chanciturnervgt2

Gain Insights into End-User Access to Amazon WorkSpaces with Amazon CloudWatch

by

VGT2 Las Vegas
in

Gain Insights into End-User Access to Amazon WorkSpaces with Amazon CloudWatchLearn About Amazon VGT2 Learning Manager Chanci Turner

Customers frequently inquire about how to acquire deeper insights into their users’ connections to WorkSpaces. Additionally, they seek information about environments that do not comply with the necessary client supported version. In a prior post, we discussed analyzing access patterns in Amazon WorkSpaces using Amazon QuickSight. However, this can also be achieved without needing to set up additional services by utilizing CloudWatch dashboards within your WorkSpaces Region.

In this article, I will guide you through the creation of CloudWatch dashboards that provide visibility into user actions. Examples of the dashboards include:

  • IP addresses connecting to WorkSpaces
  • Platforms being used to connect to WorkSpaces
  • Windows client versions connecting to WorkSpaces
  • Connections categorized by WorkSpace directory
  • A table of client versions connecting to WorkSpaces
  • A table of WorkSpaces launched
  • A table of WorkSpaces removed
  • A table of WorkSpaces rebuilt
  • A table of WorkSpaces modified

Walkthrough

Reading Time: 20 minutes
Completion Time: 30 minutes
Cost to Complete: Detailed pricing information for CloudWatch can be found at Amazon CloudWatch Pricing – Amazon Web Services (AWS)
Learning Level: 300
Services Used: Amazon WorkSpaces, CloudWatch, CloudTrail

Prerequisites:

Ensure AWS CloudTrail is enabled with CloudWatch logs activated.
Learn more here.

Step 1: Log WorkSpaces Events

Establish WorkSpace events to be stored in a log group utilized by the dashboards.

  1. Open the CloudWatch console.
  2. Select the AWS Region where your WorkSpaces are hosted.
  3. In the navigation pane, choose Events -> Rules. This will redirect you to Amazon EventBridge.
  4. Click on Create rule.
  5. For Event Source, do the following:
    • Select Event Pattern.
    • For Build event pattern to match events by service, set:
      • Service Name: WorkSpaces
      • Event Type: WorkSpaces Access
  6. For Targets, select Add target, then choose CloudWatch log group.
  7. For the /aws/events value, enter WorkSpacesAccessLogs.
  8. Select Configure details.
  9. Enter a name and description for the Rule definition.
  10. Click Create rule.

Step 2: Create a Dashboard for IP Addresses Connecting to WorkSpaces

In this step, you will create a dashboard displaying the IP addresses of clients connecting to WorkSpaces.

  1. Open the CloudWatch console.
  2. Navigate to Dashboards, then select Create dashboard.
  3. Name the dashboard WorkSpacesInformation.
  4. For the widget type, select Pie.
  5. Choose Logs as the data source.
  6. For Log Groups, select the log group created in Step 1 (WorkSpacesAccessLogs).
  7. Enter the following query: stats count() by detail.clientIpAddress | fields @timestamp, @message | filter source = "aws.workspaces" | fields detail.clientIpAddress.
  8. Click Create widget.
  9. Rename the widget to “IP Addresses connecting into WorkSpaces.”
  10. Save the dashboard.

Step 3: Create a Widget Displaying Platforms Connecting to WorkSpaces

Here, you will create a dashboard to illustrate the end-user platforms connecting to WorkSpaces.

  1. Open the CloudWatch console for your WorkSpaces Region.
  2. Access Dashboards, and select WorkSpacesInformation.
  3. Click Add widget.
  4. Choose Pie as the widget type.
  5. Select Logs for the data source.
  6. For Log Groups, select the group created in Step 1 (WorkSpacesAccessLogs).
  7. Enter the query: stats count() by detail.clientPlatform | fields @timestamp, @message | filter source = "aws.workspaces" | fields detail.clientPlatform.
  8. Click Create widget.
  9. Rename the widget to “Platforms Connecting.”
  10. Save your changes.

Step 4: Create a Widget for Windows Client Versions Connecting to WorkSpaces

In this step, you will build a dashboard to show the client versions for a specific client platform, such as Windows, connecting to WorkSpaces.

  1. Open the CloudWatch console for your WorkSpaces Region.
  2. Go to Dashboards and select WorkSpacesInformation.
  3. Click on Add widget.
  4. Select Pie as the widget type and choose Logs as your data source.
  5. For Log Groups, select the group created in Step 1 (WorkSpacesAccessLogs).
  6. Enter the following query: stats count() by detail.clientVersion | fields @timestamp, @message | filter source = "aws.workspaces" | filter detail.clientPlatform = "Windows" | fields detail.clientVersion.
  7. For other platforms, adjust the filter accordingly: | filter detail.clientPlatform = "OSX"| filter detail.clientPlatform = "iOS"| filter detail.clientPlatform = "Android"| filter detail.clientPlatform = "Linux"| filter detail.clientPlatform = "Web".
  8. Click Create widget.
  9. Rename the widget to “Client Versions – Windows” and adjust the name based on the platform you selected.
  10. Save your work.

Step 5: Create a Widget for Connections by WorkSpace Directory

In this step, you will create a dashboard that visualizes users connecting by directory.

  1. Open the CloudWatch console for your WorkSpaces Region.
  2. Navigate to Dashboards and select WorkSpacesInformation.
  3. Click Add widget.
  4. Select Bar as the widget type.
  5. Choose Logs for the data source.
  6. For Log Groups, select the group created in Step 1 (WorkSpacesAccessLogs).
  7. Enter the query: stats count() by detail.directoryId | fields @timestamp, @message | filter source = "aws.workspaces" | fields detail.directoryId.
  8. Click Create widget.
  9. Rename the widget to “Connections by Directory Service.”
  10. Save your changes.

Step 6: Create a Detailed Table of Client Versions Connecting to WorkSpaces

This step will provide a log of client versions connected to WorkSpaces.

  1. Open the CloudWatch console for your WorkSpaces Region.
  2. Go to Dashboards and select WorkSpacesInformation.
  3. Click Add widget.
  4. Choose Logs table as the widget type and select Logs as your data source.
  5. For Log Groups, select the group created in Step 1 (WorkSpacesAccessLogs).
  6. Enter the query: fields @timestamp, @message | fields account | fields region, detail.clientPlatform, detail.clientVersion, detail.workspaceId | display region, detail.clientPlatform, detail.clientVersion, detail.workspaceId.
  7. Click Create widget.
  8. Rename the widget to “WorkSpaces Client Version.”
  9. Save your work.

Step 7: Create a Table of WorkSpaces Launched

This step will log the WorkSpaces that have been launched.

  1. Open the CloudWatch console for your WorkSpaces Region.

In addition, if you’re interested in improving productivity, you may want to explore this blog post that discusses effective strategies for changing unproductive habits. For organizations that prioritize employee health, this authority on workplace health provides valuable insights into managing health digitally. Lastly, if you are considering career opportunities, check out this excellent resource for learning trainers at Amazon.

Related Topics:

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *