on 03-16-2016 10:45 AM
Hello colleagues,
I cannot get any mail from tcode GRAC_ALERT_GENERATION. In order to get them I followed the very useful docs here and here.
I also executed tcode GRAC_ACT_USAGE_SYNC before starting GRAC_ALERT_GENERATION. I see that table GRACALACTLOG is filled with data, and data presents in GRACALHDR table too. In NWBC, Access Alerts section, I see that alerts are available.
I know that this topic is not new and many resolved issues published here, but I don't know why I cannot get the required results.
The system has the following level of SP:
COMPONENT | RELEASE | EXTRELEASE |
GRCFND_A | V1000 | 0020 |
PI_BASIS | 702 | 0017 |
SAP_ABA | 702 | 0017 |
SAP_BASIS | 702 | 0017 |
SAP_BW | 702 | 0017 |
ST-A/PI | 01Q_700 | 0000000002 |
ST-PI | 2008_1_700 0012 |
Maybe I don't get the idea of GRAC_ALERT_GENERATION process, could explain me then? As I understand, the process has the following steps:
GRAC_ACT_USAGE_SYNC synchronizes all tcodes performed in the system.
GRAC_ALERT_GENERATION looks for the nonmitigated/mitigated risks (that we opt on the selection screen)
If events according to our criteria are fulfilled then message goes to monitor and approver.
I set wf-batch, monitor and approver emails.
I run the tcode neither as monitor nor approver.
Dispite the message, I don't receive mails (SCOT is empty)
The only thing I suspect wrong is empty rows in mitigation controls. I didn't maintained them.
Please help me to understand where I have made a mistake
Regards,
Artem
Hi,
yes, Risk should have Owners and these owners should have email in SU01. Also, check your SCOT/SMTP settings with Basis team.
Yes, Alerts are generated if Mit. monitors do not execute report within the time frame specified. So, they should also have email in SU01.
Regards
Plaban
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
Could you check in NWBC->Access Management>Access Alerts>Conflicting and ..., whether Alerts have been successfully generated in GRC. if yes, then email, should be triggered to Risk Owner.So, check SOST and not SCOT.
Also, maintain email id in SU01 of Risk owner
Regards
Plaban
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Plaban,
Thank you for reply.
As I mentioned:
In NWBC, Access Alerts section, I see that alerts are available.
And also I wrote:
Dispite the message, I don't receive mails (SCOT is empty)
As a result that SCOT is empty, SOST is empty too.
Are you sure that risk owners should be maintained in the risks, but not mitigation monitors?
I see in the very good document by Madhu Babu, we should maintain emails for mitigation approvers and monitors only.
Do you have this functionality working? If yes, please post screens of your risks with risk owners tab.
Regards,
Artem
Hi Lynette,
Make sure that the SOD rules are generated before running the alerts job and all the risk owners have a valid email address in GRC SU01.
Also ,refer the below KBA and Notes
1739373 - GRC 10.x - Alerts not generated or incorrect results
1717901 - Alert not getting generated in 10.X version
2168589 - GRAC_ALERT_GENERATE report does not alert some violations
Hope this helps
Regards,
Manju
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.