that is equivalent to String "HOST-000000000000000A"
toSmartscapeId("HOST-0000000000000123")
– generates a Smartscape ID ["HOST", 0x123]
asSmartscapeId(...)
– returns the Smartscape ID if the argument is one, null
otherwise SmartscapeId("HOST-0000000000000123")
Platform | DQL
getNodeName()
, getNodeField()
New DQL functions are now available: getNodeName()
, getNodeField()
getNodeName()
and getNodeField()
are similar to _entityName_
and _entityAttr_
functions functionality-wise. Only the name is different and the lookup source is not entity model on Latest Dynatrace, but the new Smartscape store.
getNodeName(expr)
– acts as a shorthand alias for the smartscapeAttr
function specifically for retrieving the entity’s name
getNodeField(expr, name)
– retrieves a specific attribute for a smartscape node
Platform | DPL
SMARTSCAPEID
pattern matcherA new DPL matcher, SMARTSCAPEID
, has been added to support parsing Smartscape entity IDs. This matcher recognizes strings in the format {NodeType}-{HEX16}
, where:
NodeType
: String of [A-Za-z_:0-9]
, up to 255 characters.
HEX16
: Exactly 16 uppercase hexadecimal digits ([A-F0-9]{16}
).
Examples:
HOST-FFFFFFFFFFFFFFFF
PROCESS_GROUP-0000000000000000
HOST-8BF6596F7D07B054
Platform | DQL
arrayCumulativeSum()
The arrayCumulativeSum()
function is now available.
It accumulates numeric arrays.
arrayCumulativeSum(array)
Parameter
null
Infrastructure Observability | Kubernetes
Add support for bearer token authentication when scraping Prometheus metrics via ActiveGate Kubernetes monitoring.
For details, go to Monitor Prometheus metrics.
Platform | Settings
Fixed an issue where buttons were rendered off-screen when configuring Java service definitions on certain display sizes.
All | Distributed Traces
All available horizontal screen space is now utilized by attributes until either the space is fully occupied or all attributes have been displayed.
Application Observability | Distributed Traces
Initial release of the DB2 monitoring on z/OS. This includes the collection of the following key metrics:
DB2 Metrics collected:
CPU metrics
Connection metrics
zIIP time
Number of EDM pool requests
Number of cache hits
Application Observability | Distributed Traces
To support distributed tracing in Spring Reactive Kafka Binder a new opt-in feature Spring Kafka Stream Binder support was added. It supports non-reactive auto commit scenario with a bean signature public Consumer<Flux<Message<T>> consume() {}.
It is not compatible with Java Kafka - discover listeners automatically if Reactor Kafka is used.
Platform | OneAgent
OneAgent version 317 introduces support for capturing Kafka message headers during message consumption operations. Based on configuration, the specified headers will be captured as strings.
Infrastructure Observability | Hosts
Improved Tomcat technology detection for Tomcat server running as a service.
Application Observability | Distributed Traces
This is a new feature for PHP OneAgent. We've introduced a sensor that detects and displays RedisCluster calls made via the phpredis extension in Distributed Traces. When possible, Redis cluster method calls in traces will indicate the specific cluster node where the command was executed.
This feature can be disabled using the debugPhpDisableRedisClusterSensor
flag.
We support phpredis versions from 3.1.6 to 6.2.0.
Software Delivery | Site Reliability Guardian
You can now define objectives in Site Reliability Guardian using segments, offering a more streamlined and consistent way to scope relevant data.
This enhancement aligns objectives with the segmented data views already used across the platform, ensuring they reflect your existing data structures. By leveraging segments, such as logs from a specific environment, you can precisely target the data that matters most. This speeds up setup and ensures consistency across workflows.
Software Delivery | Site Reliability Guardian
This release introduces several user experience enhancements to data tables across Site Reliability Guardian, making data exploration, analysis, and decision-making faster and more intuitive.
All | Managed
The Mission Control ciphers have been reduced, and only the following are accepted:
TLS_AES_128_GCM_SHA256TLS_AES_256_GCM_SHA384TLS_CHACHA20_POLY1305_SHA256ECDHE-ECDSA-AES128-GCM-SHA256ECDHE-RSA-AES128-GCM-SHA256ECDHE-ECDSA-AES256-GCM-SHA384ECDHE-RSA-AES256-GCM-SHA384
Ensure that all connections you establish to Mission Control support these ciphers. If they don't support the listed ciphers, no connection to Mission Control can be established.
Platform | OneAgent
Declarative process grouping (DPG) rules now apply to deep monitored processes in application-only deployments. If a DPG rule was previously created that matches these processes, the Process Group (PG) and Process Group Instance (PGI) IDs may change accordingly.
This change only affects Code Modules deployed as application-only.
Application Security | Security events
You can now manage security data more effectively with a dedicated security.events
table in OpenPipeline. This gives you full control over how security-related events are ingested, processed, and stored without interfering with other event types.
security.events
Targeted alerting for critical security threats: Set up custom alerts for specific incidents like unauthorized access attempts or unusual login patterns. Instead of sifting through all events, you can now monitor just security signals that matter the most to your organization.
Smarter storage with separate retention policies: Apply longer retention to critical security events, without bloating your main storage or affecting performance. Keep what you need, for as long as you need it.
This is just the beginning: Use the security.events
table to build custom detection logic or optimize investigations, and create focused views and workflows that align with your organization’s unique security needs. Explore how this space fits best into your security strategy.
Built-in security events are currently available in both the generic events
table and the new security.events
table. This duplication will continue until the migration is complete, after which events will appear only in the new table.
To ensure a smooth transition and avoid disruptions to your workflows, please complete the migration by end of September 2025.
Get started by activating the security.events
table in OpenPipeline and adapting your security workflows accordingly.
For a full overview of what's changing and step-by-step guidance on how to migrate, follow the instructions in the Grail security table migration guide.
Infrastructure Observability | Hosts
Fixed the issue where Oracle Net Listener processes were not correctly separated by name when OS services were not collected on Windows. Additionally, the correct listener name is now used instead of the Oracle home name.
All | Services
OpenTelemetry services only
In response to customer feedback, the changes described in this "Service Detection v2 for OpenTelemetry" section have been reverted to Dynatrace version 1.316 behavior.
The new endpoint detection rules can be re-enabled via an opt-in toggle in a forthcoming release.
Service Detection v2 (SDv2) introduces a major enhancement by making previously hardcoded OpenTelemetry service detection rules configurable directly through the Dynatrace web UI.
Reverted: see note above
{application.name}-{application.id}
).Reverted: see note above
These changes may affect existing service and endpoint configurations.
Catch-all/endpoints
removed; endpoints now named after http.route
or span.name
./system/probes/health
to "Health Check" mapping removed.span.name
.For more details, go to Service Detection v2.
dt.query
field. (DI-20795)To learn about changes to the Dynatrace API in this release, see Dynatrace API changelog version 1.317.