Integrating with AWS CloudWatch

Use Amazon Web Services (AWS) CloudWatch to monitor and track various metrics related to your resources and applications that run on AWS.

Configure a connection with AWS CloudWatch to view the event and metric data from AWS CloudWatch in BMC Helix Operations Management and derive actionable insights.

BMC Helix Intelligent Integrationscollects alarms of the type metric and metrics for the following namespaces from AWS CloudWatch:

EBS
EC2
EFS
ELB
Events
Lambda
Logs
NetworkELB
ApiGateway (API Gateway of REST API type is supported)

BMC Helix application	Type of data collected or viewed	Benefits
BMC Helix Operations Management	Events (AWS CloudWatch alerts received as events)	Use a centralized event view to monitor, filter, and manage events, and perform event operations in one place. Process events to help identify actionable events quickly from a large volume of event data. For more information, see Monitoring events and reducing event noise.
BMC Helix Operations Management	Metrics	Use alarm and variate policies to detect anomalies and eliminate false positives for more accurate results while monitoring the health of your system. For more information, see Detecting anomalies by using static and dynamic thresholds.

Task 1: To plan for the connection

Review the following prerequisites to help you plan and configure a connection with AWS CloudWatch .

AWS CloudWatch prerequisites

To collect event and metric data from AWS CloudWatch, the IAM policy that you create must have the minimum permissions as shown in the Action section of the following policy:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": [
                "cloudwatch:GetMetric*",
                "events:DescribeRule",
                "health:Describe*",
                "cloudwatch:Describe*",
                "cloudwatch:ListMetrics",
                "events:TestEventPattern",
                "events:DescribeEventBus",
                "ec2:Describe*",
                "events:ListRuleNamesByTarget",
                "events:ListRules",
                "events:ListTargetsByRule",
                "aps:*",
                "elasticloadbalancing:DescribeLoadBalancers",
                "elasticfilesystem:DescribeFileSystems",
                "lambda:List*",
                "lambda:Get*",
                "iam:List*",
                "iam:Get*",
                "logs:Describe*",
                "logs:List*",
                "logs:Get*"
            ],
            "Resource": "*"
        }
    ]
}

For the elasticloadbalancing:DescribeLoadBalancers permission, you must grant users the permission to call the Elastic Load Balancing API actions they need. For more information, see Elastic Load Balancing API permissions. For information about permissions and policies, see Creating IAM policies.

BMC Helix Intelligent Integrations prerequisites

Depending on the location of the third-party product (SaaS, on-premises), choose one or more BMC Helix Intelligent Integrations deployment modes and review the corresponding port requirements. For information about various deployment modes and port requirements, see Deployment-scenarios.
Based on the deployment mode, use the BMC Helix Intelligent Integrations SaaS deployment or the BMC Helix Intelligent Integrations on-premises gateway or both. For more information about the gateway, see Deploying-the-BMC-Helix-Intelligent-Integrations-on-premises-gateway.

In the preceding list, third-party product refers to AWS CloudWatch.

Task 2: To configure the connection with AWS CloudWatch

Depending on the deployment mode, perform one of the following steps to access BMC Helix Intelligent Integrations:
- BMC Helix Intelligent Integrations SaaS – Log on to BMC Helix Portal, and click Launch on BMC Helix Intelligent Integrations.
- BMC Helix Intelligent Integrationson-premises gateway – Use the following URL to access BMC Helix Intelligent Integrations: https://<hostName>:<portNumber>/swpui
On the CONNECTORS tab, click in the SOURCES panel.
Click the AWS CloudWatch tile
Specify the following details for the source connection:
1. Specify a unique instance name.
  Best practice
  We recommend that you specify the instance name in the following format:
  <sourceType>_<sourceControllerServerName>_<InstanceQualifier>
  The instance qualifier helps you to distinguish the multiple instances configured from the same source server. For example, you can name your instances as AWS_Host_PROD and AWS_Host_TEST.
2. Specify the access key.
3. Specify the secret key.
4. Select the region.
5. Click Proxy and specify whether you want to configure a proxy server.
  If yes, specify the host name and port number (default value is 8888).
Click VALIDATE AND CREATE.
The specified connection details are validated and the corresponding source connection is created in the Source Connection list.
Verify that the source connection you created is selected.
Important
The destination host connection is created and configured automatically for each tenant when the source connection is created.
Verify that the options for the datatypes for which you want to collect data are selected.
Configure the collectors for the selected data types by clicking the respective data type in the Collectors section. Specify the parameters for the selected data type, as explained in the following table.
The ✅️ symbol indicates that this field applies to the data type.
Note: In version 24.4, the Alarm Names filter is replaced with the following filters: Namespaces, Alarm Names Regex, and Metric Names Regex. After you upgrade to version 24.4, the existing connector instances are not updated with these filters automatically. You need to either create a new connector instance or stop the existing data stream and create a new data stream.
Click CREATE COLLECTORS to create the required collector streams for the event data type.

Click the event data type and specify the configuration parameters in the Distributors section as described in the following table:

Parameter name	Description
Max Batching Size	Specify the maximum number of data items to send in a single POST request to the destination API. The batch size depends on the destination’s ability to buffer the incoming data.Default: 250
Max Batching Delay	Specify the maximum time (in seconds) to wait before building and processing a batch.Default: 3 seconds
Base Retry Delay	Specify the initial time (in seconds) for which to wait before retrying to build and process a batch. The waiting time increases in the following sequence: n¹, n², n³, and so on, where n indicates the number of seconds.Default: 2 secondsExample:Base Retry Delay is set to 2 seconds.Retry is performed after 2, 4, 8, 16, ... seconds.
Max Intra-Retry Delay	Specify the maximum limit for the base retry delay. Default: 60 secondsExample:Max Intra-Retry Delay is set to 60 seconds. Base Retry Delay is set to 2 seconds.Retries are performed 2, 4, 8, 16, 32,... seconds later.
Max Retry Duration	Specify the total time for retrying a delivery. For REST destinations, a delivery is a batch of data items in one POST request. Default: 5 minutesExample:Max Retry Duration is set to 8 hours. Base Retry Delay is set to 2 seconds.Requests are sent for 2+4+8+16+32+64+132... until 8 hours in total duration is reached. After that, no subsequent attempts are made to retry the delivery.The assumption here is that if there is an outage or other issue with the destination tool, recovery should take less than the value of the Max Retry Duration parameter to be completed.
Attributes To Be Dropped When Updating Events	Specify the event attributes that you do not want to be updated in BMC Helix Operations Managementwhen events are updated. For example, if you do not want an event's severity, source address, source category, and subcategory to be updated in BMC Helix Operations Management , you need to specify those attributes in a comma-separated format: severity,source_address,source_category,source_subcategory .Important:You can obtain the event attribute names in BMC Helix Operations Management, by exporting any event data in JSON, BAROC, XML, or CSV format . The exported file contains all attributes of the event data, and from there you can identify the attributes to be dropped.

Parameter name	Description
Max Batching Size	Specify the maximum number of data items to send in a single POST request to the destination API. The batch size depends on the destination’s ability to buffer the incoming data.Default: 250
Max Batching Delay	Specify the maximum time (in seconds) to wait before building and processing a batch.Default: 3 seconds
Base Retry Delay	Specify the initial time (in seconds) for which to wait before retrying to build and process a batch. The waiting time increases in the following sequence: n¹, n², n³, and so on, where n indicates the number of seconds.Default: 2 secondsExample:Base Retry Delay is set to 2 seconds.Retry is performed after 2, 4, 8, 16, ... seconds.
Max Intra-Retry Delay	Specify the maximum limit for the base retry delay. Default: 60 secondsExample:Max Intra-Retry Delay is set to 60 seconds. Base Retry Delay is set to 2 seconds.Retries are performed 2, 4, 8, 16, 32,... seconds later.
Max Retry Duration	Specify the total time for retrying a delivery. For REST destinations, a delivery is a batch of data items in one POST request. Default: 5 minutesExample:Max Retry Duration is set to 8 hours. Base Retry Delay is set to 2 seconds.Requests are sent for 2+4+8+16+32+64+132... until 8 hours in total duration is reached. After that, no subsequent attempts are made to retry the delivery.The assumption here is that if there is an outage or other issue with the destination tool, recovery should take less than the value of the Max Retry Duration parameter to be completed.
Attributes To Be Dropped When Updating Events	Specify the event attributes that you do not want to be updated in BMC Helix Operations Management when events are updated. For example, if you do not want an event's severity, source address, source category, and subcategory to be updated in BMC Helix Operations Management , you need to specify those attributes in a comma-separated format: severity,source_address,source_category,source_subcategory .Important:You can obtain the event attribute names in BMC Helix Operations Management , by exporting any event data in JSON, BAROC, XML, or CSV format . The exported file contains all attributes of the event data, and from there you can identify the attributes to be dropped.

Click CREATE DISTRIBUTORS to create the required distributor streams for the event data type.
Click one of the following buttons:
- SAVE STREAM: Click this button if you want to edit the integration details before creating the instance. After you save the stream, the instance that you created is listed in the SOURCES panel. Move the slider to the right to start the event data stream.
- SAVE AND START STREAM: Click this button if you want to save the integration details and start receiving event data immediately.
ImportantFor a data stream, the Run Latency (max/avg), Items (Avg per Run), and Last Run Status columns on the Streams page might show the status as No Runs during the data collection process. After completion of the process, these columns are updated with an appropriate status.
For more information about data streams, see Starting-or-stopping-data-streams.

Task 3: To verify the connection

In BMC Helix Intelligent Integrations, on the SOURCES panel, confirm that the data stream for the integration you created is running. Data streaming is indicated by moving colored arrows.

A moving dark blue arrow () indicates that the event stream is running. Event data will be pushed according to the configured Collection Schedule interval.
A moving red arrow () indicates that the metric stream is running. Metric data will be pushed according to the configured Collection Schedule interval.

To view data in BMC Helix applications

View data collected from AWS CloudWatch in BMC Helix applications.

To view events in BMC Helix Operations Management

In BMC Helix Operations Management, select Monitoring > Events.
Filter the events by the AWSCloudWatchAlarm class.

Incoming events from AWS CloudWatch are processed in BMC Helix Operations Management through a set of deduplication rules to determine whether the incoming event is a duplicate event or a new event. For more information, see Event-deduplication-suppression-and-closure-for-reducing-event-noise.

For more information about events, see Monitoring and managing events.

To view metrics in BMC Helix Operations Management

In BMC Helix Operations Management, select Monitoring > Devices.
Click the links for the required device.
On the Monitors tab, click the required monitor.
The Performance Overview tab shows the metrics graph.

For information about metrics, see Viewing collected data.