Dynatrace

Dynatrace

Dynatrace is an AI-powered observability platform for application performance monitoring and infrastructure management. Browser agents inject into page loads to collect Real User Monitoring data including JavaScript errors, resource timings, and user action traces. Used by operations and engineering teams to detect and diagnose performance degradations.

Back to Vendor Library

Overview

Dynatrace is an AI-powered observability and Application Performance Monitoring (APM) platform. Its browser agent implements Real User Monitoring (RUM) to help engineering and operations teams detect, diagnose, and resolve performance issues affecting real users. Dynatrace is an infrastructure and reliability tool with no advertising or behavioral profiling purpose.

What This Script Does

Agent Injection Dynatrace's browser agent (ruxitagentjs_*.js) is injected via one of three methods: synchronous inline script in the <head>, asynchronous script tag, or server-side injection via the Dynatrace OneAgent. The agent file is served either from the customer's own CDN/domain (first-party delivery) or from Dynatrace's infrastructure at js-cdn.dynatrace.com.

Real User Monitoring (RUM) Data Collection The agent instruments the browser using the Navigation Timing API, Resource Timing API, and PerformanceObserver to capture:

  • Page load timing: DNS resolution, TCP connect, Time to First Byte (TTFB), DOM interactive, DOM complete, First Contentful Paint (FCP), Largest Contentful Paint (LCP)
  • Resource loading: load time and size for every JavaScript, CSS, image, and font asset on the page
  • XHR and Fetch request timings: URL, duration, HTTP status code, and response size for all API calls
  • Long tasks: main-thread blocking periods exceeding 50ms (identifying JavaScript performance bottlenecks)
  • Cumulative Layout Shift (CLS) and other Core Web Vitals

Error Tracking

  • Captures unhandled JavaScript exceptions with full stack traces, including the error message, source file, line number, and column number
  • Records failed XHR and fetch requests (4xx/5xx responses) with URL, status code, and duration

User Action Tracking

  • Instruments user interactions (clicks, form submissions, page navigations, XHR-triggered view changes in SPAs) to create "user action" performance traces
  • Associates each user action with its performance impact (e.g., how long a button click took to produce a visual response)
  • Does not record the content of form fields, keystrokes, or sensitive input values

Session Identification To correlate RUM data across page views and provide session-level analysis:

  • rxVisitor (first-party, 1 year) — Dynatrace RUM visitor identifier for correlating sessions over time
  • dtSa (first-party, session) — sampling rate and session assignment cookie
  • dtCookie / dtLatC (first-party, session) — session state and latency measurement cookies
  • rxvt (first-party, session) — session timeout marker

Domains contacted: {customer-environment-id}.live.dynatrace.com, js-cdn.dynatrace.com (if using CDN delivery), {customer}.dynatracelabs.com

Data transmitted: Performance timing values, error messages with stack traces, resource URLs, XHR/fetch API endpoint URLs, user action names, visitor and session identifiers. IP addresses are transmitted and may be used for geolocation but are not stored in raw form.

Consent & Compliance

GDPR/ePrivacy: Dynatrace collects technical telemetry data for site reliability and performance purposes. The data is technical in nature — performance timings, error messages, resource URLs — rather than behavioral profiles for advertising or marketing. Dynatrace acts as a data processor under the site operator's control. The rxVisitor cookie (1 year) is a persistent identifier that could require consent under strict ePrivacy interpretations, though performance monitoring is widely treated as essential for site operation under a legitimate interest basis (GDPR Article 6(1)(f)). Operators should document their legitimate interest assessment in a DPIA.

CCPA/CPRA: Technical performance data collected by Dynatrace is not personal information used for advertising purposes. Dynatrace processes data as a service provider under CCPA.

EU-US Data Transfers: Dynatrace LLC participates in the EU-US Data Privacy Framework (DPF) and offers Standard Contractual Clauses.

Consent category: Essential / Performance Monitoring (no advertising, no cross-site tracking, no behavioral profiling).

Should You Block This Without Consent?

No. Dynatrace is an application performance monitoring tool collecting technical telemetry data for site reliability purposes. It does not perform advertising tracking, behavioral profiling, or cross-site data sharing. Performance monitoring can be justified under legitimate interest without user consent, though the rxVisitor persistent cookie warrants disclosure in the privacy policy. Operators with the most conservative consent posture may choose to load Dynatrace conditionally, but regulatory guidance broadly supports performance monitoring as a legitimate interest use case.

Visit website

Consent Categories

Essential

Also Known As

Dynatrace RUMDynatrace browser agentOneAgentapplication performance monitoringDynatrace APMreal user monitoring

Industries

Computers Electronics and TechnologyProgramming and Developer Software

Tracked Domains (2)

js-cdn.dynatrace.comAnalytics
dt-cdn.netAnalytics

Frequently Asked Questions

Does Dynatrace require cookie consent?

No. Dynatrace is an application performance monitoring tool collecting technical telemetry for site reliability. It performs no advertising tracking or behavioral profiling. Performance monitoring is supported under GDPR legitimate interest (Article 6(1)(f)), though the persistent rxVisitor cookie (1 year) warrants privacy policy disclosure.

What cookies does Dynatrace set?

Dynatrace sets rxVisitor (1-year expiry) as a RUM visitor identifier, dtSa (session) for sampling rate assignment, dtCookie and dtLatC (session) for session state and latency measurement, and rxvt (session) as a session timeout marker. Scripts load as ruxitagentjs_*.js from js-cdn.dynatrace.com or a first-party domain.

How does ConsentStack handle Dynatrace?

ConsentStack classifies Dynatrace as essential performance monitoring and does not block it. It is detected via ruxitagentjs script loads from js-cdn.dynatrace.com or customer environment domains. Because it serves site reliability with no advertising purpose, ConsentStack allows it under legitimate interest without requiring visitor consent.

Related Vendors

Firebase
Firebase
Firebase is Google's mobile and web application development platform offering authentication, real-time database, cloud functions, and analytics. Web SDK scripts initialize Firebase services and may track app events via Firebase Analytics, which is powered by Google Analytics 4. Widely used in single-page apps and PWAs for backend infrastructure and usage tracking.
Google
Google
Google is the dominant provider of web analytics, advertising, and infrastructure tools. Scripts like Google Analytics, Tag Manager, Ads, and reCAPTCHA collect behavioral data, manage tag firing, serve targeted ads, and detect bots. Sets persistent cookies to track users and correlate activity across sites.
Google Tag Manager
Google Tag Manager
Google Tag Manager is a tag management system that lets marketers deploy and update analytics and marketing scripts without code changes. The GTM container script loads synchronously in the page head and injects configured tags, triggers, and variables on behalf of other vendors. No data collection of its own — acts as a loader for other scripts.
Google Fonts
Google Fonts
Google Fonts is a free font hosting service that serves hundreds of typeface families via a global CDN. Stylesheets and font files load from fonts.googleapis.com and fonts.gstatic.com to deliver web fonts to visitors. No advertising or tracking functionality is included.
reCAPTCHA
reCAPTCHA
Google reCAPTCHA is a bot detection and spam prevention service protecting web forms, login pages, and checkout flows. Scripts analyze user behavior, mouse movements, and browser fingerprints to distinguish humans from bots. The invisible reCAPTCHA v3 scores interactions without requiring user challenges.
Sign in with Google
Sign in with Google
Sign in with Google is an OAuth-based authentication service that enables users to log into websites using their Google account credentials. Scripts load the Google Identity Services library, display sign-in buttons, and handle token exchange for secure authentication. Stores session tokens and authentication cookies to maintain login state across page visits.

Manage consent for Dynatrace

ConsentStack automatically detects and manages Dynatrace trackers so your site stays compliant with global privacy regulations.

Get started free