Monitoring Secrets for SAP

Transcription

ENCYCLOPEDIA
ENCYCLOPEDIA
Monitoring Secrets
for SAP
© ArgSoft Intellectual Property Holdings, Limited. 1991 - 2010
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
ENCYCLOPEDIA
Contents
Argent Monitor For SAP Overview 3
Introduction 3
What to Monitor? 4
Availability Monitoring 5
SAP System TCP Port Listeners 7
Third-Party Applications 7
Server Hardware 7
Service and Process Monitoring 8
CCMS Monitoring 9
SAP CCMS Monitor Templates Monitor Set
14
Performance Overview Monitor 15
Operating System Monitor 17
Database Monitor 19
Security Monitor 20
Transactional RFC and Queued RFC
22
Appendix A – TCP/IP Ports Used by SAP Applications 24
Appendix B – Defining CCMS Communication Users 31
31
Procedure © ArgSoft Intellectual Property Holdings, Limited. 1991 - 2010
ENCYCLOPEDIA
Argent Monitor For SAP Overview
Internet Communication Manager (ICM)
Introduction
Handles communication between the SAP Application Server
and the outside world via HTTP, HTTPS and SMTP protocols.
Argent XT is a comprehensive monitoring and alerting solution that
can SAP applications are based on the SAP NetWeaver application and
integration platform. SAP enterprise applications can be deployed in a
two or three-tier architecture. The three-tier client/server architecture
generally consists of a presentation layer, an application layer, and
a database layer. The SAP application layer contains the following
components:
Central services - which include messaging (manages client connections and communications) and enqueue (SAP lock management)
services.
Application services - that process online and batch workloads, which
can be further categorized into the following types:
• ABAP: processes workloads based on an SAP proprietary
programming language.
• Java: processes Java based workloads.
• ABAP + Java: processes both ABAP and Java based workloads.
The specific SAP product determines the type of application service
required (ABAP, Java or both).
Dispatcher
Client
(SAP GUI)
Request
for ABAP
ABAP
Work Processes
Gateway
Message
Server
DB
ABAP
JCo
FastRFC
J2EE
Dispatcher
Request
for J2EE
Task
Handler
ABAP Engine
ICM
Internet
Client (Web Browser)
Client
(SAP GUI)
SDM
J2EE
Server
Processes
J2EE Engine
Message
Server
DB
J2EE
Enqueue
Server
Central
Services
The above image illustrates the architecture of the SAP NetWeaver
application server which includes both the ABAP and Java stack. Note
that the two stacks can be installed separately or together.
Central Services
Comprises message and enqueue services. There are separate
central services for the ABAP and Java stack (image above
shows two message servers, while the second enqueue server
for the ABAP stack is not shown).
Dispatcher
Accepts requests from the ICM or external SAP clients and
places them into a queue from which it distributes requests to
other SAP processes to execute application logic.
What are a System, an Instance and all that?
A SAP Application Server system consists of one or more
instances. An instance is a “server” in the sense that a user
can connect to every instance individually. An instance typically
consists of many running operating system processes that are
connected by shared memory, TCP/IP connections on the local
host and other means. All instances belonging to the same
system are connected to the same RDBMS. A system has a
three-letter name, the system identifier (SID).
Instances of a system do not have to be configured identically;
instead, different instances may offer different services. Some
services are unique in a system, i.e. only one instance is configured to offer these services (e.g. Enqueue, Message Server).
A system may have an instance called “central instance”,
which offers many of these unique services.
Every instance has a number between 00 and 99, the socalled instance number (abbreviated by InstNr or NN to
indicate the numerical value). The installation default is 00.
If more than one instance is installed on the same host, they
MUST have different InstNr. InstNrs are usually part of the Port
numbers to ensure that there is no conflict between instances.
An instance uses a number of TCP and UDP ports for internal
communication. These ports are usually not configurable and
not relevant for the “outside world”. They are interesting only in
the rare case when a conflict with other software on the same
host occurs. The InstNr for an instance can be chosen freely.
Different instances belonging to the same system can have
different InstNrs. The InstNr is chosen during the installation.
3
What to Monitor?
SAP defines the following areas as Key Performance Indicators for SAP
Monitoring:
ENCYCLOPEDIA
Network and System Monitoring
• How is the network performance impacting the overall service performance?
Availability
• Are the servers properly sized in terms of CPU, memory, disk activity, etc.?
Heartbeat of a Technical Component.
• Are there any critical alerts in the system event logs?
Performance
Average General Response time.
Response times of particularly important subcomponents or actions.
Utilization Capacity
Hardware – CPU, I/O, Memory and Operating System.
Application – Memory and Processes.
Processing Queues.
Exceptions
Short Dumps.
Security
Web Application Server Monitoring
• How many sessions are currently being handled by the SAP web/application server, and are there sufficient
processes configured to handle the load?
• Is the workload properly balanced across SAP web
application server instances?
• What is the processing time of critical transactions on
the server?
• Were there any errors while connecting to the R/3 server?
• Is the application server’s memory adequately sized? Is
the free memory too low?
SAP R/3 Server Monitoring
Unauthorised Access.
• Are the buffers of the SAP R/3 server sized appropriately?
Configuring thresholds for these KPI’s strongly depends on the business needs and on the IT scenarios. CCMS monitoring counters are
configured with a default threshold, which can act as a good starting
point. For instance, CPU utilization turns red at 98% CPU rate.
• Are there unusually high swap ins/outs?
• How many requests are queued waiting for free
worker processes or data locks?
• Are there sufficient dialog processes configured to handle incoming user requests?
To find an appropriate threshold, store a performance counter for
• Are there any ABAP dumps happening, indicating errors in some weeks, and analyze the average afterwards. The average prothe R/3 system?
vides an overview of the IT behavior. Finally, set the threshold 10-20%
above or below the average, which indicates a clear deviation.
SAP R/3 Database Monitoring
The following statements provide insights into the key and critical
monitoring and performance in an SAP system:
SAP Service Monitoring
• Is the SAP service working well? What are the response times?
Is any step slowing down the entire service interaction?
• Are the critical application processes running? What is
their resource usage?
• Is the SAP R/3 database accessible?
• How are the critical cache hit ratios of the database server?
• Are any of the database table spaces reaching capacity?
The remainder of this document will cover how to use some of
these key performance indicators and ways of addressing the
above questions.
4
ENCYCLOPEDIA
Availability Monitoring
Let’s take a look at some of the things that might affect the availability
of the R/3 system on UNIX and Windows Operating Systems.
• UNIX OS Availability via SSH Logon Test
• Windows OS Availability via NetRemoteTOD API
These rules are provided via the Argent Guardian as shown below.
SAP System R/3 System Logon Test
The availability of the SAP R/3 system is a pre-requisite for using
the SAP system for data processing. Suffice to say, that to establish
connection to the SAP system, the system must be up and running.
A simple way to ascertain this is to try and log on to the SAP
system.
This Rule is part of the Argent Monitor for SAP and provides a synthetic user logon test that can be performed from any Argent Remote
Monitoring engine installed on a Windows server – e.g. from a remote
location
5
ENCYCLOPEDIA
Each SAP server is defined in the Argent Master Catalog with the following instance detail as shown below.
Application Server
Enter the address/name of the SAP server to monitor.
Router String (Optional)
If the connection is being made through a router, enter a router address string; find the router address using the SAP Logon tool from
the SAP Client software. Open the Logon console, select the server
to monitor and then select Properties to view the router address;
otherwise leave it blank.
System Number
Enter the System number for the SAP server. A default system number
of 00 is typically used.
Client Number
Enter the Client to use for connecting to SAP. A default client of 800 is
typically used.
Logon
Enter the Username required to connect to the SAP server. This user
must have authorization to access CCMS metrics.
6
ENCYCLOPEDIA
Password
Enter the Password required to connect to the SAP server.
System Name
System Name functional reference.
SAP System TCP Port Listeners
Utilise a Scan Specific Port Test to check SAP Dispatcher or any other
SAP Application Listeners.
See Appendix A for other TCP Ports used by SAP Applications.
Third-Party Applications
Apart from potential problems within the R/3 environment there are
numerous dependencies from multiple systems to ensure maximum
performance of the network, hardware and operating system, database (s) and applications.
Numerous other applications with interfaces to R/3, for example messaging systems such as Microsoft Exchange or Lotus Notes or Internet
Server such as Microsoft IIS, can impair performance and availability
of the systems. Even failure of automated backup solutions such as
Legato’s NetWorker, Computer Associates’ ARCserve IT or Veritas’
Backup Exec may cause adverse effects on the SAP R/3 system.
These systems should be monitored using standard best practice,
which are the monitoring of Availability, services, processes and critical
performance metrics within these applications.
SAP Web Portals can be monitored by using the Argent Defender to
simulate users’ transactions and to alert on any http based errors.
Server Hardware
The hardware components which run the SAP R/3 system must be
monitored. Some events such a fan failure or physical disk errors often
result in unplanned system failures. It is essential to monitor hardware
health to ensure availability of the SAP R/3 system.
Hardware can be achieved by using the vendor supplied hardware
monitoring agents (such as HP SIM Agents, Dell OpenManage Agents
or IBM Director Agents) to forward SNMP Traps to the Argent Console.
7
ENCYCLOPEDIA
Service and Process Monitoring
The services or processes of the SAP R/3 system are a pre-requisite
for the SAP system for data processing. Suffice to say that to establish
connection to the SAP system, the system must be up and running.
Some of the processes that might affect the availability of the R/3 system on UNIX and Windows operating systems will now be examined.
• Windows Services that run SAP systems
Any windows service can be monitored and alerted if it has an issue.
• UNIX Daemons / processes that run SAP Systems
Any shell script can be used to monitor the underlying Operating System metrics such as Disk, CPU, Memory, Daemons and
Processes.
R/3’s critical processes
There are quite a few areas that might impair availability and performance of the SAP R/3 system. The most critical components whose
availability should be monitored are R/3 Message Service and R/3
Dispatcher Service.
• A message service failure, the system cannot respond to enquiries.
• A dispatcher service failure, at least one application server will no longer be available.
8
ENCYCLOPEDIA
CCMS Monitoring
Transaction RZ20 allows monitoring of all systems in the SAP system
landscape. Using transaction RZ20, all defined alerts can be monitored. Furthermore, the CCMS monitor provides a current status view
and open alert view which displays recent reporting data and history
information respectively.
Monitor - Collection of MTE (Monitor Tree Elements), assembled in a
hierarchy
MTE
Monitor Tree Elements are knots in the monitor tree. There are three
different kinds: monitor attributes, monitor objects and monitor collections.
Monitor Objects
Represent objects which can be monitored. They can be database
table-spaces, hard disks or SAP System components.
9
ENCYCLOPEDIA
Monitor Attributes
These are the basic elements in the monitor tree. They describe the
status of the monitor objects. Four different kinds exist: Performance,
Status, Protocol and Text.
Argent’s CCMS Rules use the SAP BAPI interface, opening up a wealth
of SAP metrics. Using an installed SAP GUI on the Argent MAIN Engine
or an Argent Remote Monitoring, the information necessary to build
customized Argent monitoring Rules can be found.
Example
To monitor the CPU Usage of the SAP instance, use the SAP GUI to
determine the System Name, Counter Name, Object Name, and MTE
Name needed. In the SAP GUI, log onto the target system and expand
the Tools folder under SAP Menu. Then expand CCMS, and Control/
Monitoring.
10
ENCYCLOPEDIA
Next, double-click CCMS monitor sets. On the resulting screen expand
the SAP CCMS Monitor Templates folder, and double-click the Operating System item.
If not already expanded, expand the Server_Name_ERP_00 folder
and locate the CPU item and CPU_Utilization beneath it. Right-click
CPU_Utilization and choose Properties.
11
ENCYCLOPEDIA
The Properties and Methods page contains the detail needed.
In the Argent SAP Monitor, create a new CCMS Rule called CPU_
OVERLOAD.
To the right of the CCMS Rule Is Broken If, click the New button (the
first button on the left), to bring up the CCMS Rule Criteria dialog box.
12
ENCYCLOPEDIA
Enter the corresponding information from the Monitoring: Properties
and Methods screen, as shown below.
NOTE: The information to be entered here is case-sensitive.
Argent can create CCMS rules using either Numeric or Text criteria.
However only Numeric data can be saved to the Argent Predictor database, this will provide reporting and trending of the numeric data.
Both Numeric and Text can be used to generate Alerts to notify Systems Administrator.
13
ENCYCLOPEDIA
SAP CCMS Monitor Templates Monitor Set
Consult the SAP Basis Admin to obtain Monitor Set and Monitor
names or follow the process shown above. The Monitors are
configured in SAP using RZ20 transaction. Choose what metrics to
monitor, what alerts to capture, what App servers to include in the
SAP Monitor using RZ20.
The following provides a list of categories that are available:
• Availability and Performance Overview Monitor
• Background Processing
• Buffers - The various SAP buffers, their hit rates, and swap rates
• Change and Transport System
• Communications - Data transfers (SAPconnect, SAP Gateway, ALE, LDAP, RFC)
• Data Archiving - Monitored data archiving sessions
• Database - table status, performance, backups, data consistency
• Dialog Overview - dialog system, broken down by performance attributes
• Dialog per Application Server - dialog system, broken down by application servers
• Entire System
• Filesystems
• Operating System - Operating system data for any application servers and host systems
• Performance Overview - important values about performance and possible causes of problems
• Security - Security Audit Log and security-relevant messages in the system log
• Spool System
• Syslog – provides system messages
• System Configuration
• System Errors - Information about the most important error messages of the system
• Workload Collector
Now the more important Monitor sets will be reviewed.
14
ENCYCLOPEDIA
Performance Overview Monitor
Use the Performance Overview monitor to obtain the most important
values about the performance of the application servers of in the
system and to identify possible causes for performance problems it is
highly recommended that at least these metrics are added as Rules to
the Argent Monitor for SAP.
ResponseTime
The dialog response time consists of the period of time from the
request of the dialog to the dispatcher through the processing, to the
ending of the dialog in the dispatcher and the transfer of the data
to the presentation layer. It also includes the time used during the
roundtrips for data transfer from the front end to the application server
and back.
An alert here indicates a performance problem. The problem can have
many different causes, and it is therefore necessary to perform a thorough analysis. First ensure the application server is not overloaded.
This is measured, for example, using the statistics for CPU performance, system paging, and dialog work processes. Another possible
bottleneck is the database; ensure that the database performance is
adequate.
15
Possible corrective measures are:
• Distribute users onto another (additional) application server.
• Encourage users to schedule long-running reports or other
actions as jobs in times outside the peak workload times.
• Add work processes (preferably through operation mode
switching).
• Move parallel background processing jobs to times outside the peak workload times.
ENCYCLOPEDIA
HeapAct
Utilization of the private memory as a percentage. A work
process is only assigned private memory if the roll area and
extended memory are occupied; the work process is then
reserved for the current user context until the end of the transaction (PRIV mode). Performance problems occur if too many
dialog work processes are running in PRIV mode.
Program\Swap
Swap rate of the program buffer.
An alert for FrontendResponseTime when there are normal values for
the ResponseTime means that the problem must be at the front end or CPU_Utilization
with at connection to the application server.
Average utilization of the CPU on a host as a percentage.
UsersLoggedIn
Page_In
Number of users logged on. The system will have an optimum number Average number of page-ins per second.
of users that it can deal with without affecting the overall load of the
Page_Out
system.
QueueTime
Average number of page-outs per second.
Average time in the dispatcher wait queue.
Load+GenTime
Average load and generation time of CUA objects.
DBRequestTime
Average time for processing logical database requests.
R3RollUsed
Usage of the roll area as a percentage. The roll area is a memory area
of a fixed, configurable size that belongs to a work process; it contains
user-specific data and is the first memory that a work process obtains.
EsAct
Utilization of the extended memory as a percentage. The extended
memory contains the largest part of the user context. The page management of this memory is performed not by the operating system, but
directly by the SAP system.
16
Operating System Monitor
ENCYCLOPEDIA
Commit_ChargeFree
Available commit charge: difference between the maximum
This monitor set will monitor operating system data for any application
available and the currently used commit charge (only for
servers and host systems. The values are collected by the operating
Microsoft Windows):
system collector SAPOSCOL; these metrics could be collected from
the OS directly using the Argent Guardian. The monitor contains the
• Commit_Percent
following monitoring tree elements (MTEs):
Proportion of the maximum available commit charge used (Windows).
CPU_Utilization
Average usage of the CPU in a host system; the value shows how
intensively the CPU is used and how much processing capacity is still
available.
5minLoadAverage
Average number of processes in a host system that are ready for
execution but must wait to be processed by the CPU.
Idle
Idle time for all CPUs in the system.
Paging
Exchange of data pages between the main memory of a host system
and the overflow store in a paging file on the hard disk; paging occurs
if the main memory is not large enough for the contexts of all running
processes.
Page_In
Swap_Space
Storage space on the hard disk on which data that is not currently required is stored out of the main memory, so that there
is space in the main memory for the program currently being
executed (only for UNIX platforms):
• Freespace
Free swap space (only for UNIX platforms).
• Percentage_Used
Percentage usage of the swap space (only for UNIX
plaTforms).
OS_Collector State
Status of the operating system collector SAPOSCOL.
Packets_In
Incoming packets per second in a LAN at the interface of a
host system.
Average number of page-ins per second; a page-in occurs if a process
Packets_Out
must access a data page that is not available in the main memory. Before the process can be continued, the operating system must retrieve Outgoing packets per second in a LAN at the interface of a
host system.
the page from the paging file.
Page_Out
Average number of page-outs per second (page-out occurs if a page
is stored out of the main memory to make room for the pages required
by other processes).
Commit_Charge
Total physical and virtual memory used by the OS and programs
(Windows).
17
ENCYCLOPEDIA
Collisions
Collisions in the LAN, in which two stations transport a packet at the
same time on the same channel; this leads to the destruction of both
packets and means that they must be sent again.
Monitored Processes
Monitored processes on this host. The following shows a process
monitoring example from a SAP Whitepaper and will allow the addition
of processes on the SAP Host to be added to the RZ20 Monitoring
Tree.
This Monitored Process MTEs can be configured to be monitored
within the Argent Monitor for SAP by defining a custom CCMS Rule.
This process is an example only and may vary depending on the version or SAP and the CCMS agent installation.
18
ENCYCLOPEDIA
Database Monitor
Another component to be monitored and managed is the SAP R/3 data
storage, in most cases Oracle or Microsoft SQL Server. The SAP Computer Center Management System™ (CCMS™) offers a good view of
the health of the database, especially SAP R/3 utilization figures.
However, various other metrics not being monitored by CCMS can also
have a significant impact on availability and performance.
Database (view in RZ20)
DB02
10
8
6
4
2
0
<DB System>
space management
performance
backup/restore
R/3 consistency
running jobs
health
0
2
4
6
8
10
ST04
DB12
DB13
Backup logs
The database has a significant effect on the performance of the entire
system. Therefore, transaction RZ20 provides information concerning
the database system.
• Space management will monitor table spaces and segments
• Performance to monitor optimizer statistics, buffers, logs, and checkpoints
• Backup/restore to monitor database and redo log backup
• Consistency to check the consistency between the indexes,
database objects, and database tables
• Health to monitor BRCONNECT database system checks
Also from an Operating system perspective we should monitor any
log file used by the database system via the Argent Data Consolidator,
such as:
• Oracle Alert Log
• SQL Error Log
19
ENCYCLOPEDIA
Security Monitor
The monitor contains the following monitoring tree elements (MTEs):
Logon
System logon events reported by the Security Audit Log:
• Successful logons, unsuccessful logon attempts, and log offs by a user
• Locking of a user due to unsuccessful logon attempts, and the removal of the lock
RFCLogon
RFC/CPIC logon events reported by the Security Audit Log:
• Successful RFC/CPIC logon
• Unsuccessful RFC/CPIC logon attempt
TransactionStart
Transaction events reported by the Security Audit Log:
• Transaction started and failed transaction start
• Transaction locked or unlocked
20
ENCYCLOPEDIA
ReportStart
Events connected with starting reports reported by the Security Audit
Log:
• Successful start
• Failed start
RFCCall
Events connected with calling Remote Function Calls (RFCs) reported
by the Security Audit Log:
• Successful call
• Unsuccessful call
UserMasterRecords
Events connected with changes to user master records reported by the
Security Audit Log:
• User deleted, locked, or unlocked
• User master or authorizations of a user changed
• Authorization/authorization profile created, changed, or deleted
System
Events connected to system parameter changes reported by the
Security Audit Log:
• Configuration of the Security Audit Log changed
• Application server started or stopped
Miscellaneous
Other events reported by the Security Audit Log:
• Download of a file
• Call of a digital signature
• Test message
System Log Messages
Messages in the system log for the security category; the category in
which a message is reported can be selected, the message text, and
the severity and criticality of the alert using the message ID in transaction SE92
The system records security-relevant actions in the Security Audit Log.
Decide which actions are recorded there and which should trigger an
alert in the Alert Monitor on the Security Audit Log configuration screen
(transaction SM19).
21
ENCYCLOPEDIA
Transactional RFC and Queued RFC
Function calls between systems; the call is only executed once in
the target system, and either all or no calls of a Logical Unit of Work
(LUW) are performed; queued RFC also guarantees the chronological
processing of RFCs. Transactional RFC and queued RFC are variants of
the Remote Function Call that make the data transfer between different systems more reliable and more secure.
Total Calls –
Number of tRFC and qRFC calls that are waiting to be executed in this
system. This should have a rule set that would represent a satisfactory
number of calls that the system can handle.
22
The following MTEs have the following procedural processes that can
be used for troubleshooting.
ARFCSSTATE: Outbound tRFC Calls
The transaction Transactional RFC (SM58) is assigned as analysis
method to all MTEs of this monitoring object. This tool lists only those
transactional RFCs that could not be carried out successfully or that
had to be planned as batch jobs.
ENCYCLOPEDIA
Port Number / Service Name
For each service, we list the port number associated with this
service and if existent the rule used to compute port number
and service name. Some ports have corresponding entries in /
etc/services. If this is the case, we also list the service name.
Some services use fixed port numbers, however most use a
number that depends on some other value to allow multiple
instances of the program running on the same host. Variable
name convention (see below for explanation):
Calls w/Communication Errors – CPICERR
Errors often occur in this attribute when an instance is shut down for
maintenance. Once the instance is available again, the calls are automatically processed. If this is not the case, check the RFC connection
using the Display and Maintain RFC Destinations transaction (SM59).
Calls w/ Execution Errors – SYSFAIL
Errors in the execution of RFC calls are often caused by errors in the
programs. These errors must therefore usually be individually processed.
Calls w/o Server Resources – SYSLOAD
RFC calls with the status SYSLOAD are automatically scheduled in
a job. For more information about SYSLOAD status, see SAP Note
319860.
ARFCSSTATE: Inbound tRFC/qRFC Calls
For information about possible statuses and problems for table ARFCRSTATE, see SAP Notes 378903 and 366869.
Outbound Queues, Inbound Queues
Start the assigned analysis method. For the MTEs of this monitoring
object, this is transaction SMQ1 orSMQ2 (qRFC Monitor).
• NN is the instance number of the SAP Application Server instance (e.g. 32NN /sapdpNN means 3200 / sadp00 for instance no. 00)
• SID is the three letter system ID (e.g. sapmsSID means sapmsC11 for SAP system C11)
All ports are TCP ports except where UDP is indicated. UDP
is used only for internal communication ON THE SAME HOST,
never for communication across a network.
Most port numbers are configured by the installation procedure. In this case, the port number listed in the table is the one
used by the installation procedure. Sometimes the installation procedure allows changing the port number. In this case,
the value is the one presented as a default by the installation
procedure.
Other ports are not configured by the installation procedure.
This is because the corresponding service can be used only
after other manual configuration steps that cannot be carried
out by the installation procedure. If a port is not automatically
configured, this is indicated in the comment. To use the corresponding service, set the port manually.
External
QIN Schedulers: Errors, QOUT Schedulers: Errors
Start the assigned analysis method. For the MTEs of this monitoring
object, this is transaction SMQR or SMQS (QIN/QOUT Scheduler).
Service
The name or identifier of the network services provided by SAP
programs.
The most relevant ports are the ones used by programs that
connect to the system, for example, SAP GUI or Web browser
or other programs that communicate with the system. Those
ports are labeled “external” – there are relatively few of them.
The other ports are used for internal communication between
components of the system.
23
ENCYCLOPEDIA
Appendix A – TCP/IP Ports Used by
SAP Applications
Default
The default port numbers are used all defaults presented by the installation procedure are accepted.
Range
The port range indicates the minimum and maximum port number for
this service. Not all numbers in this range may be valid ports for this
service.
Fixed
The column labeled “fix” indicates that SAP does not support changing this port number. If a conflict occurs, chose a different instance
number to avoid occupied ports.
Comments
If appropriate, a brief explanation on the service, the port numbers
used or the installation and configuration options.
24
ENCYCLOPEDIA
SAP Application TCP Port Tables
25
ENCYCLOPEDIA
26
ENCYCLOPEDIA
27
ENCYCLOPEDIA
28
ENCYCLOPEDIA
29
ENCYCLOPEDIA
30
Appendix B – Defining CCMS
Communication Users
Users with particular, restricted authorizations are required in all ABAP
systems in the system landscape for communication between the
central monitoring system (CEN), the monitored systems, and CCMS
agents.
RFC calls are triggered from CEN to monitored ABAP systems to pull
monitoring data. If agents are used in monitored ABAP systems, data
is pushed to the central system. Data from non-ABAP systems and
non-SAP components is exclusively pushed to CEN by local agents.
Agents require a communication user in CEN to be able to log on to it.
ENCYCLOPEDIA
Creating the CSMREG User
A user with specific, greatly restricted authorizations is required to monitor remote systems for the monitoring architecture. The user should have the User Type Communications.
Argent recommends the creation and use of the user CSMREG
for this purpose -- this user is required for the following tasks,
for example:
• Performing the data collection in the monitored systems.
• Pushing the monitoring data from monitored systems
that are connected to the central monitoring system using CCMS agents.
• Registering a System Component Repository (SCR) with a central repository.
SAP recommends the creation and use of the user CSMREG for this
purpose in all relevant components. This user must be assigned the
The CSMREG user must be created in all monitored systems; it
role SAP_BC_CSMREG. The user CSMREG is also used to register The is not created automatically.
CCMS System Component (SCR) with a central repository.
Procedure
Roles Used in Central Monitoring
The following predefined user roles are available for displaying, setting
up and performing central monitoring functions and for communication:
SAP_BC_BASIS_MONITORING
This role contains authorizations for displaying data for the central monitoring of an SAP system landscape using the CCMS monitoring infrastructure.
1. Choose CCMS - Configuration - Alert Monitor, or call transaction RZ21.
2. Choose Technical Infrastructure - Configure Central
System - Create CSMREG User.
3. Enter any password for this user.
If errors that indicate to a missing profile occur when creating
the user, generate the profile for the role SAP_BC_CSMREG in
transaction PFCG.
Various SAP tools are used to do this (SMxx, RZxx, and
STxx transaction codes).
SAP_BC_CSMREG
This role must be assigned to a communication user required by agents reporting to the central monitoring system. It
provides specific, greatly restricted logon authorizations
for CCMS agents in the central monitoring system.
31
ENCYCLOPEDIA
The role SAP_BC_CSMREG contains the following authorizations:
Authorization Object
Field
Value
S_CCM_RECV
ACTVT
P0-P2
TABLE
*
RFC_FUGR
FUGR
RFC_NAME
SALC
S_RFC
SALF
SALH
SALP
SALS
SAL_CACHE_RECEIVE
SYST
SCSM*
SCCMSBI_UTIL_FUNCTIONS
RFC1
SAPWLN3_COLLECTOR
SAPWLN3_UTILITIES
SCCMSBI_UTIL_FUNCTIONS
SWNC_GLOB_SYSTEM
ACTVT
16
Note: ArgSoft Intellectual Property Holdings Limited has created this White Paper for informational purposes only. ArgSoft Intellectual Property Holdings Limited makes no
warranties, express or implied, in this document. The information contained in this document is subject to change without notice. ArgSoft Intellectual Property Holdings Limited
shall not be liable for any technical or editorial errors, or omissions contained in this document, nor for incidental, indirect or consequential damages resulting from the
furnishing, performance, or use of the material contained in this document, or the document itself. All views expressed are opinions of ArgSoft Intellectual Property Holdings
Limited. All trademarks are the property of their respective owners.
32

Monitoring Secrets for SAP

Transcription

Similar documents

Record of Achievement

Formerly, Zygen Technology

unit 5: financials - [email protected]

Efficient project management – Although employees are

Supply Chain Through Mobility

High Voltage Maintenance

Angiosperm Latin Name: Euphorbia ingens Common Name

Record of Achievement

Codescan Brochure

Hallmark: Transforming Retail Merchandising and Field