Discovering AWS CloudWatch Metrics?

Hi THWACK,


I am monitoring our AWS instances through the method "Cloud Discovery without a Hybrid Cloud Observability License" under the page documentation.solarwinds.com/.../core-cloud-getting-started-resource.htm.

We have successfully added an AWS account in SolarWinds and are monitoring many EC2 instances, volumes, etc.

We have CloudWatch Metrics defined in AWS console but none are being discovered by SolarWinds. I would love to collect metrics about the alarms set up in CloudWatch.

We are using the policy mentioned in this link documentation.solarwinds.com/.../core-cloud-configure-aws.htm - and the policy includes line "cloudwatch:GetMetricStatistics" - but no CloudWatch metrics are being found although they are there in the AWS console.

Can anyone provide any guidance if there is something missing from the SolarWinds side of things, or what needs to be configured on AWS side so that we discover these metrics?


Thank you.

Parents
  •  Unfortunately adding lines to the policy will not result in additional data being polled. Currently, the metrics and entities polled are "locked" to specific items. I know you asked a similar question about DB support previously. If you and your team have some time, I would like to chat directly with you to gain some insight. We are ramping up additions to the cloud support so would really like to hear your needs and priorities.

  • Thanks jvb . From the above link documentation.solarwinds.com/.../core-cloud-configure-aws.htm the following SolarWinds provided IAM Policy in JSON format is mentioned (have pasted it below for reference). Within that policy the line cloudwatch:GetMetricStatistics is referenced.


    {
    "Version": "2012-10-17",
    "Statement": [{
    "Effect": "Allow",
    "Action": [
    "ec2:DescribeInstances",
    "ec2:DescribeAddresses",
    "ec2:DescribeVolumes",
    "ec2:DescribeVolumeStatus",
    "ec2:DescribeVpcs",
    "ec2:DescribeVpnGateways",
    "ec2:DescribeVpnConnections",
    "ec2:DescribeRegions",
    "cloudwatch:GetMetricStatistics",
    "autoscaling:DescribeAutoScalingInstances"
    ],
    "Resource": "*"
    }
    ]
    }

    Dashboards/metrics about our CloudWatch alerts (and other things) are added to dashboards within the 'CloudWatch --> Metrics --> All Metrics' section of our AWS environment. These metrics aren't being collected, by SolarWinds so we are currently going through the process of trying to understand if there is additional configuration required for SolarWinds to pick up this information from our AWS environment,

    Looking at the following AWS document (docs.aws.amazon.com/.../permissions-reference-cw.html) which provides information about the 'cloudwatch:' prefix, it appears that 'GetMetricStatistics' should generally be able to collect this information from the description, as we have these dashboards/widgets in place.

    GetMetricStatistics

    cloudwatch:GetMetricStatistics

    Required to view graphs in other parts of the CloudWatch console and in dashboard widgets.

    Thank you.

Reply
  • Thanks jvb . From the above link documentation.solarwinds.com/.../core-cloud-configure-aws.htm the following SolarWinds provided IAM Policy in JSON format is mentioned (have pasted it below for reference). Within that policy the line cloudwatch:GetMetricStatistics is referenced.


    {
    "Version": "2012-10-17",
    "Statement": [{
    "Effect": "Allow",
    "Action": [
    "ec2:DescribeInstances",
    "ec2:DescribeAddresses",
    "ec2:DescribeVolumes",
    "ec2:DescribeVolumeStatus",
    "ec2:DescribeVpcs",
    "ec2:DescribeVpnGateways",
    "ec2:DescribeVpnConnections",
    "ec2:DescribeRegions",
    "cloudwatch:GetMetricStatistics",
    "autoscaling:DescribeAutoScalingInstances"
    ],
    "Resource": "*"
    }
    ]
    }

    Dashboards/metrics about our CloudWatch alerts (and other things) are added to dashboards within the 'CloudWatch --> Metrics --> All Metrics' section of our AWS environment. These metrics aren't being collected, by SolarWinds so we are currently going through the process of trying to understand if there is additional configuration required for SolarWinds to pick up this information from our AWS environment,

    Looking at the following AWS document (docs.aws.amazon.com/.../permissions-reference-cw.html) which provides information about the 'cloudwatch:' prefix, it appears that 'GetMetricStatistics' should generally be able to collect this information from the description, as we have these dashboards/widgets in place.

    GetMetricStatistics

    cloudwatch:GetMetricStatistics

    Required to view graphs in other parts of the CloudWatch console and in dashboard widgets.

    Thank you.

Children
  • Just want to clarify to make sure I am answering the right question here. Are you saying you are getting no metrics at all or just not the additional metrics (example: cloudwatch alarms configured in AWS dashboard) If it is the latter, that would make sense because the current polling technology we use for cloud monitoring is very specific in the metrics it collects. Even if other things are properly defined on the AWS side and showing in dashboards on the AWS side, we will not collect them. We have recently begun to implement a new type of polling that in the long term may eventually allow us to support a wider / custom set of metrics. If on the other hand you are not getting any metrics at all, that might be worth opening a ticket to support so we can investigate. If I missed the boat completely here, let me know and I'll try to dig deeper.

  • Hi  ,


    Thanks and apologies for the delayed reply.

    Yes please, it would be great to have a call about this, appreciate the offer.

    When you say "just not the additional metrics (example: cloudwatch alarms configured in AWS dashboard)", yes this is the part I am working through.

    We are able to successfully get information about the EC2 instances and their resourcing in terms of volumes, etc, but no CloudWatch metrics that are configured in relation to them such as CloudWatch alarms, and alarms that are on CloudWatch metric dashboards.

    In my other post regarding this but with a slightly different query, you mention the following "The 2024.4 HCO release which is currently tentative for October timeframe, should include support for Amazon RDS for SQL, an enhanced summary dashboard for AWS and also Azure MySQL and PostgreSQL DB." - here is the link for context AWS Polling - All available JSON 'describe' statements/code
     - this is great to hear, I am hoping that this later version of HCO will include CW related alarm config/statuses, if it does not already.


    If you look at the SolarWinds provided JSON policy (pasted below for reference), and the documentation in relation to the JSON line "cloudwatch:GetMetricStatistics" (https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_GetMetricStatistics.html), I am wondering should metrics for CW alarms that are on CW dashboards, be visible in SW based on that information.

    We are currently using "Cloud Discovery without a Hybrid Cloud Observability License" as mentioned in my initial question above, but will be upgrading to SolarWinds HCO in a few weeks - looking forward to it and the additional benefits.


    {
    "Version": "2012-10-17",
    "Statement": [{
    "Effect": "Allow",
    "Action": [
    "ec2:DescribeInstances",
    "ec2:DescribeAddresses",
    "ec2:DescribeVolumes",
    "ec2:DescribeVolumeStatus",
    "ec2:DescribeVpcs",
    "ec2:DescribeVpnGateways",
    "ec2:DescribeVpnConnections",
    "ec2:DescribeRegions",
    "cloudwatch:GetMetricStatistics",
    "autoscaling:DescribeAutoScalingInstances"
    ],
    "Resource": "*"
    }
    ]
    }

    Thanks,
    Tim