Skip to Content
Technical Articles
Author's profile photo Milena Gaydeva

Alerts from your SAP Cloud Platform Solution to SAP Solution Manager via SAP Cloud Platform Alert Notification

Introduction

This blog post is part of a series of blog posts related to SAP Cloud Platform Alert Notification service. You can relate to the parent blog post for more detailed information about the service itself.

For the sake of readability, we often use Alert Notification as a short form of the complete SAP Cloud Platform Alert Notification name.

We are happy to announce that now Alert Notification offers out-of-the box integration with SAP Solution Manager 7.2. This ensures broader monitoring coverage of hybrid scenarios, as SAP’s customers would be able to receive alerts from SAP Cloud Platform in their on-premise SAP Solution Manager systems. How it works? Utilizing the Alert Notification’s Consumer API, SAP Solution Manager 7.2 pulls events that are explicitly set to be stored in Alert Notification for later consumption and reports them in on-premise monitoring tools. The Alert Notification supports similar integration with Focused Run for SAP Solution Manager (FRUN), so stay tuned for further news!

In this blog post we are going to exemplify a basic scenario, in which a SAP Cloud Platform Neo subaccount will be integrated with a Solution Manager system.

Note: Integration with SAP Cloud Platform Cloud Foundry subaccounts is supported as well.

Prerequisites

  1. Active subscription to SAP Cloud Platform Alert Notification
  2. SAP Solution Manager 7.2 SP08 or higher
  3. SAP Cloud Platform subaccount (Neo)
  4. Application deployed in SAP Cloud Platform, which will be monitored

In order to ensure secure HTTPS communication, we have to import the SAP Cloud Platform SSL certificates in the Solution Manager Trust Store, using configuration STRUST.

Note: Even if your scenario features the usage of SAP Cloud Platform Neo subaccount, the SSL certificate for SAP Cloud Platform Cloud Foundry is still needed, as Alert Notification technically runs there. To be sure you are about the export the correct certificate, as a hint I would suggest to navigate to the Alert Notification UI -> tab Security and start the Event Consumer Endpoint in a new browser. Then, export the SSL certificate from there. Thus, you can ensure its relevance. Refer to the following link for importing the SSL certificates.

Configurations in Alert Notification

1. Let’s start by creating a technical client in the Alert Notification, which is going to be used later for the SAP Solution Manager integration.

Logon to your SAP Cloud Platform subaccount. Navigate to the Alert Notification UI, tab Security. Choose “Create Technical Client“. In the new dialog, select client type “NEO_CUSTOMER_INDENTITY” and enter a meaningful description. As a next step, grant permissions to your client. In general, for this scenario “ALERT_READ” would be sufficient. Click “Create“. You will be displayed with the Client ID and Client Secret.

Note: Save the Client Secret for later usage, because it cannot be retrieved anymore. You can get more details here.

2. Create a “Store” action. What this action type does? It temporarily stores notifications in Alert Notification, so they can be pulled later by 3rd party application. You can check for more details here.

In the Alert Notification UI, navigate to tab Actions and choose the “Create” button. From the available list, select “Store” and click “Next” . Enter a name for your action and optionally description, label(s).

Click “Create“.

3. Assign the new “Store” action as outbound channel for an active subscription. In this showcase, the subscription is already created, but no action has been assigned to it. Well, let’s do it now! We are going to edit subscription “alerts-app-web-shop“.

Skip the first two steps, suggested by the Wizard, and head to “Select Actions“. From the available list select the newly-created action:

Click “Assign“. You will be displayed with an overview of the subscription’s details.

Configured in that way, the Alert Notification is going to store all incoming alerts related to application called “web-shop”, running in our SAP Cloud Platform subaccount. If you need further help regarding the Alert Notification’s terminology, please refer to the official documentation.

We are done with the adjustments in the Cloud. It’s time to configure our SAP Solution Manager system for being able to communicate with our SAP Cloud Platform subaccount.

Configurations in SAP Solution Manager 7.2

1. We have to integrate manually our cloud service within SAP Solution Manager. As a result, it should be listed in LMDB as an external service. Thereon, we can monitor exceptions that occur there. To ensure this configuration use SAP Solution Manager Configuration (transaction SOLMAN_SETUP). Navigate to Managed Systems Configuration → Cloud ServicesCloud Service Operations → Create Cloud Service. From the drop-down list select service type “SAP Cloud Platform” and click “Next“. Define the SAP Cloud Platform environment, in which you subaccount is running, and the relevant subaccount’s ID.

Moving forward, you will be prompted with a prefilled name for Extended Service ID. However, you can change it now, as later it will not be possible. The goal is to uniquely identify your cloud service. The base Alert Notification’s Consumer API URL will serve as a Root URL. Navigate to tab Security in the Alert Notification UI to obtain the correct value.

Note: Copy the link from “Event Consumer” till .com including.

See more details in Credential Management for Neo environment.

Finally, you will be displayed with an overview of your new cloud service configurations. If no changes are needed, click “Finish“. Now, your service should be visible in Managed Systems Configurations -> Cloud Services.

2. Let’s create an HTTP endpoint for the new cloud service. It will ensure data collection through a direct connection between the SAP Solution Manager system and the respective cloud service. For this purpose, navigate to Managed Systems ConfigurationCloud Services. From the list below, locate the new cloud service and click “Configure Cloud Service“. From section Cloud Service Endpoints select “Add“. You will be displayed with a form. Below there are some tips about how you can get the required details:

  • API Type: from the drop-down list select “Alert Notification Service
  • Root URL: if it is not prefilled, enter the base Alert Notification’s Consumer API URL, as described in step 1 above. In our case, this is https://clm-sl-ans-live-ans-service-api.cfapps.eu10.hana.ondemand.com
  • Description: enter a meaningful description for the purpose of the HTTP endpoint
  • OAuth URL: you can find it in the Alert Notification UI, section Security. Simply copy and paste the link provided for OAuth Token
  • User: enter the Client ID of the OAuth client you have created in Alert Notification
  • Password: use the Client Secret provided for your OAuth client
  • Enter proxy settings if applicable and save the configurations.

 

Once you are ready, save the changes and optionally you might want to check the connection. It should be rated with a green status.

3. It’s time to configure and activate the exception monitoring. All exceptions, in the context of our scenario alerts, are collected via Exception Management and stored in a central exception store. To access the Exception Management setup you can use transaction SOLMAN_SETUP → Application Operations (left-hand side) → Exception Management. Go to step “Define scope” and from the section below select “Cloud Services“.

Note: If your cloud service is not among the listed, switch to View type “All Cloud Services“.

Select your cloud service and click “Next” twice, in order to go to step “Exception Configuration“. Go into edit mode and click on “Add/Configure Log Store. From the available log stores, choose “SAP Cloud Platform Alert Notifications” and the endpoint that you are going to use. Click “Create“. Then you will be displayed with a list of available fields for filtering. They will help you to filter your log store further. (Optionally) Select the desired fields based on your preferences and confirm. Then, maintain the filter values for the fields in the Filter Definition panel, under the log stores table.

Note: This configuration restricts the collection of exceptions only to the ones that match the defined filter values.

In this blog post we are aiming to demonstrate a basic scenario, with focus on the required configuration steps and their purpose, that’s why we are not going to set filters for our log store. We can always do this later.

Note: Setting up no filters hides a potential risk for your productive system to be overloaded, as all alerts will be reported.

Save the changes. Navigate to step “Complete” and choose “Finish“.  (Optionally) Before moving forward, we can start the Exception Management Cockpit on the SAP Fiori launchpad.

4. Configure Interface and Connection Monitoring Scenario. Use transaction SOLMAN_SETUP and navigate to Application Operations Integration Monitoring Interface and Connections. Let’s create a new scenario for the SAP Cloud Platform monitoring. Go to step “Define scope“, switch to edit mode and click “Create“. Wizard will guide you through the steps:

  • Define a header information which will make your monitoring scenario distinguishable. Click “Next
  • Define systems which are going to be part of the scenario. In our use case, these are an SAP Solution Manager ABAP (technical) system and a Cloud (external) service. Choose to add them from the available lists and click “Continue“.

 

You will be forwarded directly to step “Review“. Check the summary once again, execute changes if needed and click “Save“.

Your scenario will be listed among others in Application OperationsIntegration Monitoring Interface and Connections -> step “Define Scope“. Select it and click “Next“. In “Monitoring & Alerting” jump right to sub-step “Configuration“. Now we are going to create an interface channel for the selected monitoring scenario. Change to edit mode and click “Create“.

In section General Data, define the interface type and specify the monitoring template, as it is shown on the screenshot below. (Optionally) add a description.

Click “Next“. We should define source and target for our new interface channel. In the concrete scenario, the source system is our cloud service, as the events are generated in our SAP Cloud Platform subaccount. Respectively, target is our on-premise system. Select them from the drop-down lists.

Save the changes.

Let’s maintain the new interface channel. In “Metric configurations” select the metrics you want to monitor using the checkboxes. Select Alert Notifications received from SAP CP.

Note: If the checkboxes are not editable, click the “Assigned” button, placed in section Interface channels.

You need to indicate the metric-specific parameters related to Alert Notifications received from SAP CP.  Define parameters appropriate for your use case, by using “Add parameter set“.

In the example below we’ve configured the collection of exceptions (alerts) with severity ERROR, WARNING, and INFO.

Save the changes and click “Next“.

In sub-step “Activation” double click on the interface channel’s name. If you want the metrics to be displayed in the Interface and Connection Monitoring dashboard, select the Reporting checkbox. For more Information, see Displaying an Interface and Connection Monitoring Scenario. Click on the monitored metric Alert Notification received from SAP CP and pay attention to the option “Do not Group Individual Occurrences” – the checkbox should be ON. This option allows you to have an individual alert every time the data collection determines a critical event. In brief, use this flag if you do not want consecutive critical events being grouped into one alert, i.e. notified only once.

Click the button “Apply and Activate“. Then, click “Next” and in sub-step “Complete“, choose “Finish“. The new interface channel has been activated for the selected monitoring scenario. Check this link for additional details.

Having done this step, we have completed the configuration on SAP Solution Manager’s side. Let’s test the new setup and observe the alerts collected from SAP Cloud Platform in our on-premise system.

In the SAP Cloud Platform subaccount, we are going to simulate an alert which warns about a failed attempt to update application “web-shop”, running in the same subaccount. The severity is set to “ERROR”, eventType “Failed update”. Note: The alert has been generated using the SAP Alert Notification’s API for producing events in Neo. It Is not part of the Alert Notification events catalog.

Let’s start the Exception Management cockpit on SAP Fiori launchpad. Our alert should appear there under category “SAP Cloud Platform Alert Notifications“. Double click on it. The new alert might have already been listed in section “Instance Group“.

Note: By default the data extractor operates in a way that collection of data from the SAP Cloud Platform is executed on every 5 minutes. Therefore, if the alert is still missing you might have to wait a few minutes more. If you want to extend the data collection time interval, please follow the procedure described here.

If you click on “Detail” you will be displayed with the alert details.

When an alert with different rating (green) for the same metric is reported, the status in Exception Management would be changed accordingly.

Note: Flapping states in the application’s behavior, i.e. red and green consecutive alerts reported in the same extractor collection time interval, will not be displayed in Exception Management. However, Alert Notification will send both alerts to its subscribers via Slack, e-mail (whatever is configured in the subscription in addition to the Store action).

That’s it! You can get more insights from SAP Solution Manager 7.2 Expert Portal. Explore the full potential of this integration by applying it to your hybrid landscape. Enhance this scenario and adapt it to your business and development needs. The Alert Notification will take care to inform you exclusively for events you have subscribed for. Thus, you will avoid spam and overload while being aware of the state of your mission critical cloud resources, directly reported in your on-premise SAP Solution Manager system.

Assigned Tags

      20 Comments
      You must be Logged on to comment or reply to a post.
      Author's profile photo Nishant Kathuria
      Nishant Kathuria

      Hello Milena,

      We plan to monitor an application deployed in a multi-environment subaccount (cloud foundry); Should we still choose, "NEO_CLOUD_IDENTITY" as the client type while creating a client in Alert Notification Service?

      Thanks

      Nishant Kathuria

       

      Author's profile photo Kiril Gavrailov
      Kiril Gavrailov

      Dear Nishat,

      thank you for getting in touch. For Cloud Foundry credentials management into ANS, you can refer to this help page

      In case you have any additional questions, don't hesitate to ask.

       

      Thanks,

      Kiril

      Author's profile photo Nishant Kathuria
      Nishant Kathuria

      Kiril,

      Thanks for your response. So does it mean that applications deployed on cloud foundry need to use producer APIs in the code to store the alerts in the ANS service instance? So basically there is no need to create a technical client for the CF apps?

      Regards

      Nishant Kathuria

      Author's profile photo Kiril Gavrailov
      Kiril Gavrailov

      Dear Nishant,

      If you want to post a custom alert from within the code of your app deployed on CF, yes you can do this via the producer API. However, you need a technical client in order to authenticate before the REST API. (the methods of generating the technical client in Neo and CF are different though, as described in the help)

      If you want to consume the alerts from the catalog (start/stop, hana, mobile services, etc.) you don't need a technical client, simply subscribe for them via the ANS UI.

      Don't hesitate to ask if this doesn't answer your questions.

       

      Thanks,

      Kiril

      Author's profile photo Nishant Kathuria
      Nishant Kathuria

      Thanks Kiril,

      I assume the technical client in CF will be the service instance of ANS, as described in the help url below https://help.sap.com/viewer/5967a369d4b74f7a9c2b91f5df8e6ab6/Cloud/en-US/812b6e3ed8934648ad15780cd51721ef.html

      Kindly confirm.

      Best Regards

      Nishant

      Author's profile photo Kiril Gavrailov
      Kiril Gavrailov

      Hi Nishant,

      Here's the flow.

      1. You need a subscription for ANS in cloud cockpit. In that way you have access to the producer api
      2. You have to create credentials as described here
      3. Then what is left is to execute a POST request to the API with the credentials you created and publish your alert. The easiest way to achieve this via code is by using the Alert Notification client.

      After subscribing for the service if you need support to bootstrap, we can always have a short call and help you onboard into the service, just get in touch with me at k.gavrailov at sap dot com

       

      thanks,

      Kiril

      Author's profile photo Jose De La Cruz
      Jose De La Cruz

      We had an issue in one of our production systems last week because of an expired Certificate "@eu1.hana.ondemand.com"

      Is there a way to have a template metric/alert in Solution Manager Cloud Connector Template to monitor when a certificate is about to expire?

      Thanks,

      Jose De La Cruz

      Author's profile photo Kiril Gavrailov
      Kiril Gavrailov

      Dear Jose De La Cruz,

      thank you for getting in touch. As of the moment, we do not have such kinds of alerts. We have planned cloud connector alerts for the later part of 2021.

       

      Thanks,
      Kiril

      Author's profile photo Michael T Schmidt
      Michael T Schmidt

      Hi,

      Good and informative post, thx.

      But I would really like to know a bit more about how-to "...simulate an alert"

      BTW, the link in the relevant section -  SAP Alert Notification’s API for producing events. is broken;-)

      Thanks,

      Michael

      Author's profile photo Milena Gaydeva
      Milena Gaydeva
      Blog Post Author

      Hi Michael,

      Thank you for reaching out!

      You can simulate an event of you choice using the "Send Test Event" option in your subscription, in Alert Notification.

      See more details here, in section "Testing Subscriptions".

      Do not forget to adjust the predefined JSON to match the conditions in your active subscription and just click "Send" 🙂

      The broken links have been updated.

      Best regards,

      Milena

      Author's profile photo Michael T Schmidt
      Michael T Schmidt

      Hi Milena
      That was a fast answer:-)

      Thanks, must try that now. I did try the "Send Test Event", but did not adjust anything before that;-)
      Maybe that's why i did not receive alerts in Exception Management"..

      Will report "back" later.

      Best,

      Michael

      Author's profile photo Michael T Schmidt
      Michael T Schmidt

      Hi Milena
      Just curious about the step 1 above.

      It is mentioned that there should be a menu "Security" - but that is not present in the customer system I work in now.

      See below

      Alertnotification

      Alertnotification

      How come? How to create the Endpoints?

      Thx

      Michael

      Author's profile photo Milena Gaydeva
      Milena Gaydeva
      Blog Post Author

      Hi Michel,

      It seems you are using SAP BTP account in CF environment. The example above is for account in Neo environment. However, the differences are not significant.

      Now, you need to create a Service Key for the Alert Notification instance. See more details in Credential Management for CF accounts. The value provided for property “url” is the endpoint for the service instance. There you will find the OAuth URL as well. Use the client ID and client secret from the service key’s value for authentication against the HTTP endpoint in the SolMan system.

      Hope this would help.

      Best regards,

      Milena

      Author's profile photo Michael T Schmidt
      Michael T Schmidt

      Hi Milena

      Yes, it's  CF;-)

      Thanks, then I have done the right thing with the service keys. And from SolMan status is "green" for the connection.

      But I do still have 2 questions.

      1 - When trying to test the Try Out | Cloud Foundry Producer API | SAP API Business Hub, providing the information from the same service key used for the connection in SolMan, I keep getting;

      {
      "code": 401,
      "message": "Unauthorized"
      }

      2 - Yesterday you wrote about the "Send test event" : ".. adjust the predefined JSON to match the conditions in your active subscription."

      I have tried that. Where I adjusted those in bold below. But still, nothing shows in SolMan Exception Management.

      Please advice,

      _

      {
      "eventType": "sampleType",
      "resource": {
      "resourceName": "sampleName",
      "resourceType": "sampleType",
      "tags": {
      "sampleTag": "sampleValue"
      }
      },
      "severity": "FATAL",
      "category": "ALERT",
      "subject": "Sample Event Subject",
      "body": "Sample event body.",
      "tags": {
      "ans:correlationId": "30118",
      "ans:status": "CREATE_OR_UPDATE",
      "customTag": "customTagValue"
      }
      }

      Author's profile photo Milena Gaydeva
      Milena Gaydeva
      Blog Post Author

      Hi Michael,

      I am sad to hear you are still experiencing difficulties with the integration. Please, find below some suggestions regarding your points:

      1. it’s strange that you hit 401. Please, check once again the values provided for your environment for the Cloud Foundry Producer API. The Authentication Type must be OAuth 2.0 Application Flow. Check the region and the cf domain. The service key, created for the Alert Notification instance, by default is for OAuth client credentials. The same are required for the SolMan integration.

      While configuring the HTTP Endpoint, provide just the “url” value from the service key for Root URL. No suffix is required.

      2. Did you configure the Store action, as described in the blog post? I would recommend to add a second action to the subscription – email, Slack, just to be sure the alert is delivered.

      In addition, change the severity of the alert to “ERROR”, for example.

      Best regards,

      Milena

      Author's profile photo Michael T Schmidt
      Michael T Schmidt

      Thanks again Milena

      1 - no matter how, it will not work. Have just re-checked Cloud Service endpoints etc.

      2 - I think so. (And Email action does work with no problems when setting this up)

      After reading also https://blogs.sap.com/2019/10/14/receive-notifications-for-failed-sap-cloud-platform-integration-flows-via-any-channel-with-alert-notification/ i wonder if my problem is a missing technical user with Space Auditor? (Even though I am that my self)

      Br Michael

      BTW - see attached .jpg for error message from Exception Management Selfmonitoring

      HCPerror

      HCPerror

      Author's profile photo Milena Gaydeva
      Milena Gaydeva
      Blog Post Author

      Hi Michael,

      I would recommend to open a ticket. The Alert Notification dev team will help you to troubleshoot the issue. Please, use component BC-CP-LCM-ANS, as described here. Provide details about your account (global account ID, org and space GUID, etc.) and a short description of the problem.

      Best regards,

      Milena

      Author's profile photo Michael T Schmidt
      Michael T Schmidt

      Hi Milena

      Thanks for the tip. Have suggested that in the ticket (755520 - 2021).

      But no body seems to look at it for almost a week now

      Please advice.

      Michael

      Author's profile photo Milena Gaydeva
      Milena Gaydeva
      Blog Post Author

      Hi Michael,

      We investigated the case and it seems the ticket had been created for a wrong component. The right one is  BC-CP-LCM-ANS. That caused a delay in the ticket processing.

      However, the dev team start working on the issue. They will contact you soon.

       

      Best regards,

      Milena

      Author's profile photo Michael T Schmidt
      Michael T Schmidt

      Hi Milena

      Appreciate your assistance. Hope the dev team will reach out soon so problem can be fixed.

      Thanks.

      BR, Michael