What's new in Dynatrace SaaS version 1.324

  • Release notes
  • 7-min read
  • Rollout start on Sep 23, 2025

This page showcases new features, changes, and bug fixes in Dynatrace SaaS version 1.324. It contains:

Feature updates

Account Management | Cost Management

Cost Allocation for Log Management and Analytics and Traces powered by Grail now supports Ingest & Process costs

Cost Allocation for Log Management and Analytics and Traces powered by Grail now supports Ingest & Process costs. This extends the existing Cost Allocation capabilities for host monitoring to additional telemetry types, helping you attribute log and trace data costs to the right teams, applications, or business units for improved transparency and accountability.

You can configure cost allocation in multiple ways, including via OpenPipeline, which now enables you to set dt.cost.costcenter and dt.cost.product.

In most cases, other configuration methods should be prioritized before using OpenPipeline. We strongly recommend reviewing the documentation to understand the best approach for your environment before choosing a Cost Allocation configuration option.

For configuration steps, examples, and advanced use cases, see Allocate your DPS costs.

Account Management | Identity Access Management

Reduce platform token dependency on named users by issuing them for service users

With this release, you can generate your own platform tokens for any service you’re authorized to access. This option is available within your profile page on Account Management.

Application Observability | Log Analytics

Facets now display all possible values for enhanced clarity

You can now see all possible values, regardless of sampling limitations, for attributes like status and loglevel in facet filters for comprehensive visibility and easier filtering in Logs Logs.

Infrastructure Observability | Discovery & Coverage

Updated network coverage DQL

Updated DQL for network devices in Discovery & Coverage Discovery & Coverage to reflect updated network topology from various extensions.

Infrastructure Observability | Kubernetes

Enhanced Kubernetes object visibility

You can now access the Enhanced Kubernetes Object Visibility preview, which can be enabled in the Kubernetes app settings. This enables:

  • Visibility into additional Kubernetes objects, including Ingress, NetworkPolicies, CRDs, PVCs, PVs, and ConfigMaps.

  • Access to YAML definitions to debug and validate configurations in real time.

  • Ability to query YAMLs across all clusters and namespaces using Dynatrace Query Language (DQL). This enables instant surface misconfigurations, missing references, or policy violations across your Kubernetes environment.

For more information, see Enhanced Kubernetes Object Visibility.

Platform | Davis

Davis Anomaly Detector supports lookup data

Davis Anomaly Detection - new Davis Anomaly Detection now supports lookup data. To use lookup data with your Davis anomaly detector, you need to:

  • Be part of the lookup Preview program.

  • Set up the permissions.

To learn more about lookup data, see Lookup data in Grail.

Platform | Davis

Enhanced deduplication of events from root cause analysis in Davis Grail records

Some Davis events in Grail come from root cause analysis:

event.provider=ROOT_CAUSE_ANALYSIS

Examples include:

  • Increased service failure rates

  • Degraded client-side response times

Root cause analysis may find these as evidence on top of other events. However, root cause analysis evidence can become redundant when baselining direct reports on such transactional issues. We have enhanced deduplication to reduce redundancy and focus on providing only new information, especially for the determined potential root cause.

Platform | Davis

Expose the Correlation ID in Grail event records to support debugging

Correlation ID details are exposed in Davis Grail event records. For more details, see dt.event.correlation_id in the Davis event model in the Semantic Dictionary.

Platform | Davis

Events API v2 exposes resource IDs and names like the Events v1 API

The Events API v2 now also exposes resource IDs and names. The values can be found in the properties dt.event.resource_id and dt.event.resource_name when available. These fields are only written for certain built-in events, such as disk and network interface events.

Platform | Grail

Prevent bucket deletion

Before deleting a bucket, checks are performed to verify that the bucket is not in use.

Platform | Grail

New cardinality metric type (Preview)

You can now use the countDistinct aggregation with the timeseries command for efficient approximate distinct counting. This applies to metrics of type cardinality leveraging Dynatrace UltraLogLog.

With this new aggregation, a distinct count of sessions query, such as:

fetch user.events | maketimeseries c=countDistinct(dt.rum.session.id)

can be efficiently rewritten with,

timeseries c=countDistinct(dt.frontend.session.active.estimated_count)

As part of the new RUM Experience (preview), these two cardinality metrics are supported:

  • dt.frontend.session.active.estimated_count
  • dt.frontend.user.active.estimated_count

For details, see DQL Metric commands: timeseries.

Platform | Notebooks and Dashboards

Bind min/max values of gauge and meter using data mapping

The gauge and meter bar visualizations in Notebooks Notebooks and Dashboards Dashboards can now set min/max values using data from the results.

Platform | Settings

Unified control over external requests

You can now manage all outbound connections from one place in Settings Settings > General > External requests. With this update, you can:

  • See, verify, and audit which endpoints your apps can reach.

  • Verify any URL to see if it’s allowed.

  • Find out whether access is granted by the allowlist or EdgeConnect.

  • Run live test requests to view real responses.

This makes testing, troubleshooting, and maintaining your external connections much easier and more reliable. Find out more: External requests, EdgeConnect

Software Delivery | Site Reliability Guardian

Site Reliability Guardian supports SDLC events for streamlined software lifecycle insights

Site Reliability Guardian Site Reliability Guardian validation results can be stored as Software Development Lifecycle (SDLC) events.

This simplifies processing, analysis, and interpretation of a software component’s lifecycle telemetry while incorporating Guardian validations to complete the overall picture of software quality during development.

Available with Site Reliability Guardian Site Reliability Guardian version 1.21.0.

Platform | OpenPipeline

Manage cost allocation in OpenPipeline

Manage cost allocation by assigning values to dt.cost.costcenter in the Cost allocation stage and dt.cost.product in the Product allocation stage.

To learn more, see the release note DPS Cost Allocation for "Log Management and Analytics - Ingest & Process" and "Traces – Ingest & Process".

Platform | Navigation

Enhanced sorting options and improved search in AppSheet

The latest updates to AppSheet make app discovery and organization faster and more intuitive. You can now sort apps alphabetically, search by descriptions and aliases for more precise results, and pin apps to the dock directly from within AppSheet for quick access.

All

Enhanced search experience in Dynatrace Documentation

You can now enjoy an improved search experience in the Dynatrace Documentation with usability enhancements like query autocorrection, autocompletion, featured results, and progressive article loading.

  • Each search result includes helpful metadata such as breadcrumbs, content type, and published date to guide your choice.
  • The updated interface aligns with the design style used in Dynatrace, offering a unified experience.
  • New functionalities, including smart snippets and dynamic content recommendations, make finding information faster and easier.

Breaking changes

Application Security

Security Posture Management events available only in the security.events table

New Security Posture Management events that were retrievable via a query like:

fetch events
| filter dt.system.bucket == "default_security_events"
| filter event.type == "COMPLIANCE_FINDING" or event.type == "COMPLIANCE_SCAN_COMPLETED"

These are available only in the security.events table. Please migrate to a query like:

fetch security.events
| filter event.type == "COMPLIANCE_FINDING" or event.type == "COMPLIANCE_SCAN_COMPLETED"

Existing events are still available, but new events are only available in the security.events table.

Platform | Dashboards

Enhanced single value visualization for multiple result rows

The single value visualization now supports multiple rows by automatically switching to a grid view, ensuring all data is displayed transparently and consistently. Previously, only the last result was shown.

To learn more, see Single value visualization.

Platform | Workflows

Workflow event triggers now respect fieldsets

Fieldsets allow controlled access to sensitive fields on records.

If the fieldset configuration results in fields being inaccessible to users in use as workflow actors, however, the DQL matcher expression for workflow event triggers might no longer be satisfied, which means the workflow might not be triggered anymore.

Please make sure that the permission configuration of users used as workflow actors for event-triggered workflows grants access to all required fields on events. Fieldsets don't modify the original event; its original structure is preserved.

Fixes and maintenance

Resolved issues in this release

  • With this change, key request names containing quotation marks won't cause errors in the endpoint table. Now the names are encoded before generating the DQL query. (APPOBS-10159)