Advanced Monitoring: CloudWatch and SAP, A Dynamic Duo  

Avoid costly downtime and improve the operational efficiency of your SAP systems with advanced monitoring. In the demanding world of mission-critical applications, including ERP systems such as SAP, continuous availability is a major imperative. Proactive incident detection is essential to avoid costly downtime. This is where the SAP and AWS duo steps in! For more than 16 years, AWS and SAP have been working together to deliver high-performance innovation, automation, administration and observability solutions for the SAP ecosystem.   

Discover how you can improve the security, performance and operational efficiency of your SAP systems on the cloud, thanks to AWS and oXya’s expert approach to mission-critical application management.  

Observability, A Necessity

One of the main pillars of AWS is SECURITY, and it offers a wide range of services providing a strong traceability of actions carried out in the cloud environment and the capacity to collect and visualize IT metrics/traces. 

Amazon CloudWatch 
Helps you monitor the resources and the applications deployed on AWS in real time. This service integrates the collection, tracking and display of metrics. 

AWS CloudTrail 
Records as logs all actions performed in the AWS account. This includes interactions with the web console, API calls, Command Line Interface (CLI) as well as interactions performed from another AWS service.  

AWS Config
Provides a detailed view of the resources deployed on an AWS account, and the ability to track the evolution of their configuration over time. The creation of “rules” ensures that resources are compliant with the company’s desired requirements.   

AWS Security HUB 
Allows you to check that the security of AWS accounts is compliant with AWS best practices. It also aggregates security alerts from AWS services in a single place, thus fostering visualization and tracking of your security posture. This opens the possibility of automated remediation.  

Amazon Inspector 
Helps analyze and detect software and network vulnerabilities (CVE) in EC2 instances, container images or standard functions.  

AWS X-Ray 
Collects details on requests made to application workloads. 
Generates visual elements:

• Map of interaction between application layers 
•   Distribution of response time between layers   
• Chronology of requests, etc.

VPC Flows Logs 
Captures information about network traffic going to and from network interfaces in a VPC. 

Monitoring and Metrics Collection with Amazon CloudWatch

Amazon CloudWatch monitors resources and applications deployed on AWS. It also collects metrics on external applications (not hosted on AWS). This flexibility makes it a real Swiss Army knife, combining metrics collection, dashboards and alert systems.   

CloudWatch distinguishes itself by its native approach to monitoring, integrating naturally into the AWS ecosystem while being secured by classic encryption and permissions management mechanisms. A major advantage: no external network opening is required, unlike third-party applications, which often require slightly more complex configurations, with a specific agent and/or flows.   

The service offers two categories of metrics:   

1. Standard (native) metrics: Directly issued from AWS services, they provide essential data on cloud resources.  
   For maximum responsiveness, the activation of the detailed monitoring can be used to retrieve metrics every minute, rather than every 5 minutes.   
2. Custom metrics: Adapted to your specific needs, they can be configured with standard (one minute) or high (one second) resolution.  

SAP Under Surveillance: CloudWatch Advantage

One of the strengths of CloudWatch lies in its capacity to adapt perfectly to the SAP systems, including SAP NetWeaver and SAP HANA.    

For SAP NetWeaver, CloudWatch can collect mission-critical metrics from SAP transactions (ST03, SM04, ST06) via AWS Lambda functions. This approach, which is often without a server, represents a major advantage to maximize availability and operational excellence: no server upgrades are required!   

The monitoring of SAP HANA databases also benefits from this approach. CloudWatch offers a precise follow-up of basic metrics, including the following:  

• Resident memory  
• Usage and size of disk space  
• HANA alerts  
• HSR replication status  
• Backup history  
• Availability  
• Etc.  

CloudWatch Application Insights goes even further by offering automated discovery and configuration of the observability environment. This feature automatically detects the type of SAP product and useful metrics and logs, establishes relevant alert thresholds and generates suitable dashboards.  

Customizable Dashboards

CloudWatch allows you to monitor both OS, application and DB metrics and all types of logs. CloudWatch dashboards allow you to create customizable pages with all the metrics you selected, in the form of tables, graphics and values.     

A common issue CloudWatch can help you with is multi-account management. For SAP clients whose systems are spread out on several AWS accounts, the cross-account observability feature helps centralize monitoring to create a global, consolidated view. 

Are you using issue tracking tools such as ServiceNow or Atlanssian Jira? These tools can easily be integrated to CloudWatch thanks to AWS Lambda function or AWS Service Management Connector.  

The Essentials for a Successful Implementation

Amazon CloudWatch includes various features, which make the cost vary according to use. For optimal implementation and controlled costs, it’s essential to consider the following steps:    

1. Precisely evaluate monitoring needs before the deployment phase  
2. Distinguish between non-critical metrics and critical metrics that require high-frequency collection  
3. If needed, manage installation and agent configuration through infrastructure as code, which will ensure coherency, reproducibility and rapid execution  
4. Define metric dimensions to more easily identify and find metrics in CloudWatch  
5. Identify the required alarms for each application and their alert thresholds  
6. Regularly review your strategy: monitoring needs can change during an application’s life cycle.  

Organizations must also try to avoid the following two main traps:  

• Collecting an excessive number of metrics can unnecessarily increase costs. Don’t forget: CloudWatch is above all a monitoring service and not a storage service! Other oXya services, like Xperion, can help you reach that goal.  
• Superficial monitoring (not enough metrics) can compromise your capacity to detect and resolve incidents by increasing the amount of time needed for analysis.  

Learn more about oXya’s best practices for monitoring.  

oXya can help you evaluate the costs of your observability solutions and offer the best optimized solutions. Moreover, we offer personalized assistance by ensuring that the metrics are wisely selected, and the alerts are defined in the most optimal way.  

Going Further with Generative Artificial Intelligence (GenAI)

With more than 25 years of experience in AI, AWS offers various services to simplify and accelerate the adoption of artificial intelligence for companies.   

It is possible to use AWS services that have integrated AI, like CloudWatch, in order to, for example, easily generate log queries, through Logs Insights and its query generator feature.   

We can go even further and imagine the implementation of an AI-based proactive advanced monitoring approach that uses CloudWatch metrics to resolve potential incidents before they even occur!  

oXya Expertise for Customized Solutions

Amazon CloudWatch remains a strategic choice as a component of the AWS ecosystem. Its capacity to combine natural integration of different tools, customized metrics and smart automation makes it an indispensable tool for organizations using SAP on AWS.  

At oXya, CloudWatch is an integral part of our managed services offer for our clients using SAP and AWS. From the first workshops, we plan and discuss the implementation of solutions that are better adapted to your needs.  

With its extensive SAP expertise, our team has a list of predefined key metrics that should be collected and tracked to offer you the best solution and monitoring from the outset, with the construction of your architecture. Contact us for more personalized tips.  

Check out our other blog articles on AWS:  

• Build Your Fortress Against Threats with Backup Externalization on AWS  
• Unlock the Power of Oracle Database in the Cloud with oXya  
• Accelerate Your Cloud Transformation with AWS DRS and oXya  
• SAP on AWS: 6 Cloud Native Services to Go Beyond IaaS  
• Why Use SAP GUI with Amazon Appstream 2.0?