Skip to Content
avatar image
Former Member

Pushing SAP Logs via RZ20

Hi!

My customer wants to push SAP logs to an external system (say, a big data processor or an event management system) either by saving the logs to flat files or sending the logs via syslog protocol.

Would RZ20 be the right tool for this? Both to aggregate SAP access/change logs and to push them further.

Would the save-2-files or syslog transfer be the standard functionality of RZ20 or would this be a development?

Thank you very much in advance!

Ivan

p.s. some background:

RZ20 - SAP CCMS
Monitor Templates - Syslog

https://help.sap.com/saphelp_srm702/helpdata/en/32/a58b3b7682773ce10000000a114084/content.htm


Add comment
10|10000 characters needed characters exceeded

  • Follow
  • Get RSS Feed

3 Answers

  • Best Answer
    Sep 06, 2014 at 06:41 AM

    Hello Ivan,

    what exactly do you mean by pushing logs to an external system? Do you need to store the logs in a file system? In RZ20 the data are displayed centrally on CEN by accessing the monitored systems via RFC connections, or agents are pushing data from CCMS shared memory of the monitored system to shared memory (or cache) of CEN and the agents can monitor logs, but nothing in RZ20 is pushing logs.

    Regards,
    Alwina

    Add comment
    10|10000 characters needed characters exceeded

    • Hello Ivan,

      RZ20 does not push logs to a central system. It works in the way, that you connects systems to a central system and CEN can then access data on the monitored systems. You can store performance data centrally for monitored systems on CEN, but there is no such feature for logs in RZ20. Some customers have scripts on OS level to collect and store logs for a longer period of time.

      Regards,
      Alwina

  • Sep 06, 2014 at 06:45 AM

    Hi Ivan,

    Can you be a bit more clear with your intentions ?

    Are you referring RZ20 as an alternative to you external monitoring toll or vice versa ?

    Regards

    Add comment
    10|10000 characters needed characters exceeded

    • Hi Ivan,

      you are looking for an API that allows extration of SAP Syslog in a readable and structured way. The extraction and transformation to CE Format would be custom development.

      You may find FM 'RSLG_ITSAM_READ_SYSLOG_ALV' helpful to fetch data from the syslog.

      Regards

      Christoph

  • avatar image
    Former Member
    Oct 07, 2014 at 05:20 PM

    Hello Ivan,

    we have developed a generic SIEM extractor to forward SAP System and Security Logs (and more than 20 other log sources !) to external SIEM platforms via flat file or standard syslog.

    If you need further info please contact me directly.

    Best regards

    Ralf

    Add comment
    10|10000 characters needed characters exceeded