When creating memory dumps of processes, the dumps are transferred to the Security Gateway. From the Dynatrace console you will receive the download links to the dumps. Unfortunately the download links that are presented are the internal AWS DNS names instead of the public ones Making the links unusable. Is it possible to configure public DNS names instead of the local ones?
Answer by Mark L. ·
So I have been playing around with the dnsEntryPoint parameter. And it is finally working. It did need some AWS trickery to make this useful:
First add the following to /var/lib/dynatrace/gateway/config/custom.properties on the dynatrace security gateway:
[connectivity] dnsEntryPoint= https://sg.mydomainname.com:9999
From what I've seen, the agents now try to connect to this URL as well. Since we need the agents to connect to the local address of the Security Gateway we added a new private zone in route53 called sg.mydomainname.com with a single A record to the local ip address (for example 10.10.0.100). The ec2 instances now resolved sg.mydomain.com to the local address of the Security Gateway.
We created a heapdump of one of our processes and waited for the agent to copy the files to the Security Gateway. The download link returned is: sg.mydomainname.com:9999. We created a new A record in route53 to point to the public IP address of the Dynatrace Gateway and opened up port 9999 for our public IP address. We were now able to download the heapdumps from the security gateway.
Now the only question that remains is:
How long are the heapdumps kept on the application servers where the oneagent is running? I do see dumps being accumulated on /opt/dynatrace/oneagent/log/memorydump, even when they have already been copied over to the security gateway.
Dynatrace SAAS document correction 2 Answers