Central SSL Certificate Monitoring in SAP Focused Run

Purpose

You can configure monitors to monitor the SSL certificate of a URL using Health Monitoring functionality in SAP Focused Run system. This monitor measures the remaining validity (in days) of a SSL certificate for a https call to a URL. The URL is called by Simple Diagnostics Agent of a designated host in your customer network.

In our previous blog, we have shown how you can monitor availability of critical OS processes via Health Monitoring.

The Health Monitoring app also provides a separate section called as URL Certificate Monitor where in you can centrally monitor expiry of SSL certificates of any https URL.

To navigate to URL Certificates monitor you can click on the URL Certificate button as shown below in the navigation panel of the app.

Setup

To configure URL Certificate monitors , navigate to the Configuration area, expand the Metrics node and click on the change button.

In the popup window click on the Add Metric.

In the Metric Configuration window enter the following details in the General tab.

FieldDescription
Metric NameA meaningful name to the monitor
URLURL whose certificate to be monitored.
Proxy URL (Optional)The Proxy URL if the URL is accessible via a proxy URL
Customer NetworkThe Customer Network to which this URL belongs. The designated SDA from this customer network will be performing the check.
Technical System (Optional)You can optionally link this monitor to a specific cloud service you have registered in your LMDB. This is the Cloud Service you would have created if you are using AIM scenario for Cloud Service Monitoring. Select from the drop down.
Collection IntervalFrequency of data collection. Select from available options.
ThresholdThreshold for remaining days for expiry. By default 200 Days for Yellow and 100 days for Red.

Additionally and optionally in the Alert Settings tab you can activate alerting and notification settings as shown below.

That’s it, now your monitor is active. To monitor navigate to the URL Certificate tab in the Health Monitoring App .

You can also refer to this SAP documentation to know more about various features available with Focused Run Health Monitoring.

Monitoring critical OS processes through Health Monitoring

SAP Focused Run Health Monitoring helps us to extend monitoring capabilities to Non SAP world. It provides us with many monitoring functionalities like URL Availability & Performance monitoring, URL Certificate Monitoring, OS Script Monitoring, OS Process Monitoring & Logfile Monitoring . We can activate these monitoring functionalities whether its a SAP or Non SAP application

With OS Process Monitoring functionality we can monitor the availability of critical OS level processes on any host.

With System Monitoring templates you can also activate custom metric for monitoring OS processes however this will be applicable for all system/hosts for which you activate the template.

For monitoring critical OS processes for specific hosts you need to setup using Health Monitoring functionality.

To access Health Monitoring functionality you can navigate to Health Monitoring app in the Focused Run launch pad.

Prerequisite

The only prerequisite for configuring OS process monitor in Health Monitoring is that you should have registered the host and deployed Simple Diagnostic Agent (SDA) on the host where you want to monitor the critical process.

Setup

For setting up the OS process monitor you need to navigate to the settings page of the Health Monitoring App.

In the settings area expand the metrics node and click on the pencil button (Edit Metric) for OS Processes.

In the OS Process edit metric screen click on Add Metric button to start creating the OS Process Metric.

In Add Metric screen enter the following details

FieldDescription
Process NameName of the OS process. This parameter needs to be maintained as a regular expression. SDA will use this expression for searching for the respective OS process at OS level.
User (Optional)You can further restrict the search for processes running through a specific user. You need to enter the name as a regular expression
Command Line (Optional)You can further restrict by the specific command line with which the process is running . This is specifically useful if there are multiple processes running with the same name but you want to monitor the process which is running with a specific argument or parameter. This also needs to be maintained as regular expression.
HostnameName of the host where the process to be monitored. You can select from a list of all hosts connected (also SDA deployed) to the Focused Run system.

In the General Settings tab you can also specify the data collection frequency and the threshold. By default 5 minutes frequency and Already Rated threshold is set.

Optionally you can update the alert settings for this metric in the Alert Settings tab. By default alerting is active with medium severity.

After entering all details, to activate the metric click on Save button.

You can monitor all you OS process metrics in the OS Processes tab of the Health Monitoring App.