SAP HANA Cloud Platform (SAP HCP)
SCC3 Log evaluation client copy
Tasks such as the update of components, the insertion of security updates or monitoring should be further automated. It is recommended to use only one automation tool (SAP Solution Manager or SAP LVM). Custom solutions and scripts should not be used or replaced with standard tools if possible, because otherwise different script languages and script versions will have to be managed, resulting in a lot of maintenance. Standardised SAP scripts are welcome here. A useful definition of thresholds, for example on the basis of historical system behaviour, must also be defined for monitoring.
In this step, a dialogue box prompts you to confirm the commit. If the user does not have permission to execute the transaction SPAM or the current queue has not yet been confirmed, the transaction stops SPAM with a message to that effect. CHECK_REQUIREMENTS In this step, different requirements for inserting are checked. There are the following reason that may cause this step to be cancelled: TP_CANNOT_CONNECT_TO_SYSTEM: tp cannot log in to the system database. QUEUE_NOT_EMPTY: There are incomplete OCS jobs in the tp buffer. You can view these jobs using the following tp command: tp SHOWBUFFER -D SOURCESYSTEMS= TAG=SPAM You cannot resume the processing of the queue until these jobs have been completely processed or deleted from the tp buffer. DISASSEMBLE In this step, files are extracted from the corresponding OCS files and placed in the /usr/sap/trans/data (UNIX) directory.
RECOMMENDATIONS
A simpler option is to output the transactions used by the expert as a list and to obtain an overview of the task areas. The function block SWNC_COLLECTOR_GET_AGGREGATES is very suitable for exporting the used transactions in a list. As an alternative, one can directly use the workload monitor in the transaction code ST03N.
Many companies are struggling with the introduction and use of secinfo and reginfo files to secure SAP RFC gateways. We have developed a generator that supports the creation of the files. This blog post lists two SAP best practices for creating the secinfo and reginfo files to enhance the security of your SAP gateway and how the generator helps you do this. secinfo and reginfo Request generator Option 1: Restrictive procedure In the case of the restrictive solution approach, only in-system programmes are allowed. Therefore, external programmes cannot be used. However, since this is desired, the access control lists must be gradually expanded to include each programme required. Although this procedure is very restrictive, which speaks for safety, it has the very great disadvantage that, in the creation phase, links which are actually desired are always blocked. In addition, the permanent manual activation of individual connections represents a continuous effort. For large system landscapes, this procedure is very complex. Option 2: Logging-based approach An alternative to the restrictive procedure is the logging-based approach. To do this, all connections must be allowed first by the secinfo file containing the content USER=* HOST=* TP=* and the reginfo file contains the content TP=*. During the activation of all connections, a recording of all external programme calls and system registrations is made with the gateway logging. The generated log files can then be evaluated and the access control lists created. However, there is also a great deal of work involved here. Especially with large system landscapes, many external programmes are registered and executed, which can result in very large log files. Revising them and creating access control lists can be an unmanageable task. However, this process does not block any intentional connections during the compilation phase, which ensures the system will run non-disruptively.
For administrators, a useful product - "Shortcut for SAP Systems" - is available in the SAP basis area.
The delivered roles and the profile generator of SAP are used.
Understanding the structure and functioning of the system is especially important for IT administration. It is not for nothing that "SAP Basis Administrator" is a separate professional field. On the page www.sap-corner.de you will find useful information on this topic.
The USR02 table provides a first entry point.