How Amazon WorkSpaces Clients Can Set up Notifications to Detect Anomalies at Scale Across a Remote Workforce

BY:

Oct 27, 2021

Amazon WorkSpaces allows customers to configure alerts in case any connectivity issues arise, which helps quickly recognize and remedy the problem.

Key Takeaways:

  • Amazon WorkSpaces is a desktop virtualization service that enables users to access the applications, data, and resources they need to work from anywhere at any time. 
  • If a connectivity issue arises while using a remote workspace, there can be a variety of causes at play and precious time can be lost trying to identify the root cause.
  • Amazon WorkSpaces gives users the option to configure notifications for anomaly detection regarding user connectivity via its Amazon CloudWatch service.
  • The Amazon CloudWatch not only informs you about the existence of a connectivity problem but also about the scale of the user base affected by the problem. 

Amazon WorkSpaces is a secure Desktop-as-a-Service (DaaS) solution that is fully managed and works on Amazon Web Services. Amazon WorkSpaces functions within an Amazon Virtual Private Cloud (VPC), which means no work data is stored on the local drive — leading to increased security.

Amazon WorkSpaces clients can use the strong scalability of the service to swiftly provide working desktops to thousands of users located across the globe. 

With so many users working remotely within the Amazon WorkSpaces framework, numerous challenges are bound to emerge. Software and hardware configuration alterations are expected to cause occasional problems, but in addition to those, network outages with numerous origins are also a possibility.  

With a disconnected workforce, there can be delays in receiving user feedback, leading to hassles in the identification of the root cause of the problem. 

However, with the use of Amazon CloudWatch, Amazon Workspaces clients can configure notifications to alert them to user connectivity anomalies and their scale. 

What is Amazon CloudWatch?

Amazon CloudWatch is the observability and monitoring service of Amazon Web Services (AWS). In 2019, AWS enhanced CloudWatch by adding a new feature: CloudWatch Anomaly Detection

The anomaly detection service employs Machine Learning to automate the creation and maintenance of CloudWatch Alarms. The anomaly detection feature also determines normal and abnormal behavior for a particular metric. 

Initial requirements to set up Amazon WorkSpaces anomaly detection

First, you need to have an Amazon Web Services account. You’ll also need to have one or more directories with a minimum of one workspace (WSP and PCoIP are both supported) launched under each directory. AD connector, Simple AD, and AWS-managed Microsoft AD are all supported directories. 

To view and create CloudWatch alarms, IAM access is required as well. 

Implementation of the anomaly detection mechanism

The first step of implementing anomaly detection is to identify the WorkSpaces that need to be monitored. You’ll also have to identify the corresponding directories used to launch the identified WorkSpaces. Then proceed with these three steps to complete the implementation.

1. Verification of the WorkSpaces directory

To verify the directory used by your WorkSpaces, log in to the Amazon WorkSpaces console, go to the navigation pane, and click on Directories.

Now verify the number of directories registered with WorkSpaces. If you have one registered directory, you can proceed to identify the CloudWatch metric for the anomaly alarm. 

If there is more than one directory, check which directories have been registered for use with WorkSpaces by clicking on WorkSpaces in the navigation pane. After clicking on WorkSpaces, you can go to the top right corner and click on the gear icon to find the Show/Hide columns menu and tick the check box next to the Organization Name. Once this option is selected, each WorkSpaces directory is listed. This lets you verify the username of WorkSpaces associated with each directory.

2. CloudWatch metric identification for the anomaly alarm

Log into the Amazon CloudWatch console and click on Metrics in the navigation pane. Select the WorkSpaces from the list followed with By Organization Name. You can observe that each of your DirectoryIDs is linked to a UserConnected metric. Select the metric for each directory that has the WorkSpaces you would like to monitor. 

If not already selected, change the  Statistics to Sum in the Graphed Metrics tab.

Now change the graphed data timeframe viewed to up to a week or longer. Make sure to observe and note the maximum number of WorkSpaces with connected users at a single time.

3. CloudWatch anomaly alarm creation

Find the option of Alarms in the Amazon CloudWatch console. Click on Alarms and then click on create alarms. Click Select Metric in Step One of the wizard. Now go to WorkSpaces > By Organization Name and find the metrics you identified previously.    

You can choose only one metric per alarm, select one of your directories and Select metric. Change the selected metric Statistic to Sum.

Now, change the threshold type under Conditions to Anomaly Detection and set the option Whenever UserConnected is to Lower than the band. 

The Anomaly detection threshold value should be constrained to the lowest number that would not result in an alarm in normal conditions. After setting the value, click Next, which will take you to the next step of the wizard.

In Step Two, select an Alarm state trigger of In alarm and select an existing SNS topic or create a new one to present a notification when an anomaly happens. Now click Next to proceed to the next step. 

Step Three asks you to provide a name for the alarm. It is recommended to include the Directory ID in the name, which the alarm is monitoring.

Moving on to Step Four, confirm the chosen settings and select Create Alarm to finalize the process.

Once the alarm is created successfully, all the WorkSpaces in the directories that you have set alarms for will be monitored. In an event when the connection count falls below average plus the threshold for a mentioned time, the alarm will alert you to the issue and also to the intensity of its impact on the users. 

CloudHesive is an Amazon Managed Service Partner that can give you expert guidance in your cloud-based business transformation and AWS requirements. Contact CloudHesive today.

Related Blogs

  • This photo shows a plastic box with a slot in it. A man’s hand is inserting a smart card into the slot." alt="">
    Use a Smart Card to Access Amazon WorkSpaces With WSP

    Reduce the human risk in your WorkSpaces security policy by enabling smartcard login for Windows and Linux with WorkSpaces Streaming Protocol Key Takeaways: Amazon Workspaces users with Windows or...

    Learn More
  • Set in a customer service call center, this image shows a female supervisor coaching a male customer service representative by talking while pointing at the computer screen. The customer service representative is typing as she speaks." alt="">
    Alert Supervisors in Real-Time With Amazon Connect Contact Lens

    Set up rules in Amazon Contact Lens that listen for commonly used words and phrases, notify a supervisor when they come up, and help solve the issues fast. Key Takeaways: By setting rules in Contact...

    Learn More
  • A depiction of a remote workforce connected via Amazon WorkSpaces." alt="">
    How Amazon WorkSpaces Clients Can Set up Notifications to Detect Anomalies at Scale Across a Remote Workforce

    Amazon WorkSpaces allows customers to configure alerts in case any connectivity issues arise, which helps quickly recognize and remedy the problem. Key Takeaways: Amazon WorkSpaces is a desktop...

    Learn More