question

Amit C. avatar image
Amit C. asked ·

Webhook integration: Can you bypass the proxy server for local Addresses

We have configured our Dynatrace Managed Cluster to use a proxy server to connect to Dynatrace Mission Control, and this works as desired. We are now trying to integrate Dynatrace Managed to our local Ticketing tool using WebHooks. Our ticketing tool is internal and as such, has a local IP address. When trying to integrate, it seems as though Dynatrace tries to use the proxy and this fails.

Is there any way of specifying that local IP addresses should be ignored?

Dynatrace Managed
10 |2000000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

Amit C. avatar image
Amit C. answered ·

After trying numerous options, I finally managed to get this to work. The following solution worked in my environment (OS = RHEL):

- Navigate to $DT_HOME/services

- Make a backup of the server.sh file

- Edit the server.sh file and add the following to the "export" section

export http_proxy=http://<proxyserver>:<port>

export https_proxy=$http_proxy

export no_proxy=".<yourdomain>"

- Save the file and recycle your Managed Environment

7 comments Share
10 |2000000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

Is this still valid for recent Dynatrace Managed sprints? Is has no effect in any environment I've tried. And the cluster management console still does not have any option to specify proxy exceptions.

0 Likes 0 · ·

It seems a bit like this was a secret 'feature' of Managed. If you're still using it Amit C does it still work? It seems even Dynatrace support can't confirm if this would work!

0 Likes 0 · ·

Eddie, use the solution by Christoph below.

1 Like 1 · ·

The problem with Chris's solution below is it applies to all the webhooks - I want to be able to config some of our webhooks to use the proxy and some not. Or am i misunderstanding and it is possible with Chris's solution?

0 Likes 0 · ·

This is not possible I think.
There are least two options I can think of in this case:

  • be nice to the network/security team to allow direct connection without proxy to all services :-)
  • use a proxy tunnelling mechanism to expose the remote webhooks via proxy as local endpoints. For example use socat or proxytunnel. (http://proxytunnel.sourceforge.net/), If you have several foreign webhooks you will need to setup socat/proxytunnel for each one.
1 Like 1 · ·

I am no longer using the above solution. I eventually went to our Security guys and asked them to redirect traffic to the specific IP address for the Webhook back internally. I havent had an issue since.

0 Likes 0 · ·
Christoph K. avatar image
Christoph K. answered ·

Hi there, the following configuration of /opt/dynatrace-managed/server/conf/config.properties does the trick. It then disable the proxy for all WebHooks.

[http.client.external]
...
proxy-off = true

- Christoph

Share
10 |2000000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

Jiji J. avatar image
Jiji J. answered ·

None of these solutions work acros upgrades. The upgrade process will remove all changes you made these files. This is the case for the solution mentioned by @Amit C and @Christoph K. Anyone found a method that would work consistently across upgrades?

Jiji Joseph

1 comment Share
10 |2000000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

Space Topics

mobile monitoring dotnet synthetic monitoring reports iis chat kubernetes servicenow amazon web services mysql mainframe rest api errors cassandra dashboard oneagent sdk cmc application monitoring openkit smartscape request attributes monitoring developer community user tagging log monitoring services ufo syntheticadvisory activegate ip addresses auto-detection high five award oracle hyperion webserver uem usql iib test automation license web performance monitoring ios news migration management zones index ibm mq web services custom event alerts notifications sso host monitoring knowledge sharing reports browser monitors java hybris sap vmware maintenance window user action naming javascript appmon ai synthetic classic availability tipstricks automation extensions session replay diagnostic tools permissions davis assistant faq documentation problem detection http monitors server easytravel apdex aws-quickstart network docker tags and metadata cloud foundry google cloud platform synthetic monitoring process groups account usability dynatrace saas gui paas openshift key user actions administration user actions postgresql synthetic locations oneagent security Dynatrace Managed user management custom python technologies mongodb openstack user session monitoring continuous delivery citrix configuration alerting NGINX action naming linux nam installation masking error reporting database mission control jmeter recorder apache mobileapp RUM php threshold azure purepath davis scripting agent aix nodejs android