// GCP cloud resources including Compute Engine, GKE, Cloud Run, Pub/Sub, VPC networking, DNS, IAM, Secret Manager, and monitoring. Monitor GCP infrastructure, analyze resource usage, audit security posture, and manage organizational hierarchy across projects and folders.
Work with Dynatrace dashboards - create, modify, query, and analyze dashboard JSON including tiles, layouts, DQL queries, variables, and visualizations.
Work with Dynatrace notebooks - create, modify, query, and analyze notebook JSON. Derives from the dt-app-dashboards skill with notebook-specific differences documented here.
Core DQL syntax rules, common pitfalls, and query patterns. Load this skill when you need to write, build, or fix a DQL query — it prevents syntax errors and guides correct usage. Covers fetch commands, data models, field namespaces, time alignment, entity patterns, metric discovery, and smartscape topology navigation. Trigger: "write a DQL query", "build me a query", "DQL syntax", "how do I query logs/spans/metrics in Dynatrace", "create a timeseries", "fix my DQL", "fetch logs", "smartscapeNodes", "query optimization". Do NOT use for explaining an existing query or answering Dynatrace product questions — those do not require query-construction guidance.
Migrate Dynatrace classic and Gen2 entity-based DQL to Smartscape equivalents. Covers three scenarios. (1) mass data queries filtered by classic entity conditions — migrate to direct dimension filters first, Smartscape only as fallback; (2) mass data queries using entity subqueries for filtering — same dimension-first strategy; (3) pure entity list queries — migrate fetch dt.entity.* to smartscapeNodes. Also handles entityName, entityAttr, classicEntitySelector, and classic relationship patterns.
AWS cloud resource monitoring including EC2, RDS, Lambda, ECS/EKS, VPC networking, load balancers, S3, DynamoDB, SQS/SNS, and cost optimization. Use when analyzing AWS infrastructure, resource inventory, security compliance, capacity planning, or cost savings. Trigger: "show EC2 instances", "find RDS databases", "VPC resources", "AWS cost optimization", "Lambda functions", "ECS services", "security groups", "unattached EBS volumes", "AWS load balancer topology", "publicly accessible databases", "AWS dashboards". Do NOT use for explaining existing queries, product documentation questions, generic host CPU/memory metrics (use dt-obs-hosts), application-level tracing (use dt-obs-tracing), or log analysis (use dt-obs-logs).
Azure cloud resources including VMs, VMSS, SQL Database, Storage, AKS, App Service, Functions, VNet networking, load balancers, Event Hubs, Container Apps, and Key Vault. Monitor Azure infrastructure, analyze resource usage, audit security posture, and manage organizational hierarchy across subscriptions and resource groups.
| name | dt-obs-gcp |
| description | GCP cloud resources including Compute Engine, GKE, Cloud Run, Pub/Sub, VPC networking, DNS, IAM, Secret Manager, and monitoring. Monitor GCP infrastructure, analyze resource usage, audit security posture, and manage organizational hierarchy across projects and folders. |
| license | Apache-2.0 |
Monitor and analyze GCP resources using Dynatrace Smartscape and DQL. Query GCP services, manage organizational hierarchy, audit security posture, and track resource ownership across your GCP infrastructure.
Use this skill when the user needs to work with GCP resources in Dynatrace. Load the reference file for the task type:
| Task | File to load |
|---|---|
| Inventory and topology queries | (no additional file — use core patterns above) |
| Compute Engine instances, machine types, IP addresses | Load references/compute-instances.md |
| GKE clusters, node pools, pods, deployments, services, RBAC | Load references/kubernetes-gke.md |
| Cloud Run services, revisions, executions | Load references/serverless-containers.md |
| VPC networks, subnets, routes, DNS records | Load references/networking-dns.md |
| Pub/Sub topics | Load references/messaging-pubsub.md |
| IAM service accounts, roles, Secret Manager | Load references/iam-security.md |
| Monitoring dashboards, logging, saved queries | Load references/monitoring-logging.md |
| GCP projects, regions, organizational hierarchy | Load references/resource-management.md |
| Resource ownership, GCP labels, organizational structure | Load references/resource-ownership.md |
GCP resources use the GCP_* prefix and can be queried using the smartscapeNodes function. All GCP entities are automatically discovered and modeled in Dynatrace Smartscape.
Compute: GCP_COMPUTE_GOOGLEAPIS_COM_INSTANCE, GCP_COMPUTE_GOOGLEAPIS_COM_ADDRESS
Networking: GCP_COMPUTE_GOOGLEAPIS_COM_NETWORK, GCP_COMPUTE_GOOGLEAPIS_COM_SUBNETWORK, GCP_COMPUTE_GOOGLEAPIS_COM_ROUTE, GCP_DNS_GOOGLEAPIS_COM_RESOURCERECORDSET
Kubernetes (GKE): GCP_K8S_IO_POD, GCP_K8S_IO_NODE, GCP_K8S_IO_SERVICE, GCP_K8S_IO_SERVICEACCOUNT, GCP_K8S_IO_PERSISTENTVOLUMECLAIM, GCP_APPS_K8S_IO_DEPLOYMENT, GCP_APPS_K8S_IO_STATEFULSET, GCP_CONTAINER_GOOGLEAPIS_COM_NODEPOOL, GCP_RBAC_AUTHORIZATION_K8S_IO_CLUSTERROLEBINDING, GCP_RBAC_AUTHORIZATION_K8S_IO_ROLEBINDING
Serverless: GCP_RUN_GOOGLEAPIS_COM_SERVICE, GCP_RUN_GOOGLEAPIS_COM_REVISION, GCP_RUN_GOOGLEAPIS_COM_EXECUTION
IAM & Security: GCP_IAM_GOOGLEAPIS_COM_SERVICEACCOUNT, GCP_IAM_GOOGLEAPIS_COM_ROLE, GCP_SECRETMANAGER_GOOGLEAPIS_COM_SECRETVERSION
Messaging: GCP_PUBSUB_GOOGLEAPIS_COM_TOPIC
Monitoring: GCP_MONITORING_GOOGLEAPIS_COM_DASHBOARD, GCP_LOGGING_GOOGLEAPIS_COM_SAVEDQUERY
Infrastructure: GCP_REGION
All GCP entities include:
gcp.project.id — GCP project identifiergcp.region — GCP region (e.g., us-central1)gcp.zone — GCP zone (e.g., us-central1-a)gcp.organization.id — GCP organization identifiergcp.resource.name — Resource namegcp.resource.type — Resource type identifiergcp.asset.type — GCP asset typegcp.object — JSON blob containing full resource configurationGCP resources are organized in a hierarchy:
gcp.organization.id)gcp.project.id)gcp.region, gcp.zone)GCP entity types follow the pattern GCP_<SERVICE_API>_<RESOURCE>:
compute.googleapis.com → COMPUTE_GOOGLEAPIS_COM)INSTANCE, NETWORK)Examples:
GCP_COMPUTE_GOOGLEAPIS_COM_INSTANCE — Compute Engine VMGCP_K8S_IO_POD — GKE podGCP_RUN_GOOGLEAPIS_COM_SERVICE — Cloud Run serviceAll GCP queries build on four core patterns. Master these and adapt them to any entity type.
List resources by type, filter by project/region/zone, summarize counts:
smartscapeNodes "GCP_COMPUTE_GOOGLEAPIS_COM_INSTANCE"
| fields name, gcp.project.id, gcp.region, gcp.zone, gcp.resource.name
To list all GCP resource types, replace with "GCP_*" and add | summarize count = count(), by: {type} | sort count desc. Add filters like | filter gcp.project.id == "<PROJECT_ID>" or | filter gcp.region == "<REGION>" to scope results.
Parse gcp.object JSON for detailed configuration fields:
smartscapeNodes "GCP_COMPUTE_GOOGLEAPIS_COM_INSTANCE"
| parse gcp.object, "JSON:gcpjson"
| fieldsAdd machineType = gcpjson[configuration][resource][machineType],
status = gcpjson[configuration][resource][status]
| fields name, gcp.project.id, machineType, status
GCP configuration fields are nested under gcpjson[configuration][resource][...] for primary resource attributes and gcpjson[configuration][additionalAttributes][...] for extended properties.
Follow relationships between resources:
smartscapeNodes "GCP_COMPUTE_GOOGLEAPIS_COM_INSTANCE"
| traverse "*", "GCP_COMPUTE_GOOGLEAPIS_COM_SUBNETWORK"
| fields name, gcp.project.id
GCP entities use "*" as the relationship name in traversals because GCP entities do not have named relationship types. Use fieldsKeep to carry fields through traversals and dt.traverse.history[-N] to access ancestor fields.
Group resources by GCP labels for ownership and organizational tracking:
smartscapeNodes "GCP_*"
| filter isNotNull(`tags:gcp_labels`)
| fields name, gcp.project.id, `tags:gcp_labels`
GCP labels are exposed via the tags:gcp_labels field and must be accessed using backtick syntax. Replace "GCP_*" with a specific type to scope to one service.
Load reference files for detailed queries when the core patterns above need service-specific adaptation.
| Reference | When to load | Key content |
|---|---|---|
| compute-instances.md | Compute Engine VMs, machine types, IP addresses, disks | Instance inventory, machine type distribution, status checks |
| kubernetes-gke.md | GKE clusters, node pools, pods, deployments, services, RBAC | Cluster topology, workload distribution, RBAC bindings |
| serverless-containers.md | Cloud Run services, revisions, executions | Service inventory, revision tracking, execution analysis |
| networking-dns.md | VPC networks, subnets, routes, DNS records | Network topology, subnet analysis, route tables, DNS record sets |
| messaging-pubsub.md | Pub/Sub topics | Topic inventory, messaging topology |
| iam-security.md | IAM service accounts, roles, Secret Manager | Service account audit, role analysis, secret version tracking |
| monitoring-logging.md | Monitoring dashboards, logging, saved queries | Dashboard inventory, saved query analysis |
| resource-management.md | GCP projects, regions, organizational hierarchy | Project inventory, region distribution, hierarchy mapping |
| resource-ownership.md | Resource ownership, GCP labels, organizational structure | Label-based grouping, project-level summaries, chargeback |
gcp.object with JSON parser: parse gcp.object, "JSON:gcpjson"gcpjson[configuration][resource][...]gcpjson[configuration][additionalAttributes][...]isNotNull()gcp.project.id as the primary scoping filtergcp.organization.id for cross-project queriesgcp.region and gcp.zone for location-based analysisGCP_<SERVICE_API>_<RESOURCE> format"GCP_*" wildcards when possible)`tags:gcp_labels`isNotNull(tags:gcp_labels) for label-based filtering"*" as the relationship name — GCP entities do not have named relationship typesfieldsKeep to maintain important fields through traversaldt.traverse.history[-N]`tags:gcp_labels`"*" for relationship traversal (no named relationship types)parse gcp.object, "JSON:gcpjson"gcpjson[configuration][resource][...] (differs from AWS pattern)isNotNull() and isNull() for graceful null handlingcountDistinct() for unique resource counts| limit N during exploration