Sap Solution Manager 7.2 Configuration Validation
What's new in SAP Solution Manager 7.2 regarding Configuration Validation?
In a nutshell: We basically kept Configuration Validation as you know it from SAP Solution Manager 7.1.
This page describes what is different in 7.2
CCDB Content / Monitoring and Alerting
We added more content to CCDB which allows more checks more change tracking.
For technical systems of type ABAP data for following config stores is collected:
LOCKED_TRANSACTIONS
Contains all transactions which have been locked ( columns: TRANSACTION / TEXT)
VSCAN_GROUP and VSCAN_SERVER
Provide information about the Virus Scan Adapter. For more information see here: help.sap.com
System Change Option - Change Logs
With 7.2 the content of certain "system change option change logs" are provided which allows to monitor changes based on change entries made by the Managed System.
GLOBAL_CHANGE_LOG
Change Log of System Change Option - Global Setting (which is transaction SE03 / System Change Option)
There is still config store GLOBAL which contains the setting as well just based on the usual snapshot extraction method of CCDB.
COMPONENTS_CHANGE_LOG
Change Log of System Change Option -Software Component
NAMESPACE_CHANGE_LOG
Change Log of S ystem Change Option - Namespace/Name Range
AUTH_PROFILE_USER_CHANGE_DOC
User change documents showing SAP_ALL assignments. Including the timestamp of the event in the managed system and also the user who did the asignment.
SYSTEM_TIMEZONE
Contains the system timezone
SAPUI5_LIBS and SAPUI5_VERSION
Contains major and minor version of the installed SAPUi5 software
The new config stores based on the change logs can be used in MAI to trigger alerts based on events written by the Managed System.
User and Role Information for J2EE
For technical systems of type Java user and role information could be added. For more information see here: Adding User and Role Information for J2EE
Configuration Validation UI
- BW Reporting Templates
Per column the string length is now 250 chars - Reporting Directory
The reporting directory includes now also the Bookmark entries
Comparison Lists
Comparison List could be implemented on a Badi to build dynamic comparison lists based on customer attributes. For more information see here: SAP Note 2365039
Fiori Launchpad
Using SAP Solution Manager 7,2 Launchpad navigate to the group Root Cause Analysis
Make sure you see the tile: Root Cause Analysis (for E2E Change Analysis and Change Reporting)
Make sure you see the tile: Configuration Valdiation
Using SAP Solution Manager 7,2 Launchpad navigate to the groupSAP Solution Manager Administration
Make sure you see the tile: Templates – Root Cause Analysis
Make sure you see the tile: Configuration Change Database (which is CCDB admin)
Note: You can add tiles, by using the Launchpad function "Personalize Home Page" (available underneath your user profile in the top right hand corner).
What has been added in SAP Solution Manager 7.2 SP05?
Sending reports via email
Unfortunately, SAP BW Information Broadcasting is no longer supported in SAP BW 7.40. To reports are provided to send Configuration Validation reports via email scheduled via background job:
Configuration Validation: DIAGCV_SEND_CONFIG_VALIDATION
System Recommendation Report: DIAGCV_SEND_SYSREC
Target System Merger
Report to merge several target systems into a new one: DIAGCV_MERGE_TARGET_SYSTEMS
Background: Customer would like to create out of baseline target systems a single one or a fewer ones to match own reporting purposes.
New key operator for table stores: regex
To be able to define more compact definitions a new operator was added for table store keys. It allows to define matching key columns using a regular expression (like already available for data columns).
Dashboard Builder Integration
Introducing suitable interfaces for the dashboard builder framework to build security or configuration validation dashboards. See dashboard builder blog for more details.
Trend Analysis:
Queries:
Overview: 0SMD_CVA2_TR_SYSTEMS_DSH
Details: 0SMD_CVA2_TR_ITEMS_DSH
Last results: 0SMD_CVA2_TR_NC_ITEMS_LAST_DSH
Configuration Validation:
Function model: DIAGCPL_CV_DSH
Trend Analysis
Added to Trend Analysis a last recent query and BW Template to show only the last validation execution of the trend.
CCDB Content
New config store ABAP_INSTANCE_PAHI_ENH
Selected profile parameters of an ABAP instance, which you can define multiple times, plus additional entries showing the concatenated values of these parameters:icm/HTTP/admin_ALL,icm/HTTP/auth_ALL,icm/HTTP/logging_ALL, icm/HTTP/redirect_ALL, and icm/server_port_ALL.
It allows, e.g. to check if at least one of the parameters icm/server_port_0 to icm/server_port_9 contains an entry for HTTPS because all parameter value are concatenated into the entry icm/server_port_ALL.
Config Store AUDIT_POLICIES (HANA)
Extended by column TRAIL_TYPE ( could be: TABLE | SYSLOG | CSV )
New config store SECURITY_POLICY_USAGE
SECURITY_POLICY_USAGE provides usage overview for policies for ABAP systems
Config Store RFCSYSACL
With new field RFCTCDCHK to check the transaction code
What has been added in SAP Solution Manager 7.2 SP06?
New Validation and Trend Analysis Reporting
A new reporting UI is provided to offer an alternative to the existing reporting based on BW 3.5 Web Templates. It includes reporting using rules in target systems against data available in CCDB as well reporting against pre-calculated validation runs which is known as trend analysis.A new tile has been introduced to launch "Configuration Validation Reporting" directly from the Launchpad. It's not available within the existing Configuration Validation UI.
CCDB Content
Config Store J2EE_PSE_CERT
To validate the J2EE certificates more properly it was necessary to add the validity information of the private keys to the already existing config store J2EE_PSE_CERT.
A "Private Key" entry in a keystore view consists of:
- A private key
- A corresponding x.509 certificate
The x.509 certificate has several relevant and interesting properties (e.g. Validity Dates, Key length, Algorithm). Especially validity dates are extremely important in this case, since the private key entries are entries that have to be renewed. We only collect the data from the x.509 certificate. The private keys themselves are not collected or analyzed.
This page is part of the Application Operations Wiki. Notice that Application Operations itself is a use-case of SAP Solution Manager
Sap Solution Manager 7.2 Configuration Validation
Source: https://wiki.scn.sap.com/wiki/display/TechOps/ConfVal_SolMan72