Enhanced analytics in Maestro

Working with Maestro involves lots of processes and actions. To be in full control of your virtual infrastructures and to be able to plan your further activities based on trends, it is very important to receive timely and detailed information on the state, performance, and costs of your virtual resources.

Maestro includes advanced analytics both in Maestro UI and its reporting system.

Analytics dashboard

Analytics dashboard provides cloud users with the real-time data about their infrastructures and costs.

Structurally, the Analytics dashboard is a collection of widgets with relevant data. There are three types of widgets – table for displaying data in the table form, graph for displaying data in the graphical form (for some widgets, you can switch between the two types), and metrics for displaying different metrics. These widgets can be rearranged on the dashboard (with the exception of the fixed ones), added to the dashboard via the Manage widgets wizard. All the graphs have a built-in legend.

This is the default content on the Analytics dashboard:

  • Daily aggregated cost shows the costs for your tenant infrastructure for the current day.
  • Tagged/untagged resources systemizes the relation between the costs for tagged resources (= resources with any tags) and untagged resources (= resources without tags).
  • Top costs by regions lists the regions with the highest costs in your tenant during the previous 3 months.
  • Top costs by services lists 15 services with the highest costs in your tenant during the previous 3 months.
  • Top costs by storage lists types of storages with the highest costs in your tenant during the previous 3 months.
  • Resource costs visualizes the total costs of different resource types billed to your tenant during the previous months.
  • Monthly quotas shows the monthly quota level on your tenants, by regions.
  • Account optimization ratio visualizes the time your tenant instances spend in running state during the latest closed billing month.
  • Instance lifetime provides the lifetime of the instances existing in your tenants.

Besides these widgets, the Analytics dashboard also displays the data from the security centers activated on your tenant:

  • Native security center statistics displays security issues discovered by the native security centers, marked by the issue severity level.
  • Security rule engine statistics gives statistics on vulnerabilities detected within the tenant-level check.
  • Qualys CloudView statistics displays the passed and failed checks performed by Qualys for the selected tenant.

Some widgets on the Analytics dashboard are interactive and allow you to change the view or drill into the details of their datasets. Thus, in billing-related tables, you can switch between general data views, sort the data, and proceed to the Reporting tab to view the details on a specific number:

The re-direction to the Reporting tab can be with one of the following configurations, according to the selected data and review the billing data in detail:

  • top cost by regions
  • top cost by services
  • top cost by owner
  • top cost by environment
  • top cost by stack

For security-related widgets, you can click on the widget data, view the check details and request the detailed report:

Analytics dashboard also provides some illustrative statistics on lifetime and active usage of your instances.

Instance lifetime provides the lifetime of the instances existing in your tenants. Instances that have been created long ago can be reviewed for optimization from two viewpoints:

  • Whether the instance created long ago is still actively used (or was created and forgotten, without any useful utilization);
  • Whether the instance created long ago and still used can be migrated to another capacity type (for example, new AWS instance type). As the cloud providers regularly review and update their capacities libraries, they provide new instance families which are more efficient and less expensive than the previous generations. Thus, migrating to a new type may result into a benefit in terms of both costs and performance.

Account optimization ratio provides the information on the time your tenant instances spent in the running state during the last closed billing month.

These statistics show whether instances active usage patterns should be reviewed.

Usually, a virtual machine is used during working hours, which is 8-15 hours a day. When an instance spends more time up and running, it is possible that there is time when it is underutilized. Setting up a proper schedule will allow decreasing costs for infrastructure without performance lost.

If an instance is stopped, it is still billed. If an instance spends too much time in the stopped state, it may be reviewed to check whether the start/stop usage approach can be replaced with create/terminate one – so that a new instance is created once the capacity is needed, and terminated once the tasks are done.

Updated expenses report

Expenses reports – Expenses Forecast and Monthly Expenses reports – were upgraded with new sections that will show the costs billed for tagged and untagged resources on the tenant with the details given for the cloud-specific tags.

These sections aim at helping Maestro users to optimize the resource management on their tenants as applying tags to resources with further actions like scheduling by tag is one of the basic optimization steps.

The graph systemizes the relation between the costs for tagged resources (= resources with any tags) and untagged resources (= resources without tags). Detailed data by exact tags come below in the report in the separate sections:

Each separate section described one of the tags. Tags are cloud-specific i.e., reports for different cloud providers will include different sets of tags. For example, these tags might be reported – m3-owner, employee, environment, stack tags like aws:cloudformation, project, application, etc.

Each section consists of a short description of a tag with best practices for its usage followed by a table with the cost data. For example:

  • m3-owner is a tag set at the moment of the instance creation. We recommend setting this tag because it allows reviewing whether exact tenant members use their cloud resources in an optimal way. The table shows only key values with the greatest costs for them. The table excludes key values with the costs below USD 0.3. Key values with the costs greater than USD 25 are marked in bold.
  • environment is a tag that specifies in which environment the instance is run. We recommend setting this tag so that you can differentiate between the cloud infrastructures in different environments required by your production needs. The table shows only key values with the greatest costs for them. The table excludes key values with the costs below USD 0.3. Key values with the costs greater than USD 25 are marked in bold.
Each description includes the threshold values the cost below which are not included into the report. High costs are also indicated:

The tag sections do not show all the tags existing in a tenant because not all the tags answer two basic requirements – a) be short and readable and b) be informative. All the tags are added to the attachments – in the form of the .csv file with the costs billed for all the tags existing on the tenant. Tag keys and values are arranged by costs, from higher to the lower ones.

Detailed instance report

Detailed instance report provides Maestro users with the detailed information about their instances including the instance parameters, security groups and scan results, storages and tags, and metric data. The report is generated when you press the Send details button in the content view on the Management tab.

The most important part of this report is the instance composite risk status and the rules compliance data.

Instance composite risk status indicates whether any major actions are required for the instance. It is measured from MIN to MAX and is calculated based on the rules compliance data:

Rules compliance data describes the results of the complex instance audit performed by Maestro regarding the instance's usage, security, and costs. Such an approach provides you with a 360° panoramic view of your instances. Based on best practices of respective Cloud providers, Maestro checks hosted instances according to a list of rules and provides the findings of the last scanning. Principal attention should be paid to the to the findings with the CRITICAL and HIGH priority: Such findings must be fixed as soon as possible.

Here are the rules against which the instance is assessed:

Vulnerability scan results: For vulnerability scanning, Nessus and Qualys scans are used, if activated. The results are displayed based on the most severe scanning risk factor. CRITICAL risk factor is applied if the instance was never scanned, failed scanning, or if the last scanning was performed more than 60 days ago.

Instance tags: System and custom tags are necessary for the instance cost optimization. CRITICAL risk factor is shown in case no system tags are set for the instance. MIN risk factor is shown for instances with system tags. If the instance was created less than 7 days before scanning (it is considered newly created), it will have the MEDIUM risk factor even with no tags.

Instance costs: Maestro identifies top 10 instances in the tenant with the greatest costs. The risk is calculated based on these results. CRITICAL risk factor is shown for these top 10 instances. MIN risk factor is also shown for instances that did not land in top 10. However, if the instance landed in top 10 with costs less than 15 USD, the MIN risk factor will be shown for it as well.

Lifetime: Maestro recommends using instances for a short period for better performance. 1 month is a preferable instance lifetime period. MIN risk factor is shown for instances less than 7 days old, LOW for instances less than 1 month old, MEDIUM – for instances 1 to 3 months old, HIGH – for instances 3 to 6 months old, and CRITICAL for instances that exist longer than 6 months.

Instance schedules: In order to optimize the cloud infrastructure costs and save the tenant money, Maestro recommends using schedules according to your workload patterns. CRITICAL risk factor is shown for instances with no schedules. MIN status is shown for instances with schedules. If there are no schedules, but the instance is less than 7 days old, its risk factor is LOW.

Ownership: Instance ownership helps identifying the key person to deal with its possible issues and optimize its costs and usage. If the instance has no owner tag, the CRITICAL risk factor is shown. This status is also set if there is an owner, but (s)he does not have the key. If there is an owner tag but it is same as the default owner, the HIGH risk factor is shown. MIN risk factor is shown for instances with an owner tag and an available key.

Besides these, the report includes other sections:

  • Instance identifier data contains the most important data (ID, IP address, DNS name) used for instance identification.
  • Instance security scan results shows the results of security scans performed for the instance by different scanners. The results are sorted by the scanning platform.
  • Basic parameters sums up the basic instance parameters.
  • Storage data sums up the information on the instance's storage volumes and their current state.
  • Tags contains two tables, one listing tags on the current instance, and the one displaying tags used by different cloud providers to enable detailed analytics on environment, owner, and resource group.
  • Security groups lists the security groups assigned to the instance.
  • Metrics visualization graphs give the results of monitoring your instance in terms of the CPU utilization and Network traffic metrics.

We keep enhancing Maestro to provide the best services to our users.

;)

Comments

Popular posts from this blog

Maestro Analytics: Essentials at the Fingertips

Maestro: Greeting the Green Dragon

Maestro Orchestrator: Product? SaaS? Framework!