Documentation forSolarWinds Observability SaaS

Add an AWS cloud account

To monitor your AWS-managed host and associated AWS services with SolarWinds Observability SaaS, integrate SolarWinds Observability SaaS with your AWS account.

Integrate SolarWinds Observability SaaS with AWS manually

  1. In a separate tab, sign in to the Amazon AWS website with the AWS account you wish to integrate with SolarWinds Observability SaaS. Return to the SolarWinds Observability SaaS tab.

  2. In SolarWinds Observability SaaS, click Add Data at the top.

  3. In the Add Data dialog, click either the Infrastructure tab or Monitor my cloud infrastructure.

  4. Click AWS Services.

  5. In the Basic Settings screen of the Add AWS Cloud Account dialog, click Click here to integrate with your AWS account with a new IAM Role and IAM Policy. The wizard will update accordingly.

  6. Type a Display name to represent the integration with your AWS account.

  7. Enter a unique name in the Metrics tag field. The metrics tag will be added to all measurements ingested from the AWS cloud services on this AWS account.

    The Metrics tag can be used to distinguish AWS accounts when creating a chart or filtering data in a dashboard.

  8. Click Next.

  9. The Create a new AWS IAM Policy screen will populate within SolarWinds Observability SaaS.

  10. Proceed through the steps on the screen to set up your IAM policy and click Next. Proceed through the steps on the screen to set up your IAM role and click Next.

  11. After the IAM Role is created, copy the IAM Role's ARN from the AWS Console to SolarWinds Observability SaaS. Test the connection and click Next.

  12. In the Regions & Services screen, click Add regions and services, select the AWS regions and services you want to monitor, and click Add selected. Click Next.

  13. In the Alert Templates screen, you can select pre-filled alert templates to create alerts related to your AWS entities. Click Next.

    See AWS alert templates for more information on alerts related to your AWS entities.

  14. In the Logs screen, follow the instructions to configure log collection. Click Next.

  15. In the Summary screen of the SolarWinds Observability SaaS Add AWS Cloud Account dialog, verify the AWS integration settings. Click Submit.

Integrate SolarWinds Observability SaaS with AWS using CloudFormation

  1. In a separate tab, sign in to the Amazon AWS website with the AWS account you wish to integrate with SolarWinds Observability SaaS. Return to the SolarWinds Observability SaaS tab.

  2. In SolarWinds Observability SaaS, click Add Data at the top.

  3. In the Add Data dialog, click either the Infrastructure tab or Monitor my cloud infrastructure.

  4. Click AWS Services.

  5. In the Basic Settings screen of the Add AWS Cloud Account dialog, type a Display name to represent the integration with your AWS account.

  6. Enter a unique name in the Metrics tag field. The metrics tag will be added to all measurements ingested from the AWS cloud services on this AWS account.

    The Metrics tag can be used to distinguish AWS accounts when creating a chart or filtering data in a dashboard.

  7. Select the Data acquisition method. Click Set Up Using CloudFormation.

    If you select Polling, you can also select Enable Discovery to simplify the discovery process across all AWS services and regions for every cloud account. For more information, see Discovery and Topology.

  8. To pull AWS metrics data at regular intervals, see Polling. To continuously update AWS metrics data in real time, see Streaming.

      1. A new tab in your browser opens and loads the AWS CloudFormation Quick create stack page. In the AWS tab, complete all sections of the CloudFormation quick create stack form for the SolarWinds AWS Integration stack.

        In the Parameters pane, use the following information:

        • The SolarWinds AWS Account ID will be filled in the AccountID field automatically.

          If necessary, you can find the SolarWinds AWS Account ID in the Role ARN screen of the Add Cloud Account dialog. Return to SolarWinds Observability SaaS browser tab and click to copy the AWS Account ID to the clipboard.

        • After the IAM Role is created, return to the SolarWinds Observability SaaS browser tab and enter the new IAM Role's ARN in the Role ARN field to complete the integration.

          You can find the ARN in the IAM Role’s Summary or in the AwsIntegrationArn value in the SolarWinds AWS Integration stack’s outputs tab.

        Enter the AWS External ID in the ExternalID field.

        To find the AWS External ID, return to the SolarWinds Observability SaaS browser tab. In the Add AWS Cloud Account dialog, click to copy the AWS External ID to the clipboard.

      2. Return to the SolarWinds Observability SaaS browser tab and click Next.

      3. In the Regions & Services screen, click Add regions and services, select the AWS regions and services you want to monitor, and click Add selected. Click Next.

        You must select at least one region and at least one service for that region to be able to proceed with the Add AWS Cloud Account dialog.

      4. Update the AWS Config service for discovery and tag-based filtering to work.

        AWS Config tracks latest configuration changes in your AWS resources. SolarWinds Observability SaaS depends on AWS Config to fetch latest AWS resource configurations, discover new resources, and establish topology relationships. For more information, see Discovery and Topology.

        If the AWS Config service is not enabled, a warning symbol is displayed in the AWS Config column together with the status Not Available. Click Set up using CloudFormation > 1-click setup > Confirm. After returning to SolarWinds Observability SaaS, click Refresh. The warning symbol is no longer displayed and the status shows Available.

        If the AWS Config service is set up incorrectly, a warning symbol is displayed in the Recording or Frequency column. To update the AWS Config service:

        1. For each selected region with a warning, click AWS Config.

          A new tab in your browser opens with the AWS Config settings for that region. Verify the below settings and make necessary updates by clicking Edit in the top-right.

          You can configure only one AWS Config service per region at a given time in the AWS Console.

          • Recording is set to On.

          • Default recording frequency is set to Continuous.

          • Recording frequency for all resource types with override settings is set to Continuous.

          • Recording frequency for all resource types with default settings is set to Continuous.

        2. Save the changes and return to SolarWinds Observability SaaS. Click Refresh. Click Next.

    • Continuously updates AWS metrics data in SolarWinds Observability SaaS, providing high-fidelity metrics with near real-time delivery. See Benefits of metrics streaming for more information.

      1. A new tab in your browser opens and loads the AWS CloudFormation Quick create stack page. In the AWS tab, complete all sections of the CloudFormation quick create stack form for the SolarWinds AWS Integration stack.

        In the Parameters pane, use the following information:

        • The SolarWinds AWS Account ID will be filled in the AccountID field automatically.

          If necessary, you can find the SolarWinds AWS Account ID in the Role ARN screen of the Add Cloud Account dialog. Return to SolarWinds Observability SaaS browser tab and click to copy the AWS Account ID to the clipboard.

        • After the IAM Role is created, return to the SolarWinds Observability SaaS browser tab and enter the new IAM Role's ARN in the Role ARN field to complete the integration.

          You can find the ARN in the IAM Role’s Summary or in the AwsIntegrationArn value in the SolarWinds AWS Integration stack’s outputs tab.

        Enter the AWS External ID in the ExternalID field.

        To find the AWS External ID, return to the SolarWinds Observability SaaS browser tab. In the Add AWS Cloud Account dialog, click to copy the AWS External ID to the clipboard.

      2. Return to the SolarWinds Observability SaaS browser tab and click Next.

        To stream data from AWS, SolarWinds Observability SaaS creates an Amazon Kinesis Data Firehose delivery stream, an S3 bucket, and a CloudWatch Metric Stream. SolarWinds Observability SaaS automatically opens a new tab with the AWS CloudFormation stack.

        To minimize the cost of the backup S3 bucket, make sure S3 Versioning is disabled when creating the CloudFormation stack for the streaming integration. For more information, see How S3 Versioning works.

      3. In Stack name, enter the name of your new stack, and in the Parameters pane, use the following information:

        • APIToken: Enter your SolarWinds Observability SaaS API token to authenticate the Amazon metric streams.

          You can find the API token in the Create Metric Stream screen of the Add AWS Cloud Account dialog. Return to SolarWinds Observability SaaS browser tab, and under Ingestion Token, select either Generate New Token or Use Existing Token and select an existing token from the drop-down. Click to copy the API Token to the clipboard.

        • IAMRoleName: Enter a unique IAM Role Name.

          You must enter a unique IAM Role Name every time you create a stack, otherwise an error is displayed and you will not be able to complete the stack creation process.

      4. Click Create stack.

      5. (Optional) By default, the Amazon Kinesis Data Firehose delivery stream, S3 bucket, and metric stream are created using the same region as what was used when accessing CloudFormation.

        To use additional regions, create AWS CloudFormation stacks in the desired regions:

        1. Open the AWS CloudFormation Stacks page in a new browser tab. Click the region drop-down in the upper-right of the page, and select a region for the new CloudFormation stack.

        2. Click Create stack > With new resources (standard).

        3. On the Create stack page, under Prepare template, select Template is ready.

        4. Under Template source, select Amazon S3 URL, and enter the URL in the Amazon S3 URL field. Click Next.

          You can find the Amazon S3 URL in the Create Metric Stream screen of the Add AWS Cloud Account dialog. Return to SolarWinds Observability SaaS browser tab and click to copy the Amazon S3 URL to the clipboard.

        5. Repeat steps a. and b.

        6. Repeat steps i. through v. for every region you wish to use for your multi-region metrics streaming configuration.

      6. Return to SolarWinds Observability SaaS browser tab and in the Create Metric Stream screen of the Add Cloud Account dialog, click Next.

  9. In the Alert Templates screen, you can select pre-filled alert templates to create alerts related to your AWS entities. Click Next.

  10. In the Logs screen, follow the instructions to configure log collection. Click Next.

  11. In the Summary screen of the SolarWinds Observability SaaS Add AWS Cloud Account dialog, verify the AWS integration settings. Click Submit.

To view data collected for the newly configured entity in the Entity Explorer, click the name of the Host in the confirmation dialog in the lower-left corner. It may take a few seconds for data to appear for the newly created entity. See Entity Explorer for details.

See Entities in SolarWinds Observability SaaS for an overview of Host entities and how they work in SolarWinds Observability SaaS.

See Add logs from AWS for details on setting up AWS logs for SolarWinds Observability SaaS.

See AWS alert templates for more information on alerts related to your AWS entities.

Update an existing Firehose delivery stream and S3 bucket configurations

Follow the instructions below to update the Amazon Kinesis Data Firehose delivery stream and S3 bucket configurations that were created as part of that Amazon CloudWatch Metric Stream integration.

The instructions are valid for Amazon CloudWatchMetric Stream integrations created before April 10, 2024.

  1. Log in to the AWS Console with your AWS account, and open the Amazon Data Firehose page.

  2. Type SWOStreaming-DeliveryStream in the search bar to locate all the Firehose streams.

  3. Click the stream you want to update, and click the Configuration tab above Firehose stream metrics.

  4. Under Destination settings, click Edit.

  5. Under Content encoding, select GZIP.

  6. Click Buffer hints to expand the section, and change the Buffer size value to 1.

  7. Click Save changes.

  8. Scroll down to Backup settings and click Edit.

  9. Under S3 backup bucket, click Browse and click on the S3 bucket URL to open the S3 bucket configuration.

  10. Click the Management tab, and under Lifecycle rules, click Create lifecycle rule.

  11. In the Lifecycle rule name, type the rule name. For example, CleanupRule30Days.

  12. Under Prefix, type /firehose.

  13. Under Lifecycle rule actions, select Expire current versions of objects.

  14. Under Expire current versions of objects, type 30 in the Days after object creation field.

  15. Click Save changes.

Update an existing CloudFormation stack with the latest template

When the CloudFormation template is updated (for example, when policy permissions change), you must update your existing CloudFormation stack to use the latest template.

  1. Log in to the AWS Console with your AWS account, and open the CloudFormation Stacks page.

  2. Select the stack you want to update, and click Update.

  3. On the Update stack page, under Prerequisite - Prepare template, select Replace current template. Under Specify template - Template source, select Amazon S3 URL, and in the Amazon S3 URL field, enter the below template URL, and click Next.

    https://swi-im-templates.s3.amazonaws.com/solarwinds-observability-aws-integration.template

  4. Click Next on the Specify stack details page and Configure stack options page to proceed to the Review page. Under Changeset review, verify your updates, and click Submit.

For details on updating CloudFormation stacks, see Updating stacks directly in Amazon documentation.

Integrate SolarWinds Observability SaaS with multiple AWS accounts managed with AWS Control Tower

  1. In a separate tab, sign in to the Amazon AWS website with the AWS account you wish to integrate with SolarWinds Observability SaaS. Return to the SolarWinds Observability SaaS tab.

  2. In SolarWinds Observability SaaS, click Add Data at the top.

  3. In the Add Data dialog, click either the Infrastructure tab or Monitor my cloud infrastructure.

  4. Click AWS Control Tower.

  5. In the Basic Settings screen of the Add AWS Control Tower Account dialog, type a Display name to represent the integration with your AWS account. This will be the display name of the management account integration.

  6. Enter a unique name in the Metrics tag field. The metrics tag will be added to all measurements ingested from the AWS cloud services on the integrated management account. The accounts managed with the AWS Control Tower will have their own metric tags generated per account name.

    The Metrics tag can be used to distinguish AWS accounts when creating a chart or filtering data in a dashboard.

  7. (Optional) Select Enable Discovery to simplify the discovery process across all AWS services and regions for every cloud account. For more information, see Discovery and Topology.

  8. Click Set Up Using CloudFormation.

    1. A new tab in your browser opens and loads the AWS CloudFormation Quick create stack page. In the AWS tab, complete all sections of the CloudFormation quick create stack form for the AWS Control Tower Integration for SolarWinds Cloud Observability stack.

    2. In the Parameters pane, use the following information:

      1. The SolarWinds AWS Account ID will be filled in the AccountID field automatically.

        If necessary, you can find the SolarWinds AWS Account ID in the Role ARN screen of the Add AWS Control Tower Account dialog. Return to SolarWinds Observability SaaS browser tab and click to copy the AWS Account ID to the clipboard.

      2. Enter the AWS External ID in the ExternalID field.

        To find the AWS External ID, return to the SolarWinds Observability SaaS browser tab. In the Add AWS Control Tower Account dialog, click to copy the AWS External ID to the clipboard.

      3. Enter the API Token in the APIAccessToken field.

        You can use one of the existing API tokens or generate a new one. To generate a new token, return to the SolarWinds Observability SaaS browser tab, provide a token name in the Token Name field, and click Generate Token. Click to copy the API Token to the clipboard.

    3. Click Create stack.

    4. Return to the SolarWinds Observability SaaS browser tab and enter the new IAM Role's ARN in the Role ARN field to complete the integration. Click Next.

      You can find the ARN in the IAM Role’s Summary or in the AwsIntegrationArn value in the AWS Control Tower Integration for SolarWinds Cloud Observability stack’s outputs tab.

  9. In the Regions & Services screen, click Add regions and services, select the AWS regions and services you want to monitor, and click Add selected. Click Next.

    You must select at least one region and at least one service for that region to be able to proceed with the Add AWS Cloud Account dialog.

  10. Update the AWS Config service for discovery and tag-based filtering to work.

    AWS Config tracks latest configuration changes in your AWS resources. SolarWinds Observability SaaS depends on AWS Config to fetch latest AWS resource configurations, discover new resources, and establish topology relationships. For more information, see Discovery and Topology.

    If the AWS Config service is not enabled, a warning symbol is displayed in the AWS Config column together with the status Not Available. Click Set up using CloudFormation > Confirm. After returning to SolarWinds Observability SaaS, click Refresh. The warning symbol is no longer displayed and the status shows Available. The same step should be followed for every account managed with AWS Control Tower.

    If the AWS Config service is set up incorrectly, a warning symbol is displayed in the Recording or Frequency column. To update the AWS Config service:

    1. For each selected region with a warning, click AWS Config.

      A new tab in your browser opens with the AWS Config settings for that region. Verify the below settings and make necessary updates by clicking Edit in the top-right.

      You can configure only one AWS Config service per region at a given time in the AWS Console.

      • Recording is set to On.

      • Default recording frequency is set to Continuous.

      • Recording frequency for all resource types with override settings is set to Continuous.

      • Recording frequency for all resource types with default settings is set to Continuous.

    2. Save the changes and return to SolarWinds Observability SaaS. Click Refresh. Click Next.

  11. In the Summary screen of the SolarWinds Observability SaaS Add AWS Control Tower Account dialog, verify the AWS integration settings. Click Submit.

  • You can permanently delete the management account from SolarWinds Observability SaaS. If you delete a sub-account, that deletion is not permanent as the management account eventually discovers the sub-account and adds it to SolarWinds Observability SaaS.

    To permanently delete a particular sub-account from SolarWinds Observability SaaS, remove the account from Control Tower in the AWS console and then remove it in SolarWinds Observability SaaS.

  • Sub-accounts adopt the configuration (region or resources selection) of the management account. Configurations applied on a sub-account level are overridden if the configurations are modified on the management account level.