How do I start a Dynatrace free trial and what access do I need to deploy it in production safely?
Application Observability

How do I start a Dynatrace free trial and what access do I need to deploy it in production safely?

10 min read

Most teams reach the same two questions at the very start of their Dynatrace journey: how do I quickly start a Dynatrace free trial, and what access do I actually need to deploy it safely into production? The faster you answer both, the sooner you move from “let’s try this” to getting real answers out of your hybrid and multi-cloud environment.

This guide walks you through a pragmatic, production-minded path: how to start your Dynatrace free trial, how to set up your tenant, what permissions you’ll need from security and platform teams, and how to deploy Dynatrace in production without slowing change or compromising governance.

Quick overview: from free trial to safe production deployment

At a high level, the path looks like this:

  1. Start your free trial

    • Use a business email and accept the Dynatrace Terms of Use and Privacy Notice.
    • Spin up a Dynatrace environment (tenant) in the region that best matches your data-residency needs.

  2. Plan access and responsibilities

    • Define who administers Dynatrace, who deploys OneAgent, who consumes the answers (SREs, developers, SecOps).
    • Align early with security, cloud, and platform teams on network access and data protection.

  3. Deploy safely into production

    • Start with read-only observability: OneAgent on app hosts, Kubernetes/OpenShift clusters, cloud services.
    • Use infrastructure or CI/CD automation to standardize deployment.
    • Keep human oversight in the loop as you scale automated workflows.

  4. Move from visibility to prevention and automation

    • Turn answers into action using Davis® AI insights, SLOs, and Workflows.
    • Gradually automate remediation with clear governance and auditability.

The rest of this article breaks these steps down in detail.

Step 1: Start your Dynatrace free trial

1.1 Request access

To start a Dynatrace free trial:

  • Go to the Dynatrace website and select Start your free trial or Request a demo.
  • Enter your business email (personal/consumer email domains are typically not accepted for enterprise trials).
  • Review and accept:
    • The Dynatrace Terms of Use for trial access.
    • The Dynatrace Privacy Notice, which explains how your data is processed and protected.
  • Confirm that you understand these are click-to-accept binding terms, and that you can opt out at any time by contacting Dynatrace.

Depending on your region, you may be prompted with reCAPTCHA verification. Once completed, Dynatrace provisions an environment for you—no local software installation is required just to explore the UI and sample data.

You can also:

  • Start in a sandbox environment to interact with sample data without deploying agents.
  • Request a live demo with Dynatrace experts if you want guidance on architecture and rollout.

Governance tip: Many enterprises treat the trial as the first step in a longer production journey. Involve your security and platform teams at this stage so that terms, data flows, and regions are not a surprise later.

Step 2: Set up your Dynatrace environment for production use

Once your trial environment is active, you’ll configure it with production in mind. That means thinking about data locations, access control, and how you’ll connect to your infrastructure.

2.1 Choose the right environment and region

In the onboarding flow, you’ll select or confirm:

  • Region / cluster location – Align with your data residency and compliance requirements.
  • Environment name and purpose – Many enterprises start with:
    • One environment for non-production (dev/test, early experimentation).
    • One or more environments for production by line of business or region.

This choice matters later for routing metrics, logs, traces, and security data into the Grail™ data lakehouse while respecting regional boundaries.

2.2 Define initial roles and access model

Before deploying anything into production, define who will do what:

  • Dynatrace platform admin(s)
    • Manage environments, integration settings, SSO, and role-based access control (RBAC).
  • Observability/SRE leads
    • Own monitoring standards, SLOs, alert routing, and Workflows automation.
  • App teams / developers
    • Use Dynatrace for deep-dive analysis, performance tuning, and deployment validation.
  • Security and compliance
    • Validate data governance, Trust Center posture, retention, and cross-border considerations.

Dynatrace supports fine-grained RBAC, so you can:

  • Restrict who can install OneAgent vs. who only views dashboards and answers.
  • Limit sensitive views (e.g., security events) to specific groups.
  • Integrate with enterprise identity providers for SSO and centralized identity governance.

Governance tip: Align Dynatrace roles with your existing cloud and Kubernetes RBAC model. That reduces friction when you later automate OneAgent rollout via CI/CD or GitOps.

Step 3: What access do you need to deploy Dynatrace safely in production?

“Access” has multiple dimensions: people permissions, infrastructure access, and data access. The goal is clear: gain full-stack observability and security while maintaining least privilege and strong governance.

3.1 Human access: who needs what permissions?

When deploying Dynatrace into production:

  • Platform / infrastructure teams typically need:
    • Access to your cloud consoles (AWS, Azure, GCP) or Kubernetes/OpenShift clusters.
    • Permissions to deploy OneAgent and ActiveGate components.
  • Security & compliance need:
    • Access to Dynatrace config for audit, data retention policies, export controls.
    • Visibility into application security findings, runtime vulnerabilities, and exposure.

Recommended approach:

  • Use Dynatrace admin roles for a small platform team.
  • Provide project or team-level access for app owners and SREs, scoped to their services.
  • Enable SSO so access is tied to corporate identity and offboarded automatically when people move roles.

3.2 Infrastructure access: OneAgent and topology discovery

Dynatrace OneAgent provides automatic discovery and instrumentation across your stack. To deploy it safely into production, ensure:

  • Host / VM access

    • Permission to install OneAgent on hosts (Linux, Windows, etc.) via your standard automation (Ansible, Chef, Puppet, Salt, or cloud-init).
    • For cloud-native stacks, DaemonSets or Operators on Kubernetes/OpenShift.

  • Container / Kubernetes access

    • Rights to deploy Dynatrace components into clusters:
      • OneAgent as DaemonSet or sidecar injection.
      • ActiveGate where needed to broker connectivity.
    • Access to cluster APIs (within defined namespaces) for real-time topology mapping.

  • Network access

    • Outbound connectivity from OneAgent / ActiveGate to the Dynatrace cluster (SaaS endpoint) over approved ports.
    • Optional inbound paths for integrations that require callbacks (configured within your security zoning rules).

All of this is designed to support auto-discovery and auto-instrumentation without manual code changes. You gain coverage across microservices, containers, and legacy workloads while respecting your network and segmentation policies.

Safety tip: Start with a restricted, representative production segment (one cluster, one app slice). Validate behavior, traffic patterns, and access logs before scaling out.

3.3 Data access: what Dynatrace sees and how it’s governed

To provide deterministic, causation-based insights, Dynatrace correlates:

  • Metrics (infrastructure, application, SLOs)
  • Logs (platform logs, app logs, security logs)
  • Traces and code-level details (APM, distributed tracing, profiling)
  • User experience data (real user monitoring, synthetics, session replays)
  • Security findings (vulnerabilities, attacks, misconfigurations)

Key governance considerations:

  • Data minimization and masking

    • Mask or redact sensitive fields in logs and request attributes according to your policies.
    • Configure session replay and RUM to comply with privacy standards.

  • Retention and export

    • Set retention periods based on compliance and cost optimization.
    • Control exports from Grail™ to downstream systems (SIEM, data warehouse).

  • Trust Center alignment

    • Use the Dynatrace Trust Center materials to brief your risk and compliance teams on:
      • Data protection controls
      • Privacy architecture
      • Trusted AI principles, including explainability and human oversight

Governance tip: Document which data categories are ingested by Dynatrace and link that to your internal data classification scheme. This accelerates internal approvals for broader deployment.

Step 4: Safe deployment patterns for production

Once you have the right access modeled, you can deploy Dynatrace into production in a controlled, predictable way.

4.1 Start with observability-only deployment

First phase: observe everything, change nothing.

  • Deploy OneAgent across:
    • Core application hosts and services.
    • Key Kubernetes/OpenShift clusters.
    • Critical databases, messaging systems, and edge services.
  • Configure:
    • Real User Monitoring and synthetic checks for critical user journeys.
    • Log ingest from platform and application sources.
  • Use this phase to:
    • Validate coverage and auto-discovery via real-time topology mapping.
    • Benchmark current performance, error rates, and availability.
    • Identify noisy services, hotspots, and fragile dependencies.

This ensures you gain full-stack visibility and precise answers for root cause without any automated remediation turned on yet.

4.2 Integrate with your change and incident workflows

Next, wire Dynatrace into your existing operational fabric:

  • ITSM & incident management

    • Connect Dynatrace alerts to your incident systems (ServiceNow, Jira, etc.).
    • Route Davis® AI problems to the right on-call teams with context, not just metrics.

  • CI/CD & quality gates

    • Use Dynatrace metrics and SLOs as quality gates in your pipelines.
    • Prevent bad releases from reaching production based on error budgets or regression analysis.

  • ChatOps and collaboration

    • Push precise, root-cause rich alerts into collaboration tools (Slack, Teams) to reduce “war room” duration.

At this stage, you’re still in a human-in-the-loop model: Dynatrace provides answers in context, your teams decide next actions.

4.3 Move toward preventive and autonomous operations

With trust established, you can scale into more automation:

  • Use Dynatrace Intelligence and Davis® AI to:

    • Detect anomalies and forecast future events (e.g., capacity exhaustion, error budget burn).
    • Identify the true root cause across infrastructure, app, and user experience signals.

  • Use Workflows to:

    • Trigger remediation actions (scale a cluster, restart a service, roll back a release).
    • Open tickets, update runbooks, or notify specific stakeholders automatically.
    • Orchestrate multi-step responses that still include approval steps where required.

  • Maintain governance and oversight by:

    • Logging all automated actions.
    • Requiring human approval for high-risk workflows (e.g., production rollbacks).
    • Regularly reviewing automation policies with SRE, security, and compliance teams.

This is how you safely progress from monitoring dashboards to agentic operations—where the system not only surfaces problems but also automatically prevents impact, under well-defined guardrails.

Step 5: What not to over-grant—and how to keep it safe

A common concern when deploying a powerful observability and security platform into production is over-privileging it. You can avoid that by following a few principles:

  • Least privilege by default

    • Grant only the permissions OneAgent and ActiveGate require for discovery and data collection.
    • Avoid broad cluster-admin roles except where explicitly justified and reviewed.

  • Separation of duties

    • Keep Dynatrace platform administration distinct from application deployment roles.
    • Use approval gates in Workflows for any action that changes production.

  • Transparent AI, no black boxes

    • Favor Dynatrace’s causation-based, deterministic AI insights over opaque correlations.
    • Use the explanations in Davis® AI problem cards to brief stakeholders on “why this action was taken.”

  • Continuous review

    • Periodically review who has admin-level access to Dynatrace.
    • Audit Workflow definitions and automation coverage against your risk appetite.

Putting it all together

To start a Dynatrace free trial and deploy it safely into production, treat the journey as a structured rollout rather than a one-off test:

  1. Start the free trial with a business email, accept the Terms of Use and Privacy Notice, and spin up an environment in the right region.
  2. Design your access model early: Dynatrace admins, SREs, developers, and security, mapped to your identity and RBAC strategy.
  3. Grant the right infrastructure access for OneAgent, Kubernetes/OpenShift, and cloud integration, while respecting network segmentation.
  4. Control data access and governance using masking, retention, and Trust Center guidance.
  5. Deploy in phases: observe first, integrate into workflows second, and automate with Workflows and Davis® AI once trust and guardrails are in place.

Done this way, your Dynatrace trial isn’t a throwaway experiment; it’s the first step toward preventive, autonomous operations grounded in deterministic insights, not guesswork.

Next Step

Get Started

Back to Application Observability

Keep Reading

More from Application Observability

How do I add Seer AI Debugger in Sentry, and how is “active contributor” counted for the $40/user/month add-on?

Read more

Which Sentry plan do I need for US/Germany data residency + PII scrubbing, and how do I configure it before rollout?

Read more

How do I self-host Sentry, and what are the operational requirements vs using sentry.io?

Read more