By monitoring key metrics, such as response times, resource utilization, and throughput, you can optimize your application's performance and troubleshoot problems. Alerts and thresholds for various metrics help you detect issues before they become critical problems. By continuously monitoring key components such as servers, databases, network connectivity, and application services, you can identify any failures or outages and take immediate steps to address them.
Monitoring the Cloud Connector is crucial for maintaining its performance, availability, security, and user experience. It allows you to proactively address issues, optimize resources, and ensure that your application meets the expectations of your users.
In this lesson, you will find the available monitoring tools and you will check the operational state of Cloud Connector. Also, you will learn how to work with hardware metrics, monitor cloud to on-premise connections and vice versa. Finally, you will do alerting and audit logging.
There are three primary tools for monitoring the Cloud Connector:
- OS Command Line: From the host where the Cloud Connector is running, you can verify the operational state.
- SAP BP Cockpit:
- The SAP BTP Cockpit contains a Connectivity section, where users can check the status of the Cloud Connector(s) attached to the current subaccount.
- This section lists the Cloud Connector ID, version, used Java runtime, high availability setup, and the exposed back-end system(s).
- The Cloud Connector UI
- The primary tool for monitoring the Cloud Connector is the Cloud Connector Administration UI. This is available in a web browser interface.
- There are also Cloud Connector monitoring APIs if you wish to include performance information in your own monitoring tool.
Checking the Operational State
The first thing to monitor is whether the Cloud Connector is actually running. You can do it in three ways:
- 1. From the OS Command Line
- In Windows, the Cloud Connector is registered as a Windows service. It’s configured to start after installation, and restart upon host reboot. To check the state of the Cloud Connector, run the command:
sc query "SAP Cloud Connector"The output would be:
In Linux, the Cloud Connector is set up as a daemon process. It’s configured to start after installation, and restart automatically upon host reboot. To check the state of the Cloud Connector, run one of the following commands (depending on your Linux distribution):
service scc_daemon statussystemctl status scc_daemon
The output would be:
- 2. From the SAP BTP Cockpit
- In the Connectivity Section, choose Cloud Connectors. If the Cloud Connector is running, its information is displayed:
If the Cloud Connector isn’t running, the SAP BTP Cockpit displays the message:
- 3. From the Cloud Connector Administration UI
- If the Cloud Connector isn't running, the Cloud Connector Administration UI isn’t accessible and can't be started.
Hardware Metrics
The second aspect to monitor is hardware. To check the current state of critical system resources, use the Cloud Connector Administration UI. Select Hardware Metrics Monitor from the main menu.
The monitor displays key hardware resource usage. The monitor also displays history graphs for various metrics.
CPU Usage:
Physical Memory Usage:
Java Heap Usage:
Disk Usage:
Monitoring Cloud to On-Premise Connections
The third aspect to monitor is connections from the specific cloud subaccount to on-premise. For this, use the Cloud Connector Administration UI.
Select Monitor (Cloud to On-Premise) from the main menu. There are five tabs:
PERFORMANCE - this tab shows a bar chart of the number of requests sent through the Cloud Connector to an on-premise system. Each bar specifies the length of time that the request took. For example, the first bar shows the number of requests that took to 0 milliseconds, or less the second shows the number of requests that took from 10 milliseconds to 20 milliseconds, and so forth. The final bar shows the number of requests that took longer than 5000 milliseconds.
You can use this bar chart to tune the throughput of the Cloud Connector to the on-premise system. Based on these values, tune the Cloud Connector by changing parameters: number of connections, tunnel worker threads, and protocol worker threads.
MOST RECENT REQUESTS - this tab shows the most recent requests sent through the Cloud Connector. This information helps you understand which cloud/on-premise systems are using the Cloud Connector, and what types of requests are being sent. A horizontal bar chart also shows the duration of each component of the request.
This tab can provide information about application usage, request type, and network delay and connectivity issues.
The details of the request:
TOP TIME CONSUMERS - this tab is similar to MOST RECENT REQUESTS, except that requests are sorted by duration. It provides an alternative perspective by showing which requests are taking longer.
The details of the consumer:
BACK-END CONNECTIONS - this tab shows a tabular overview of all active and idle connections, aggregated for each virtual host. This tab shows which connections are busy, versus which have significant idle time. The busy connections should have more resources.
USAGE STATISTICS - this tab shows the traffic handled by each virtual host. It shows the bytes received from and bytes sent to cloud applications on an hourly basis. This tab allows you to delete unused hosts, or free unused resources.
Monitoring On-Premise to Cloud Connections
It's more likely that connecting to on-premise systems from the cloud is a higher priority for performance optimization. Going the other direction may simply be, for example, administrators using on-premise tools to connect to cloud databases. Since the traffic from such use is typically not significant, optimization may not be important. However, if a Cloud Connector service channel is being used to provision data to a cloud database, or retrieve data for reporting and analysis, then the performance of the Cloud Connector when sending requests from on-premise to cloud should be monitored and optimized.
To monitor connections from on-premise tools to a specific cloud subaccount, use the Cloud Connector Administration UI. Select Monitor (On-premise to Cloud) from the main menu. There are two tabs:
CONNECTIONS - this tab shows a tabular display of all currently opened logical connections to SAP BTP systems through each service channel. This tab shows which service channels are being used by on-premise tools.
USAGE STATISTICS - this tab provides statistical data about the bytes sent and bytes received through each service channel. This allows you to delete unused service channels, and free unused resources.
Alerting
The Cloud Connector can be configured to send email/text messages to an administrator under specific conditions. These alerts are an important part of a proper monitoring strategy. When a problem occurs in the Cloud Connector, the problem may not be noticed if no one is actively monitoring the system. An alert can inform administrators that a problem has occurred or is about to occur, which allows them to resolve the situation in a timely fashion.
To set up alerts, use the Cloud Connector Administration UI. Select Alerting from the main menu.
- Select E-mail Configuration to set up an e-mail list and other e-mail configurations:
- High availability - master has failed, shadow is connected.
- Tunnel Health - cloud to on-premise channel has lost its connection.
- Service Channels Health - on-premise to cloud service channel has lost its connection.
- CPU, Free Disk Space - running out of resources
- Certificates - a network certificate has expired.
- Specify how often to check the condition.
The result of an alert would look like this:
- Select Observation Configuration to set up the conditions for the alert:
Audit Logging
The Cloud Connector includes an auditor tool for viewing and managing audit log information. It provides information about:
- Access between the cloud and the Cloud Connector.
- Tracking of configuration changes done in the Cloud Connector.
This tool can alert administrators to unusual or suspicious network and system behavior.
Also, the audit log data can provide auditors with information required to validate security policy enforcement and proper segregation of duties. IT staff can use the audit log data for root-cause analysis following a troubleshooting or security incident.
The written audit log files are digitally signed by the Cloud Connector so that their integrity can be checked.
It's recommended to activate the audit logging in production systems. It’s also recommended that you regularly copy the audit log files to an external persistent storage according to your local regulations. The audit log files can be found in the Cloud Connector root directory/log/audit/<subaccount-name>/audit-log_<timestamp>.csv.
Configure audit logging in the Cloud Connector Administration UI.
- Choose Audits from the subaccount menu.
- Under Settings, edit the audit record parameters.
- Subaccount Audit Level
- Off
- Security
- All
- Cross-Subaccount Audit Level
- Off
- Security
- All
- Automatic Cleanup
- Never
- After 14, 30, 90, or 356 Days
The output would be displayed in the Cloud Connector Administration UI under the Audit menu:
Summary
The Cloud Connector allows you to monitor key metrics such as response times, resource utilization, and throughput. This allows you to optimize your application performance and to troubleshoot problems. It also provides altering and audit logging tools.