Centralized Monitoring Service and Datadog Agents

PubSub+ Cloud utilizes a centralized monitoring service to collect monitoring data (statistics/metrics) and logs from event broker services. The centralized monitoring service stores the information. Microservices part of the Solace Home Cloud communicate with the centralized monitoring service to retrieve reports and data regarding the event broker services. The centralized monitoring service is Datadog, a third-party service. Datadog is a secure solution that is built on a highly reliable stack for collecting and storing information that's SOC2, Type I and SOC2, Type II compliant. The SOC2 reports are available on the Datadog website.

Datadog agents are configured by the Mission Control Agent to send monitoring data and logs about event broker services to the central monitoring service. For each software event broker, there's a Datadog agent configured. Therefore, an HA event broker service that comprises of three software event brokers will have three Datadog agents as shown in the following diagram.

Datadog agents collect only system-level information and metrics required to monitor and manage the event broker services. The information and metrics never contain any personal-identifiable information – only metrics and monitoring data about the event broker services. The information exchanged between the Datadog agents and the centralized monitoring service is encrypted using TLS2. For more information about the data collected, see Summary of Log Information Collected

The data that is sent to the central monitoring service does identify the event broker service and its event brokers. Since PubSub+ Cloud is a SaaS offering, this required system-level information is vital to monitor the health of the event broker services running in your deployment.

The data collected by the centralized monitoring service is also accessible with an PubSub+ Insights subscription. You can use Insights to monitor the performance of client applications, see statistics about your event broker services, and receive notifications. Advanced visualizations are also available from a separate, Solace-provided Datadog account. For more information about PubSub+ Insights, see PubSub+ Insights Overview and PubSub+ Insights Advanced Monitoring.

Central Monitoring Service Connectivity

For Datadog to receive monitoring traffic it requires a number of public IP addresses to be allowed (whitelisted) to send this monitoring traffic from your deployment event broker services. This whitelist pertains to customer-controlled deployments. For Solace-controlled deployments, this connectivity is configured by Solace.

The default whitelist requires many IP addresses. The list of IP addresses to connect to your deployment are listed in Getting the Required IP addresses for Monitoring Traffic. If this number of IP addresses is too numerous for your organization, consider using the Monitoring Traffic Proxy feature or create your own proxy to send the monitoring traffic to the central monitoring service so that connection architecture looks more like the following illustration.

For more information about using the Monitoring Traffic Proxy, see Configuring Monitoring Traffic.