Available CCDB Config Stores

FRUN Configuration and Security Analytics Collector Framework (CSA CF) extracts a comprehensive set of configuration data from managed systems into the the FRUN Configuration and Change Database (CCDB). Data is stored in containers, the-so-called Config Stores. Each Config Store stores data of the same semantics. 

This document provides a list of Config Stores that are available for the most common Technical System Types. In addition we show simple ways for looking into the detail structure and content of Config Stores and for getting a list of all available Config Stores.

Note: To take advantage of latest CCDB content, the Managed Systems must be prepared and regularly updated with latest versions of standard software components for SAP Service Content:

  • ABAP ST-PI 
    Starting with FRUN 2.0 FP03, ST-PI 7.40 SP08 or higher must be implemented. 
  • ABAP ST/A-PI 

The following Config Stores are available:

  • ABAP Database Interface
  • ABAP Generic Whitelists Information
  • ABAP Notes
  • ABAP Scenario-Based Checks Information
  • ABAP Secure Storage Encryption Key status
  • ABAP UCON RFC Basic Scenario
  • ABAP UCON http white list Scenario
  • ABAP UCON http white list Scenario
  • ABAP clients (T000)
  • Audit log (Configuration)
  • Audit log (CONFIGURATION_SLOT)
  • Audit log (Configuration XML)
  • BW administration settings (RSADMIN)
  • BW customer control table (RSADMINA)
  • BW customizing table (RSADMINC)
  • BWfrontend (RSFRONTENDINIT)
  • BW source system transfer
  • BW system settings (RSADMINS)
  • Clients - Change log
  • Component change settings
  • Crypto library version
  • Customizing settings for authorization process
  • Default profile
  • Environment variables
  • Gateway proxy
  • Gateway registry

  • Gateway security
  • Global change setting
  • Global change setting - Change log
  • HTTP Whitelist
  • HTTP Whitelist (UCON Client dependent)
  • HTTP Whitelist (UCON)
  • Host - Installed software packages
  • Host configuration
  • http services (SICF)
  • IGS Manifest
  • Installed software packages
  • Instance parameter
  • Instance profile
  • License
  • Maintenance areas for tables
  • Message server security
  • Namespace change settings
  • Namespace change settings - Change log
  • PSE certificates
  • Path for backup and authorization
  • Permitted trusted systems
  • RFC destinations
  • SAINT/SPAM level
  • SAP Kernel
  • RFC destinations type '3'
  • RFC destinations type 'G'
  • RFC destinations type 'H'
  • RFC destinations type 'L'
  • RFC destinations type 'T'

  • SAPUI5 library
  • SAPUI5 version
  • SCS profile
  • SMLT Languages
  • SNC Access Control List (ACL)
  • SSO2 - Access control list
  • Security policy
  • Session management
  • Set Values for the Session Manager / Profile Generator
  • Software component level
  • Standard users
  • System Hosts
  • Transports
  • Usage of password hashing
  • User by authorization check
  • User with SAP_ALL profile
  • User with cust. profiles
  • Virus scan groups
  • Virus scan server
  • XMS: Integration Engine Conf. Parameters (Client)
  • XMS: Integration Engine Configuration Parameters
 

Additional Config Stores are available for customized use (see section Custom Config Stores for Application Server ABAP)

  • Users with critical authorizations
  • Roles with critical authorizations

  • Users with critical  profiles
  • Users with critical transactions

  • Users of a user type
  • Users with critical role combinations

  • Central service profile
  • Default profile
  • Instance profile
  • Kernel
  • Services

  • HTTP destinations
  • RFC destinations
  • Global RFC destinations
  • HTTP Hosts
  • SPML Interface

  • Clickjacking
  • Log Configuration
  • J2EE cluster node parameter
  • J2EE PSE Certificates

  • HANA Version
  • HANA Parameter
  • HANA PSE Certificates (from DB table CERTIFICATES)

  • HANA User 'SYSTEM' status
  • HANA Audit Policies
  • HANA Encryption

  • Installed Licenses
  • XSA Version (installed on HANA)

SAP ASE (Adaptive Server Enterprise)

  • Parameter

Oracle

  • Parameter

SAP MAX DB

  • MaxDB Version
  • MaxDB General Parameter
  • MaxDB Extended Parameter
  • MaxDB Support Parameter

IBM DB6

  • Level
  • Manager Configuration
  • Configuration
  • Registry

SAP Host Agent

  • Version
  • host_profile

Host configuration

  • SAP_ITSAMComputerSystem
  • SAP_ITSAMOperatingSystem
  • SAP_ITSAMProcessor

Host - Installed software packages

  • HOST_SOFTWARE_PACKAGES

SAP Cloud Connector (as of FRUN 2.0 FP 03)

  • Accounts 
  • Accounts (trusted applications)
  • Backends
  • Backends (allowed clients in ABAP backends)
  • Backends (ABAP Blacklist)
  • Backends - Resources
  • Configuration
  • JVM Parameter
  • Trusted Configuration (Trusted Applications)
  • Trusted Configuration (Trusted IDP)
  • Version

SAP WebDispatcher (standalone)

  • Default profile
  • Instance profile

Note: In Versions lower than SAP Focused Run 2.0 FP 03 the instance profile is stored in Config Stores containing the SID and hostname (WEB_<SID>_<HOSTNAME>).  

FAQ

  1. Start CSA Application from FRUN Launchpad
  2. Start the Store Browser
  3. Select a system to display the Config Stores available for this system
  4. At Click on a Config Store, a new section Items opens at the bottom of the page:
  5. Check out the general structure of the config store with key and value fields as well as all the items stored
    (e.g. the HANA Version in HDB_VERSION or all the parameters with their values in HDB_PARAMETER)

CSA Store Browser. How to select a system and a config store

Figure: Finding a config store in the CSA Store Browser

Figure: Displaying the Items of a Config Store

  1. Start the Configuration & Security Analytics from FRUN Launchpad.
  2. Start the Search application.
  3. Use the drop-down box for Config Stores to check for relevant stores:
    Use the SCI Id on the left for checking details of the SCI Template in CSA Template Management.
    Use the Information on the right for checking config store content in detail.

Figure: Finding Config Stores in the F4-help of CSA SEARCH application

The following Config Store types exist:

  • 2-Column based Stores
  • 2-key and 1-data column Store
  • Event Store
  • Text Store
  • Binary Store
  • Event Store
  • Individual Table Stores
  • Generic Table Stores

All Config Stores are persisted in transparent tables of the ABAP Dictionary. Each table can store data from multiple Config Stores based on a compatible structure of data. The general naming convention of CCDB tables in ABAP Dictionary is CCDB_DATA_*.