Overview

Sectigo Connector for Dynatrace ("the connector") is a solution for integrating Sectigo Certificate Manager (SCM) audit logs with Dynatrace using Credential Vault. This integration lets you pull SCM audit logs into Dynatrace to monitor, analyze, and visualize the SCM activities of your organization in near real-time.

This guide is intended for Dynatrace administrators and system administrators who have knowledge of IT security, cloud security, and are also familiar with SCM.

This guide covers instructions for deploying and configuring the Sectigo-developed connector to deliver SCM audit logs to your Dynatrace.

Dynatrace architecture

Process Workflow

Once deployed, the connector does the following:

  • Creates 5 credentials in Dynatrace Credential Vault:

    • SCM OAuth credential (USERNAME_PASSWORD)

    • Dynatrace API token (TOKEN)

    • Checkpoint state credential (TOKEN) for pagination persistence

    • Execution lock credential (TOKEN) prevents concurrent runs

    • Workflow config credential (TOKEN) for runtime-editable parameters.

  • Configures credentials with APP_ENGINE scope + allowContextlessRequests: true.

  • Injects credential IDs into workflow.js automatically.

  • Deploys workflow via API to Dynatrace environment.

  • Configures the schedule trigger to run automatically every 10 minutes (configurable).

Monitoring and alerting

Once logs are flowing into Dynatrace, you can:

  • Build queries using Dynatrace Query Language (DQL) to analyze SCM activity.

  • Create dashboards to visualize certificate lifecycle events over time.

  • Set up alerts for critical events such as webhook failures or certificate revocations.

Additional resources