Skip to Content
Technical Articles

Monitoring of SAP Systems Using Azure Monitors – Part II

This is in continuation of my previous Article Monitoring of SAP Systems Using Azure Monitors – Part I

6. DEPLOYMENT AND CONFIGRUATION

6.1 Configuring Azure Monitors

Go to Search for Azure Monitors for SAP Solutions

Click on New

Fill up all the requested details and Next

We can add the providers later, hence click on Next

Specify the Tags, if any and click Next

Review the settings and click on Review + Create

This will be initializing the deployment

Wait for the deployment to complete and then click on Go to resource

Now we can see the deployed Azure Monitors for SAP Solutions deployed

5.2 Creating Key Vault

As we need to securely store the secrets for accessing the SAP systems, for that we need to create Key Vault. To do so, Search for Key Vault and then click on Add

Fill out all the requested fields and then click on Next: Access Policy

Enable the access and click Next: Networking

Select the required network and then click on Next: Tags

Specify the tags if required and then click Next: Review + Create

Review all the settings and then click on Create

Wait for the deployment to get finished

Add the secret to Key vault and click on Create

Wait for the secret to save inside the key vault

5.3 Adding Providers

A provider contains the connection information for the corresponding component and helps to collect telemetry data from that component. One Azure Monitor for SAP Solutions resource can be configured with multiple providers of the same provider type or multiple providers of multiple provider types.

We can choose to configure different provider types to enable data collection from corresponding component in their SAP landscape.

We can also choose to configure multiple providers of a specific provider type to reuse the same SAP monitor resource and associated managed group.

It is recommended to configure at least one provider from the available provider types at the time of deploying the SAP Monitor resource. By configuring a provider, we can initiate data collection from the corresponding component for which the provider is configured.

If we don’t configure any providers at the time of deploying SAP monitor resource, although the SAP monitor resource will be successfully deployed, no telemetry data will be collected.

5.3.1 Configuring SAP HANA

We can configure one or more providers of provider type SAP HANA to enable data collection from SAP HANA database. The SAP HANA provider connects to the SAP HANA database over SQL port, pulls telemetry data from the database, and pushes it to the Log Analytics workspace in the subscription. The SAP HANA provider collects data every 1 minute from the SAP HANA database.

To add provider, we need to go to Providers in deployed Azure Monitor resource and click on Add

Select Type as SAP HANA and further details will be asked

Fill all the below connectivity details

  • Input the Private IP for the HANA server.
  • Input the name of the Database tenant you want to use. We can choose any tenant however, we are using SYSTEMDB here as it enables a wider array of monitoring areas.
  • Input the SQL port number associated with your HANA database. The port number should be in the format of [3] + [instance#] + [13]. For example, 31013.
  • Input the Database username you want to use. Ensure that database user has the monitoring and catalog read roles assigned.

Select for key vault which contains the secret for accessing HANA

Select the Key Vault and then click on Secret

Now click on Create

Wait for the connection to be Successful

5.3.2 Linux Operating System

We can configure one or more providers of provider type OS (Linux) to enable data collection from BareMetal or VM Node. The OS (Linux) provider connects to BareMetal or VM Nodes, using Node_Exporter endpoint, pulls telemetry data from the Nodes and pushes it to Log Analytics workspace in the customer subscription. OS (Linux) provider collects data every 60 seconds for most of the metrics from Nodes.

5.3.2.1 Installing Node Explorer

To install Node Explorer we need to go to page https://prometheus.io/download/ and download the required package

Transfer the package to OS and then extract the package

Navigate to the location of the extraction and start the Node Explorer

We can see the telemetry data populated on 9100 port

5.3.2.2 Adding OS Provider to Azure Monitor

To configure the OS (Linux) Provider, we need to add provide with following details and then click on Create

  • Name – A name for this provider. It should be unique for this Azure Monitor for SAP solutions instance.
  • Node Exporter Endpoint – Usually it should be http://<hostname>:9100/metrics

Wait for the connection to be established.

5.3.3 Configuring SAP NetWeaver

We can configure one or more providers of provider type SAP NetWeaver to enable data collection from SAP NetWeaver. NetWeaver provider leverages the existing SAPControl webservice interface to retrieve the appropriate telemetry information.

For the current release, below are the standard out-of-box SOAP web methods invoked by Azure Monitor.

Web Method ABAP JAVA Metrics
GetSystemInstanceList X X Instance Availability, Message Server, Gateway, ICM, ABAP Availability
GetProcessList X X If instance List is RED, we can get what Process causing that server to be RED
GetQueueStatistics X X Queue Statistics (DIA/BATCH/UPD)
ABAPGetWPTable X Work Process Utilization
EnqGetStatistics X X Locks

To add provider, we need to go to Provider and then click on Add

Fill out the requested details: –

  • Input the hostname of the SAP system and Subdomain (if applicable)
  • Enter the Instance number corresponding to the hostname entered
  • Enter the System ID (SID)

Wait for the provider to get successful connection to the system

5.3.4 Configuring High-Availability Pacemaker Cluster

We can configure one or more providers of provider type High-availability cluster to enable data collection from Pacemaker cluster within the SAP landscape. The High-availability cluster provider connects to Pacemaker, using ha_cluster_exporter endpoint, pulls telemetry data from the database and pushes it to Log Analytics workspace in the customer subscription. High-availability cluster provider collects data every 60 seconds from Pacemaker.

5.3.4.1 Installing HA Cluster Explorer

Install ha_cluster_exporter in each node within the Pacemaker cluster.

Clone the github repository to the machine

Use Zypper command to install the HA Cluster Explorer

Run the explorer in background so that data collection can be done

5.3.4.2 Adding HA Pacemaker Cluster to Azure Monitor

Configure a High-availability cluster provider for each node within the Pacemaker cluster.

Fill the following information and then click Create

  • Name – A name for this provider. It should be unique for this Azure Monitor for SAP solutions instance.
  • Prometheus Endpoint – http://<servername or ip address>:9664/metrics.
  • SID – Use the SAP SID.
  • Cluster name – The cluster name used when creating the cluster. The cluster name can be found in the cluster property cluster-name.
  • Hostname – The Linux hostname of the VM.

Wait for the provider for creating a successful connection to Cluster

5.3.5 Configuring Microsoft SQL Server

We can configure one or more providers of provider type Microsoft SQL Server to enable data collection from SQL Server on Virtual Machines. SQL Server provider connects to Microsoft SQL Server over the SQL port, pulls telemetry data from the database, and pushes it to the Log Analytics workspace in the customer subscription. The SQL Server must be configured for SQL authentication and a SQL Server login, with the SAP DB as the default database for the provider, must be created. SQL Server provider collects data between every 60 seconds up to every hour from SQL server.

5.3.5.1 Creation of User

To connect to MSSQL server, a user must be created at the database level so that providers from Azure Monitor can connect to MSSQL Server using this user. User must have all the required authorizations and role to extract the required telemetry data.

We can run the below MS script in SQL Server Management Studio to create a user with the appropriate permissions needed to configure the provider

USE [<Database to monitor>]
DROP USER [<user name>]
GO
USE [master]
DROP USER [<user name>]
DROP LOGIN [<user name>]
GO
CREATE LOGIN [<user name>] WITH PASSWORD=N'<password>', DEFAULT_DATABASE=[<Database to monitor>], DEFAULT_LANGUAGE=[us_english], CHECK_EXPIRATION=OFF, CHECK_POLICY=OFF
CREATE USER <user name> FOR LOGIN <user name>
ALTER ROLE [db_datareader] ADD MEMBER [<user name>]
ALTER ROLE [db_denydatawriter] ADD MEMBER [<user name>]
GRANT CONNECT TO <user name>
GRANT VIEW SERVER STATE TO <user name>
GRANT VIEW SERVER STATE TO <user name>
GRANT VIEW ANY DEFINITION TO <user name>
GRANT EXEC ON xp_readerrorlog TO <user name>
GO
USE [<Database to monitor>]
CREATE USER [<user name>] FOR LOGIN [<user name>]
ALTER ROLE [db_datareader] ADD MEMBER [<user name>]
ALTER ROLE [db_denydatawriter] ADD MEMBER [<user name>]
GO

5.3.5.2 Adding MSSQL Provider to Azure Monitor

After selecting the Add Provider we need to select Microsoft SQL Server from the drop-down menu. And then fill out all the requested details so that Provider can connect to MSSQL Server

Wait for the connection to be successful.

This is end of Part – II, in next part Monitoring of SAP Systems Using Azure Monitors – Part III of this article you can find more information about Dashboards, Workbooks and Displaying Graphs using Azure Monitors for SAP Solutions.

4 Comments
You must be Logged on to comment or reply to a post.
  • Dear Jaskirat,

    many thanks for clarification about the Monitoring of SAP Hana and Netweaver.

    I tried myself and could get the Hana part runnin without a problem.

     

    However, a problem occured in the Netweaver provider.

    The Netweaver provider was successfully deployed:

    1. Logs are comming into the log monitor:
    SID_s
    A4H
     
    dispstatus_s
    SAPControl-GREEN
     
    features_s
    ABAP|GATEWAY|ICMAN|IGS
     
    hostname_s
    vhcala4hci
     
    httpPort_d
    50013
     
    httpsPort_d
    50014
     
    instanceNr_d
    0
     
    serverTimestamp_t [UTC]
    2021-06-01T08:38:34.158Z
     
    startPriority_s
    3
     
    timestamp_t [UTC]
    2021-06-01T08:38:34.217Z
     
    Type
    SapNetweaver_GetSystemInstanceList_CL

     

    3. but the Performance workbook shows no data:

     

    I removed the Webmethods from the Protected list in Netweaver instance via RZ10 and restarted the instance as stated in the docs:

    service/protectedwebmethods = SDEFAULT -GetQueueStatistic –ABAPGetWPTable –EnqGetStatistic –GetProcessList

     

    I thought they should also appear in the logs during access, but they aren't.

    Only the unprotected method GetSystemInstanceList seems to be running:

     

     

    I checked the also the queue of the Netweaver provider and it seems the methods are executed but the data is not displayed in the workbook:

     

    Do you have an idea whats going on? Do the webmethods GetQueueStatistic  ,ABAPGetWPTable  , EnqGetStatistic ,GetProcessList  in your configuration show up in the above Custom logs?

    Would appreciate if you could help...

     

    Thanks,

    Yukon

     

     

    • Hi Yukon

       

      There could be potential two reasons:

      1. While onboarding the SAP NW Provider , did you provide the "Hostname" or "IPAddress"? did you add "Subdomain"(FQDN)? we highly recommend customers to provide Hostname and FQDN for successful onboarding.
      2. once the Webmethods are unprotected, you have to restart the "sapstartsrv" service either using MMC(if it is windows) or using the below for Linux based systems : sapcontrol -nr <NR> -function RestartService. This won't take effect if you restart the instance.

       

      Please let me know if this resolves your issue.

      Thanks

      Ram

  • Dear Ram,

    thanks for your reply.

    Background: I use the SAP cloud applicance library where I could successfully deploy the solution into my Azure trial subscription.

    for 1.

    I tried with IP Adress and hostname.

    For IP Adress no big deal. For hostname well, I tried the SAPHost 'vhcala4hci' wich gave me an deployment error. However, deployment worked with the name of the running Azure VM (hosting Hana DB and SAP Netweaver):

    Computername: sid-a4h-hdb

    But either way: no data retrieved by the Netweaver provider.

     

    For the webmethods parameter service/protectedwebmethods  I tried out 2 configurations  wich both

    successfully unprotect them, but unfortunatley lead to  the same no data issue .

           * SDEFAULT -GetQueueStatistic –ABAPGetWPTable –EnqGetStatistic –GetProcessList

    * NONE

    for 2.

    Subdomain, good point. Everytime I choosed 'no'. So I  went with the non-domain joined SAP Instance option - what is meant by this term? Maybe I haven't one.

    I think I never saw an example with subdomain specification for AMS?

    Do I have one? Wich is my fully qualified subdomain name? From where can I get the name?

    Don't know if this the right place to check it out: I peeked into the concerned VM's configuration for DNS Name label - wich is not configured for the VM 'sid-a4h-hdb'.

    It would resolve with addition of the default Azure DNS name:   westeurope.cloudapp.azure.com

    See pictures:

    VM%20sid-a4h-hdb

    VM sid-a4h-hdb

    DNS%20Name%20configuration%20Azure%20default

    DNS Name configuration Azure default

     

    Yes , I opened up a Basic support ticket : 2106040050002235 last week.

    June, 4th. Not sure if there is any progress.

     

    Yukon

    • hi Yukon

       

      Thank you for the details and ticket, let me check with support team, will reach you through the ticket. You can find the Domain name in SAP via T-code : SCICM--> click on Services button(Shift+F1)

       

      Thanks

      Ram