In our SM20 security audit log, we are getting the following error every 5 minutes.
RFC/CPIC Logon Failed, Reason = 1, Type = F
The user listed is SAPSYS (client 000), but there is no such user (SU01).
The terminal name is the <host>.<domain> for one of our applications servers in production (there are two application servers, one with the error and one without).
In our QA environment, we have one application server and it too shows the error.
The error occurs every 5 minutes.
No ST22's or SM51's. We have not been able to line it up with a batch job (SM37) nor with Solution Manager items.
Any suggestions or thoughts?