Argent Encyclopedia Monitoring Secrets for Sap c

© ArgSoft Intellectual Property Holdings, Limited. 1991 - 2010

ENCYCLOPEDIAMonitoring Secrets for SAP

......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................


ENCYCLOPEDIA

Monitoring Secrets for SAP



Contents

Argent Monitor For SAP Overview 3

Introduction 3

What to Monitor? 4

Availability Monitoring 5

SAP System TCP Port Listeners 7

Third-Party Applications 7

Server Hardware 7

Service and Process Monitoring 8

CCMS Monitoring 9

SAP CCMS Monitor Templates Monitor Set 14

Performance Overview Monitor 15

Operating System Monitor 17

Database Monitor 19

Security Monitor 20

Transactional RFC and Queued RFC 22

Appendix A – TCP/IP Ports Used by SAP Applications 24

Appendix B – Defining CCMS Communication Users 31

Procedure 31



Argent Monitor For SAP Overview

Introduction

Argent XT is a comprehensive monitoring and alerting solution that can SAP applications are based on the SAP NetWeaver application and integration platform. SAP enterprise applications can be deployed in a two or three-tier architecture. The three-tier client/server architecturegenerally consists of a presentation layer, an application layer, and a database layer. The SAP application layer contains the following components:

Central services - which include messaging (manages client con-nections and communications) and enqueue (SAP lock management) services.

Application services - that process online and batch workloads, which can be further categorized into the following types:

• ABAP: processes workloads based on an SAP proprietary programming language.

• Java: processes Java based workloads.

• ABAP + Java: processes both ABAP and Java based workloads.

The specific SAP product determines the type of application service required (ABAP, Java or both).

The above image illustrates the architecture of the SAP NetWeaver application server which includes both the ABAP and Java stack. Note that the two stacks can be installed separately or together.

Request for ABAP

Client(SAP GUI)

Client(SAP GUI)

Request for J2EE

Clie

nt (W

eb B

row

ser)

ICM

Disp

atch

erJ2

EEDi

spat

cher

SDM

TaskHandler

J2EEServer

Processes

J2EE Engine

ABAP

DBABAP

DBJ2EE

GatewayMessageServer

MessageServer

EnqueueServer

CentralServices

Work Processes

ABAP Engine

JCoFastRFC

Inte

rnet

3

Internet Communication Manager (ICM)

Handles communication between the SAP Application Server and the outside world via HTTP, HTTPS and SMTP protocols.

Central Services

Comprises message and enqueue services. There are separate central services for the ABAP and Java stack (image above shows two message servers, while the second enqueue server for the ABAP stack is not shown).

Dispatcher

Accepts requests from the ICM or external SAP clients and places them into a queue from which it distributes requests to other SAP processes to execute application logic.

What are a System, an Instance and all that?

A SAP Application Server system consists of one or more instances. An instance is a “server” in the sense that a user can connect to every instance individually. An instance typically consists of many running operating system processes that are connected by shared memory, TCP/IP connections on the local host and other means. All instances belonging to the same system are connected to the same RDBMS. A system has a three-letter name, the system identifier (SID).

Instances of a system do not have to be configured identically; instead, different instances may offer different services. Some services are unique in a system, i.e. only one instance is con-figured to offer these services (e.g. Enqueue, Message Server). A system may have an instance called “central instance”, which offers many of these unique services.

Every instance has a number between 00 and 99, the so-called instance number (abbreviated by InstNr or NN to indicate the numerical value). The installation default is 00. If more than one instance is installed on the same host, they MUST have different InstNr. InstNrs are usually part of the Port numbers to ensure that there is no conflict between instances.

An instance uses a number of TCP and UDP ports for internal communication. These ports are usually not configurable and not relevant for the “outside world”. They are interesting only in the rare case when a conflict with other software on the same host occurs. The InstNr for an instance can be chosen freely. Different instances belonging to the same system can have different InstNrs. The InstNr is chosen during the installation.



4

What to Monitor?

SAP defines the following areas as Key Performance Indicators for SAP Monitoring:

AvailabilityHeartbeat of a Technical Component.

PerformanceAverage General Response time.

Response times of particularly important subcomponents or actions.

Utilization CapacityHardware – CPU, I/O, Memory and Operating System.

Application – Memory and Processes.

Processing Queues.

ExceptionsShort Dumps.

SecurityUnauthorised Access.

Configuring thresholds for these KPI’s strongly depends on the busi-ness needs and on the IT scenarios. CCMS monitoring counters are configured with a default threshold, which can act as a good starting point. For instance, CPU utilization turns red at 98% CPU rate.

To find an appropriate threshold, store a performance counter for some weeks, and analyze the average afterwards. The average pro-vides an overview of the IT behavior. Finally, set the threshold 10-20% above or below the average, which indicates a clear deviation.

The following statements provide insights into the key and critical monitoring and performance in an SAP system:

SAP Service Monitoring

• Is the SAP service working well? What are the response times? Is any step slowing down the entire service interaction?

• Are the critical application processes running? What is their resource usage?

Network and System Monitoring

• How is the network performance impacting the overall service performance?

• Are the servers properly sized in terms of CPU, memory, disk activity, etc.?

• Are there any critical alerts in the system event logs?

Web Application Server Monitoring

• How many sessions are currently being handled by the SAP web/application server, and are there sufficient

processes configured to handle the load?

• Is the workload properly balanced across SAP web application server instances?

• What is the processing time of critical transactions on the server?

• Were there any errors while connecting to the R/3 server?

• Is the application server’s memory adequately sized? Is the free memory too low?

SAP R/3 Server Monitoring

• Are the buffers of the SAP R/3 server sized appropriately?

• Are there unusually high swap ins/outs?

• How many requests are queued waiting for free worker processes or data locks?

• Are there sufficient dialog processes configured to handle incoming user requests?

• Are there any ABAP dumps happening, indicating errors in the R/3 system?

SAP R/3 Database Monitoring

• Is the SAP R/3 database accessible?

• How are the critical cache hit ratios of the database server?

• Are any of the database table spaces reaching capacity?

The remainder of this document will cover how to use some of these key performance indicators and ways of addressing the above questions.



5

Availability Monitoring

Let’s take a look at some of the things that might affect the availability of the R/3 system on UNIX and Windows Operating Systems.

• UNIX OS Availability via SSH Logon Test

• Windows OS Availability via NetRemoteTOD API

These rules are provided via the Argent Guardian as shown below.

SAP System R/3 System Logon Test

The availability of the SAP R/3 system is a pre-requisite for using the SAP system for data processing. Suffice to say, that to establish connection to the SAP system, the system must be up and running. A simple way to ascertain this is to try and log on to the SAP system.

This Rule is part of the Argent Monitor for SAP and provides a syn-thetic user logon test that can be performed from any Argent Remote Monitoring engine installed on a Windows server – e.g. from a remotelocation



6

Each SAP server is defined in the Argent Master Catalog with the fol-lowing instance detail as shown below.

Application Server

Enter the address/name of the SAP server to monitor.

Router String (Optional)

If the connection is being made through a router, enter a router ad-dress string; find the router address using the SAP Logon tool from the SAP Client software. Open the Logon console, select the server to monitor and then select Properties to view the router address; otherwise leave it blank.

System Number

Enter the System number for the SAP server. A default system number of 00 is typically used.

Client Number

Enter the Client to use for connecting to SAP. A default client of 800 is typically used.

Logon

Enter the Username required to connect to the SAP server. This user must have authorization to access CCMS metrics.



7

Password

Enter the Password required to connect to the SAP server.

System Name

System Name functional reference.

SAP System TCP Port Listeners

Utilise a Scan Specific Port Test to check SAP Dispatcher or any other SAP Application Listeners.

See Appendix A for other TCP Ports used by SAP Applications.

Third-Party Applications

Apart from potential problems within the R/3 environment there are numerous dependencies from multiple systems to ensure maximum performance of the network, hardware and operating system, data-base (s) and applications.

Numerous other applications with interfaces to R/3, for example mes-saging systems such as Microsoft Exchange or Lotus Notes or Internet Server such as Microsoft IIS, can impair performance and availability of the systems. Even failure of automated backup solutions such as Legato’s NetWorker, Computer Associates’ ARCserve IT or Veritas’ Backup Exec may cause adverse effects on the SAP R/3 system.

These systems should be monitored using standard best practice, which are the monitoring of Availability, services, processes and critical performance metrics within these applications.

SAP Web Portals can be monitored by using the Argent Defender to simulate users’ transactions and to alert on any http based errors.

Server Hardware

The hardware components which run the SAP R/3 system must be monitored. Some events such a fan failure or physical disk errors often result in unplanned system failures. It is essential to monitor hardwarehealth to ensure availability of the SAP R/3 system.

Hardware can be achieved by using the vendor supplied hardware monitoring agents (such as HP SIM Agents, Dell OpenManage Agents or IBM Director Agents) to forward SNMP Traps to the Argent Console.



8

Service and Process Monitoring

The services or processes of the SAP R/3 system are a pre-requisite for the SAP system for data processing. Suffice to say that to establish connection to the SAP system, the system must be up and running.

Some of the processes that might affect the availability of the R/3 sys-tem on UNIX and Windows operating systems will now be examined.

• Windows Services that run SAP systems

Any windows service can be monitored and alerted if it has an issue.

• UNIX Daemons / processes that run SAP Systems

Any shell script can be used to monitor the underlying Operating System metrics such as Disk, CPU, Memory, Daemons and

Processes.

R/3’s critical processes

There are quite a few areas that might impair availability and perfor-mance of the SAP R/3 system. The most critical components whose availability should be monitored are R/3 Message Service and R/3 Dispatcher Service.

• A message service failure, the system cannot respond to enquiries.

• A dispatcher service failure, at least one application server will no longer be available.



9

CCMS Monitoring

Transaction RZ20 allows monitoring of all systems in the SAP system landscape. Using transaction RZ20, all defined alerts can be moni-tored. Furthermore, the CCMS monitor provides a current status view and open alert view which displays recent reporting data and history information respectively.

Monitor - Collection of MTE (Monitor Tree Elements), assembled in a hierarchy

MTE

Monitor Tree Elements are knots in the monitor tree. There are three different kinds: monitor attributes, monitor objects and monitor collec-tions.

Monitor Objects

Represent objects which can be monitored. They can be database table-spaces, hard disks or SAP System components.



10

Monitor Attributes

These are the basic elements in the monitor tree. They describe the status of the monitor objects. Four different kinds exist: Performance, Status, Protocol and Text.

Argent’s CCMS Rules use the SAP BAPI interface, opening up a wealth of SAP metrics. Using an installed SAP GUI on the Argent MAIN Engine or an Argent Remote Monitoring, the information necessary to buildcustomized Argent monitoring Rules can be found.

Example

To monitor the CPU Usage of the SAP instance, use the SAP GUI to determine the System Name, Counter Name, Object Name, and MTE Name needed. In the SAP GUI, log onto the target system and expand the Tools folder under SAP Menu. Then expand CCMS, and Control/Monitoring.



11

Next, double-click CCMS monitor sets. On the resulting screen expand the SAP CCMS Monitor Templates folder, and double-click the Operat-ing System item.

If not already expanded, expand the Server_Name_ERP_00 folder and locate the CPU item and CPU_Utilization beneath it. Right-click CPU_Utilization and choose Properties.



12

The Properties and Methods page contains the detail needed.

In the Argent SAP Monitor, create a new CCMS Rule called CPU_OVERLOAD.

To the right of the CCMS Rule Is Broken If, click the New button (the first button on the left), to bring up the CCMS Rule Criteria dialog box.



13

Enter the corresponding information from the Monitoring: Properties and Methods screen, as shown below.

NOTE: The information to be entered here is case-sensitive.

Argent can create CCMS rules using either Numeric or Text criteria.

However only Numeric data can be saved to the Argent Predictor data-base, this will provide reporting and trending of the numeric data.

Both Numeric and Text can be used to generate Alerts to notify Sys-tems Administrator.



14

SAP CCMS Monitor Templates Monitor Set

Consult the SAP Basis Admin to obtain Monitor Set and Monitor names or follow the process shown above. The Monitors are configured in SAP using RZ20 transaction. Choose what metrics to monitor, what alerts to capture, what App servers to include in the SAP Monitor using RZ20.

The following provides a list of categories that are available:

• Availability and Performance Overview Monitor

• Background Processing

• Buffers - The various SAP buffers, their hit rates, and swap rates

• Change and Transport System

• Communications - Data transfers (SAPconnect, SAP Gateway, ALE, LDAP, RFC)

• Data Archiving - Monitored data archiving sessions

• Database - table status, performance, backups, data consistency

• Dialog Overview - dialog system, broken down by performance attributes

• Dialog per Application Server - dialog system, broken down by application servers

• Entire System

• Filesystems

• Operating System - Operating system data for any application servers and host systems

• Performance Overview - important values about performance and possible causes of problems

• Security - Security Audit Log and security-relevant messages in the system log

• Spool System

• Syslog – provides system messages

• System Configuration

• System Errors - Information about the most important error messages of the system

• Workload Collector

Now the more important Monitor sets will be reviewed.



15

Performance Overview Monitor Use the Performance Overview monitor to obtain the most important values about the performance of the application servers of in the system and to identify possible causes for performance problems it is highly recommended that at least these metrics are added as Rules to the Argent Monitor for SAP.

ResponseTime

The dialog response time consists of the period of time from the request of the dialog to the dispatcher through the processing, to the ending of the dialog in the dispatcher and the transfer of the data to the presentation layer. It also includes the time used during the roundtrips for data transfer from the front end to the application server and back.

An alert here indicates a performance problem. The problem can have many different causes, and it is therefore necessary to perform a thor-ough analysis. First ensure the application server is not overloaded.This is measured, for example, using the statistics for CPU perfor-mance, system paging, and dialog work processes. Another possible bottleneck is the database; ensure that the database performance is adequate.



16

Possible corrective measures are:

• Distribute users onto another (additional) application server.

• Encourage users to schedule long-running reports or other actions as jobs in times outside the peak workload times.

• Add work processes (preferably through operation mode switching).

• Move parallel background processing jobs to times outside the peak workload times.

An alert for FrontendResponseTime when there are normal values for the ResponseTime means that the problem must be at the front end or with at connection to the application server.

UsersLoggedIn

Number of users logged on. The system will have an optimum number of users that it can deal with without affecting the overall load of the system.

QueueTime

Average time in the dispatcher wait queue.

Load+GenTime

Average load and generation time of CUA objects.

DBRequestTime

Average time for processing logical database requests.

R3RollUsed

Usage of the roll area as a percentage. The roll area is a memory area of a fixed, configurable size that belongs to a work process; it contains user-specific data and is the first memory that a work process obtains.

EsAct

Utilization of the extended memory as a percentage. The extended memory contains the largest part of the user context. The page man-agement of this memory is performed not by the operating system, but directly by the SAP system.

HeapAct

Utilization of the private memory as a percentage. A work process is only assigned private memory if the roll area and extended memory are occupied; the work process is then reserved for the current user context until the end of the trans-action (PRIV mode). Performance problems occur if too many dialog work processes are running in PRIV mode.

Program\Swap

Swap rate of the program buffer.

CPU_Utilization

Average utilization of the CPU on a host as a percentage.

Page_In

Average number of page-ins per second.

Page_Out

Average number of page-outs per second.



17

Operating System Monitor

This monitor set will monitor operating system data for any application servers and host systems. The values are collected by the operating system collector SAPOSCOL; these metrics could be collected from the OS directly using the Argent Guardian. The monitor contains the following monitoring tree elements (MTEs):

CPU_Utilization

Average usage of the CPU in a host system; the value shows how intensively the CPU is used and how much processing capacity is still available.

5minLoadAverage

Average number of processes in a host system that are ready for execution but must wait to be processed by the CPU.

Idle

Idle time for all CPUs in the system.

Paging

Exchange of data pages between the main memory of a host system and the overflow store in a paging file on the hard disk; paging occurs if the main memory is not large enough for the contexts of all runningprocesses.

Page_In

Average number of page-ins per second; a page-in occurs if a process must access a data page that is not available in the main memory. Be-fore the process can be continued, the operating system must retrieve the page from the paging file.

Page_Out

Average number of page-outs per second (page-out occurs if a page is stored out of the main memory to make room for the pages required by other processes).

Commit_Charge

Total physical and virtual memory used by the OS and programs (Windows).

Commit_ChargeFree

Available commit charge: difference between the maximum available and the currently used commit charge (only for Microsoft Windows):

• Commit_Percent Proportion of the maximum available commit charge used

(Windows).

Swap_Space

Storage space on the hard disk on which data that is not cur-rently required is stored out of the main memory, so that there is space in the main memory for the program currently being executed (only for UNIX platforms):

• Freespace Free swap space (only for UNIX platforms).

• Percentage_Used Percentage usage of the swap space (only for UNIX plaTforms).

OS_Collector State

Status of the operating system collector SAPOSCOL.

Packets_In

Incoming packets per second in a LAN at the interface of a host system.

Packets_Out

Outgoing packets per second in a LAN at the interface of a host system.



18

Collisions

Collisions in the LAN, in which two stations transport a packet at the same time on the same channel; this leads to the destruction of both packets and means that they must be sent again.

Monitored Processes

Monitored processes on this host. The following shows a process monitoring example from a SAP Whitepaper and will allow the addition of processes on the SAP Host to be added to the RZ20 Monitoring Tree.

This Monitored Process MTEs can be configured to be monitored within the Argent Monitor for SAP by defining a custom CCMS Rule.

This process is an example only and may vary depending on the ver-sion or SAP and the CCMS agent installation.



19

Database (view in RZ20)

<DB System> space management performance backup/restore R/3 consistency running jobs health

DB02

ST04

DB13

DB12

Backup logs

0

2

4

6

8

10

0 2 4 6 8 10

Database Monitor

Another component to be monitored and managed is the SAP R/3 data storage, in most cases Oracle or Microsoft SQL Server. The SAP Com-puter Center Management System™ (CCMS™) offers a good view ofthe health of the database, especially SAP R/3 utilization figures. However, various other metrics not being monitored by CCMS can also have a significant impact on availability and performance.

The database has a significant effect on the performance of the entire system. Therefore, transaction RZ20 provides information concerning the database system.

• Space management will monitor table spaces and segments

• Performance to monitor optimizer statistics, buffers, logs, and checkpoints

• Backup/restore to monitor database and redo log backup

• Consistency to check the consistency between the indexes, database objects, and database tables

• Health to monitor BRCONNECT database system checks

Also from an Operating system perspective we should monitor any log file used by the database system via the Argent Data Consolidator, such as:

• Oracle Alert Log

• SQL Error Log



20

Security Monitor

The monitor contains the following monitoring tree elements (MTEs):

Logon

System logon events reported by the Security Audit Log:

• Successful logons, unsuccessful logon attempts, and log offs by a user

• Locking of a user due to unsuccessful logon attempts, and the removal of the lock

RFCLogon

RFC/CPIC logon events reported by the Security Audit Log:

• Successful RFC/CPIC logon

• Unsuccessful RFC/CPIC logon attempt

TransactionStart

Transaction events reported by the Security Audit Log:

• Transaction started and failed transaction start

• Transaction locked or unlocked



21

ReportStart

Events connected with starting reports reported by the Security Audit Log:

• Successful start

• Failed start

RFCCall

Events connected with calling Remote Function Calls (RFCs) reported by the Security Audit Log:

• Successful call

• Unsuccessful call

UserMasterRecords

Events connected with changes to user master records reported by the Security Audit Log:

• User deleted, locked, or unlocked

• User master or authorizations of a user changed

• Authorization/authorization profile created, changed, or deleted

System

Events connected to system parameter changes reported by the Security Audit Log:

• Configuration of the Security Audit Log changed

• Application server started or stopped

Miscellaneous

Other events reported by the Security Audit Log:

• Download of a file

• Call of a digital signature

• Test message

System Log Messages

Messages in the system log for the security category; the category in which a message is reported can be selected, the message text, and the severity and criticality of the alert using the message ID in transac-tion SE92

The system records security-relevant actions in the Security Audit Log. Decide which actions are recorded there and which should trigger an alert in the Alert Monitor on the Security Audit Log configuration screen(transaction SM19).



22

Transactional RFC and Queued RFC

Function calls between systems; the call is only executed once in the target system, and either all or no calls of a Logical Unit of Work (LUW) are performed; queued RFC also guarantees the chronological processing of RFCs. Transactional RFC and queued RFC are variants of the Remote Function Call that make the data transfer between differ-ent systems more reliable and more secure.

Total Calls –

Number of tRFC and qRFC calls that are waiting to be executed in this system. This should have a rule set that would represent a satisfactory number of calls that the system can handle.



23

The following MTEs have the following procedural processes that can be used for troubleshooting.

ARFCSSTATE: Outbound tRFC Calls

The transaction Transactional RFC (SM58) is assigned as analysis method to all MTEs of this monitoring object. This tool lists only those transactional RFCs that could not be carried out successfully or that had to be planned as batch jobs.

Calls w/Communication Errors – CPICERR

Errors often occur in this attribute when an instance is shut down for maintenance. Once the instance is available again, the calls are auto-matically processed. If this is not the case, check the RFC connectionusing the Display and Maintain RFC Destinations transaction (SM59).

Calls w/ Execution Errors – SYSFAIL

Errors in the execution of RFC calls are often caused by errors in the programs. These errors must therefore usually be individually pro-cessed.

Calls w/o Server Resources – SYSLOAD

RFC calls with the status SYSLOAD are automatically scheduled in a job. For more information about SYSLOAD status, see SAP Note 319860.

ARFCSSTATE: Inbound tRFC/qRFC Calls

For information about possible statuses and problems for table ARF-CRSTATE, see SAP Notes 378903 and 366869.

Outbound Queues, Inbound Queues

Start the assigned analysis method. For the MTEs of this monitoring object, this is transaction SMQ1 orSMQ2 (qRFC Monitor).

QIN Schedulers: Errors, QOUT Schedulers: Errors

Start the assigned analysis method. For the MTEs of this monitoring object, this is transaction SMQR or SMQS (QIN/QOUT Scheduler).

Service

The name or identifier of the network services provided by SAP programs.

Port Number / Service Name

For each service, we list the port number associated with this service and if existent the rule used to compute port number and service name. Some ports have corresponding entries in /etc/services. If this is the case, we also list the service name. Some services use fixed port numbers, however most use a number that depends on some other value to allow multiple instances of the program running on the same host. Variable name convention (see below for explanation):

• NN is the instance number of the SAP Application Server instance (e.g. 32NN /sapdpNN means 3200 / sadp00 for instance no. 00)

• SID is the three letter system ID (e.g. sapmsSID means sapmsC11 for SAP system C11)

All ports are TCP ports except where UDP is indicated. UDP is used only for internal communication ON THE SAME HOST, never for communication across a network.

Most port numbers are configured by the installation proce-dure. In this case, the port number listed in the table is the one used by the installation procedure. Sometimes the installa-tion procedure allows changing the port number. In this case, the value is the one presented as a default by the installation procedure.

Other ports are not configured by the installation procedure. This is because the corresponding service can be used only after other manual configuration steps that cannot be carried out by the installation procedure. If a port is not automatically configured, this is indicated in the comment. To use the cor-responding service, set the port manually.

External

The most relevant ports are the ones used by programs that connect to the system, for example, SAP GUI or Web browser or other programs that communicate with the system. Those ports are labeled “external” – there are relatively few of them. The other ports are used for internal communication between components of the system.



24

Appendix A – TCP/IP Ports Used by SAP Applications

Default

The default port numbers are used all defaults presented by the instal-lation procedure are accepted.

Range

The port range indicates the minimum and maximum port number for this service. Not all numbers in this range may be valid ports for this service.

Fixed

The column labeled “fix” indicates that SAP does not support chang-ing this port number. If a conflict occurs, chose a different instance number to avoid occupied ports.

Comments

If appropriate, a brief explanation on the service, the port numbers used or the installation and configuration options.



25

SAP Application TCP Port Tables



26



27



28



29



30



31

Appendix B – Defining CCMS Communication Users

Users with particular, restricted authorizations are required in all ABAP systems in the system landscape for communication between the central monitoring system (CEN), the monitored systems, and CCMS agents.

RFC calls are triggered from CEN to monitored ABAP systems to pull monitoring data. If agents are used in monitored ABAP systems, data is pushed to the central system. Data from non-ABAP systems and non-SAP components is exclusively pushed to CEN by local agents. Agents require a communication user in CEN to be able to log on to it.

SAP recommends the creation and use of the user CSMREG for this purpose in all relevant components. This user must be assigned the role SAP_BC_CSMREG. The user CSMREG is also used to register The CCMS System Component (SCR) with a central repository.

Roles Used in Central Monitoring

The following predefined user roles are available for displaying, setting up and performing central monitoring functions and for communica-tion:

SAP_BC_BASIS_MONITORING This role contains authorizations for displaying data for the central monitoring of an SAP system landscape using the CCMS monitoring infrastructure.

Various SAP tools are used to do this (SMxx, RZxx, and STxx transaction codes).

SAP_BC_CSMREG This role must be assigned to a communication user required by agents reporting to the central monitoring system. It provides specific, greatly restricted logon authorizations for CCMS agents in the central monitoring system.

Creating the CSMREG User

A user with specific, greatly restricted authorizations is re-quired to monitor remote systems for the monitoring archi-tecture. The user should have the User Type Communications. Argent recommends the creation and use of the user CSMREG for this purpose -- this user is required for the following tasks, for example:

• Performing the data collection in the monitored systems.

• Pushing the monitoring data from monitored systems that are connected to the central monitoring system using

CCMS agents.

• Registering a System Component Repository (SCR) with a central repository.

The CSMREG user must be created in all monitored systems; it is not created automatically. Procedure

1. Choose CCMS - Configuration - Alert Monitor, or call transaction RZ21.

2. Choose Technical Infrastructure - Configure Central System - Create CSMREG User.

3. Enter any password for this user.

If errors that indicate to a missing profile occur when creating the user, generate the profile for the role SAP_BC_CSMREG in transaction PFCG.



32

The role SAP_BC_CSMREG contains the following authorizations:

Authorization Object Field Value

S_CCM_RECV

S_RFC

ACTVT

TABLE

RFC_FUGR

RFC_NAME

ACTVT

P0-P2

*

FUGR

SALC

SALF

SALH

SALP

SALS

SAL_CACHE_RECEIVE

SYST

SCSM*

SCCMSBI_UTIL_FUNCTIONS

RFC1

SAPWLN3_COLLECTOR

SAPWLN3_UTILITIES

SCCMSBI_UTIL_FUNCTIONS

SWNC_GLOB_SYSTEM

16

Note: ArgSoft Intellectual Property Holdings Limited has created this White Paper for informational purposes only. ArgSoft Intellectual Property Holdings Limited makes no

warranties, express or implied, in this document. The information contained in this document is subject to change without notice. ArgSoft Intellectual Property Holdings Limited

shall not be liable for any technical or editorial errors, or omissions contained in this document, nor for incidental, indirect or consequential damages resulting from the

furnishing, performance, or use of the material contained in this document, or the document itself. All views expressed are opinions of ArgSoft Intellectual Property Holdings

Limited. All trademarks are the property of their respective owners.

Argent Encyclopedia Monitoring Secrets for Sap c

Documents

Argent Encyclopedia Monitoring Secrets for Sap c