Automate incident management for SAP on AWS
Amazon CloudWatch Application Insights helps you monitor your applications that use Amazon Elastic Compute Cloud (EC2) instances along with other underlying AWS resources. It identifies and sets up key metrics, logs, and alarms across your application resources and technology stack by continuously monitoring metrics and logs to detect and correlate anomalies and errors. When errors and anomalies are detected, Application Insights generates Amazon CloudWatch Events that you can use to set up notifications or take actions.
Amazon CloudWatch Application Insights offers support for observability of SAP HANA database and SAP NetWeaver based applications. AWS customers running SAP workloads such as SAP S/4HANA, SAP ERP and SAP Business Warehouse on AWS can monitor the entire SAP stack, from AWS infrastructure all the way to the SAP application layer.
ServiceNow is an enterprise service management platform that places a service‑oriented lens on the activities, tasks, and processes that make up day‑to‑day work life to enable a modern work environment. AWS Service Management Connector for ServiceNow enables ServiceNow end users to provision, manage, and operate AWS resources natively through ServiceNow.
In this blog post, we setup an integration between Amazon CloudWatch Application Insights and ServiceNow to manage and track issue resolution based on problems detected by CloudWatch Application Insights for your SAP workloads on AWS.
CloudWatch Application Insights helps to achieve monitoring of SAP NetWeaver workloads running on AWS with SAP HANA and SAP NetWeaver based applications. When you onboard an SAP application into CloudWatch Application Insights, the underlying AWS resources such as EC2 instances, EBS volumes and the deployment pattern of the SAP application are automatically identified. CloudWatch Application Insights sets up relevant metrics, logs, and alarms on CloudWatch, and starts monitoring newly onboarded SAP workloads. You can view automated insights and detected problems, along with the health of your SAP workloads, on your CloudWatch console.
In our solution, we leverage the built-in integration of CloudWatch Application Insights with AWS Systems Manager OpsCenter. Based on this integration, an OpsItem is created on the OpsCenter console for every problem detected with your SAP application. We then configure the Service Management connector for ServiceNow to automatically create ServiceNow incidents from OpsItems and sync updates in ServiceNow back to AWS Systems Manager OpsCenter.
The following diagram describes the architecture of our solution
AWS Launch Wizard for SAP offers a consistent, repeatable and quick process to deploy SAP applications on AWS including provisioning EC2 instances, EBS volumes, installation of SAP application, SAP HANA database, and setup of high availability cluster. Follow the instructions provided here to deploy the SAP S/4HANA application using AWS Launch Wizard for SAP.
After the SAP S/4HANA application is deployed, you can configure Amazon CloudWatch Application Insights to monitor the SAP application. CloudWatch Application Insights provides automated setup for observability for your SAP applications so you can get visibility into their health. For this, you need to onboard the SAP application into Cloud Watch Application Insights. Follow the procedure detailed in this tutorial to set up monitoring for your SAP application.
You can see the SAP applications being monitored in Application Insights screen as shown below. In these screenshots you see two different SAP applications being monitored in Application Insights. You can also see the automatic dashboard for problems identified in the SAP application.
For each of these problems, an SSM OpsItem is also created. See Figure 4 to view the OpsItems that are automatically created by Application Insights.
Now, to send these OpsItems to ServiceNow, you need to setup integration between CloudWatch Application Insights and ServiceNow, install Service Management connector and deploy CFN template. Follow the below steps to setup this integration:
- In AWS Account create AWS Service Management Connector Sync User and end User. In this blog, we have used the CloudFormation template to create the AWS Service Management Connector Sync User and end User. Once the CloudFormation template is deployed, note down the Key and values at the Outputs.
- Follow the steps here to complete the ServiceNow setup.
- In the ServiceNow Navigator, click AWS Accounts,
- Name: You can provide any name for this setup. We have used ‘SAPNetWeaverSetUp’. Provide the Access Keys and Secret Access Keys for End User and Sync user from step 1.
- Enable all the integration that you would like. In this case we enabled ‘Integrate with AWS Systems Manager OpsCenter’
- Add the required regions where you have AWS setup. and Click Submit
- Follow the steps to validate account here
Once AWS Account is correctly validated, you can see the correct AWS Account Number Access Key for Sync and End User in AWS Accounts in ServiceNow setup
- Follow the steps to configure AWS Service integrations for AWS Systems Manager OpsCenter here
- During the initial setup, if you do not want to wait until the scheduled job to run, you could manually execute the sync job for your AWS service integration Follow the steps here to manually sync scheduled job ‘Synchronize AWS Systems manager OpsCentre’ and click on ‘Execute Now’.
- In the ServiceNow, Navigator panel, find ‘OpsItems’, and view the OpsItems created in the ServiceNow
- Click on the OpsItems that you need to take action on or update the incident.
To avoid recurring charges, and to clean up your account after trying the solution outlined in this post, perform the below steps. Please note that these cleanup steps are not required to be executed when you setup this for production purposes.
- Delete the cloudformation stack in your account that generates ServiceNow incidents based on Systems Manager OpsItems
- Select Application Insights under Insights in the left navigation pane of the CloudWatch console and delete your Application Insight application
- Select the Application Name you chose in AWS Launch Wizard deployment and select delete, to delete your SAP S/4HANA Application.
Amazon CloudWatch Application Insights offers built-in support for observability of SAP applications. It enables monitoring and provides metrics, logs and alarms related to security, availability, and performance for your SAP on AWS deployments. In this blog post, we demonstrated how the built-in alarm actions from CloudWatch Application Insights generate Systems Manager OpsItems. We then demonstrated how you are able to use the Service Management connector for ServiceNow to view and manage these operational items as incidents in ServiceNow.
To get started with CloudWatch Application Insights to monitor SAP applications, follow our detailed tutorial page. You can view this video to get a quick overview about monitoring SAP HANA database using CloudWatch Application Insights.
To get more detailed understanding about CloudWatch Application Insights for SAP HANA and NetWeaver applications, read other AWS blog posts: