Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

GRC RFC Function Module GRAC_API_RISK_ANALYSIS no results

Go to solution
daniel92
Explorer

on ‎2019 Apr 16 2:15 PM

0 Likes
2,772

Hello everybody,

I want to access the Function Module GRAC_API_RISK_ANALYSIS by pyrfc.

The result of the call is:

{'ET_ACT_EXEC_SUM': [], 'ET_ACT_MGMT_SUM': [], 'ET_ACT_VIOL_DET': [], 'ET_ACT_VIOL_SUM': [], 'ET_ANALYTICAL_REPORT_SUM': [], 'ET_CRACT_EXEC_SUM': [], 'ET_CRACT_MGMT_SUM': [], 'ET_CRACT_VIOL_DET': [], 'ET_CRACT_VIOL_SUM': [], 'ET_CROLEPROF_VIOL_SUM': [], 'ET_CRPRM_EXEC_SUM': [], 'ET_CRPRM_MGMT_SUM': [], 'ET_CRPRM_VIOL_DET': [], 'ET_CRPRM_VIOL_SUM': [], 'ET_MITIGATION_SUM': [], 'ET_PRM_EXEC_SUM': [], 'ET_PRM_MGMT_SUM': [], 'ET_PRM_VIOL_DET': [], 'ET_PRM_VIOL_SUM': [], 'EV_RETURN_MSG': {'TYPE': 'S', 'ID': 'GRAC_SOD_MESSAGES', 'NUMBER': '300', 'MESSAGE': 'Risk analysis finished successfully', 'LOG_NO': '', 'LOG_MSG_NO': '000000', 'MESSAGE_V1': '', 'MESSAGE_V2': '', 'MESSAGE_V3': '', 'MESSAGE_V4': '', 'PARAMETER': '', 'ROW': 0, 'FIELD': '', 'SYSTEM': ''}}

As you can see, all the values are empty.

But for Users with Roles/Profiles like SAP_ALL there should be a lot of risks.

How could I use the Function Module to get correct results?

Used Python Code:

value1 = {u'SIGN':'I',u'OPTION':'EQ',u'LOW':'USERNAME'}
value2 = {u'SIGN':'I',u'OPTION':'EQ',u'LOW':'CLIENTNAME'}
value3 = {u'SIGN':'I',u'OPTION':'EQ',u'LOW':'Global'}
value4 = {u'SIGN':'I',u'OPTION':'EQ',u'LOW':'0',u'HIGH':'4'}
       
result = conn.call('GRAC_API_RISK_ANALYSIS',
                     IT_OBJECT_RANGE = [value1],
                     IT_SYS_RANGE = [value2],
                     IT_RULESETID_RANGE = [value3], 
                     IT_RISKLEVEL_RANGE = [value4],
                     IV_OBJECT_TYPE = 1,
                     #IT_USER_TYPE = 'A',
                     #IV_OFFLINE_ANALYSIS = 'X',
                     #IV_ANALYSIS_MODE = '01',
                     IT_REPORT_TYPE = '01',
                     )

Know the answer?

Help others by sharing your knowledge.

Answer

Need more details?

Request clarification before answering.

Show replies
Show replies
former_member738265
Discoverer
‎2021 Apr 07 7:56 PM
0 Likes

HI,

can i know why you have declared the values for parameters (IT_OBJECT_RANGE, IT_SYS_RANGE, IT_RULESETID_RANGE,IT_RISKLEVEL_RANGE ) as a dictionary (key:value) pair. I am dealing with same scenario of using python to communicate with SAP and was getting empty values from SAP just like in your case. Can you please guide me what i should put as the key,value pair for my parameters

Thank you

daniel92
Explorer
‎2021 Apr 08 8:06 AM
0 Likes

Hi,

the dictionary is used because as you can see on some parameters there is a *_RANGE.

This is like a multiselection field in SAP GUI where you can set "from value" to "to value"

You have to change the last parameters to your needs.

Here is an example:

def grc_analysis(rfc_user, rfc_pw, rfc_ashost, rfc_asnr, rfc_client, rolename):
       value1 = {u'SIGN':'I',u'OPTION':'EQ',u'LOW':'SYSTEMNAME'}
       value2 = {u'SIGN':'I',u'OPTION':'EQ',u'LOW':rolename}
       value3 = {u'SIGN':'I',u'OPTION':'EQ',u'LOW':'RULESETNAME'}
       conn = Connection(ashost=rfc_ashost, sysnr=rfc_asnr, client=rfc_client, user=rfc_user, passwd=rfc_pw)
       r = conn.call('GRAC_API_RISK_ANALYSIS',
                     IT_SYS_RANGE = [value1],
                     IT_OBJECT_RANGE = [value2],
                     IV_OBJECT_TYPE = 2,
                     IT_REPORT_TYPE = '01',
                     IT_RULESETID_RANGE = [value3], 
                     )
       print(r)

Accepted Solutions (1)

Accepted Solutions (1)

daniel92
Explorer
‎2019 Apr 29 2:15 PM
0 Likes

I´ve got the solution:

The IT_RULESETID_RANGE parameter needs the name of the vlue of the parameter in upper letters. So if your name of the rule id is "test" you need to set "TEST".

You can check the input parameters by SE30 old, if you run a program which uses the needed function module.

Show replies
Show replies

Answers (3)

Answers (3)

madhusap
Active Contributor
‎2019 Apr 17 9:50 AM

Hi Daniel,

This function module works perfectly. Are you passing the following details highlighted?

Prerequisite: Just make sure rules are already setup in GRC system and are generated. Also cross check if you are able to get the risk analysis results when you execute the risk analysis directly from path NWBC -> Access Management -> User Level Analysis

Input Values

Output Values

Regards,

Madhu

Show replies
Show replies
daniel92
Explorer
‎2019 Apr 29 9:57 AM
0 Likes

Hi Madhu,

Could you please send me your import parameters?

Maybe I will have there a mistake.

Do I need to fill the parameter IT_SIMULATION?

Thank you in advance

Regards,

Daniel

Show replies
Show replies
daniel92
Explorer
‎2019 Apr 17 4:32 PM
0 Likes

Hi Madhu,

thank you very much for your answer!

In NWBC I can execute the analysis successfully.
But in the SE80 Testsequence or by pyrfc I get no results.

I think my input parameters are wrong.
Could you please add a screenshot of your inputdata fields from the function model test?

My input variables are:

value1 = {u'SIGN':'I',u'OPTION':'EQ',u'LOW':'A12CLNTXXX'}
value2 = {u'SIGN':'I',u'OPTION':'EQ',u'LOW':'DXXX'}
value3 = {u'SIGN':'I',u'OPTION':'EQ',u'LOW':'Global'}
#value4 = {u'CONNECTOR':'A12CLNTXXX',u'S':'EQ',u'LOW':''}

rseult = conn.call('GRAC_API_RISK_ANALYSIS',
                     IT_SYS_RANGE = [value1],
                     IT_OBJECT_RANGE = [value2],
                     IV_OBJECT_TYPE = 1,
                     IT_REPORT_TYPE = '01',
                     IT_USER_TYPE = 'A',
                     IT_RULESETID_RANGE = [value3], 
                     #IT_SIMULATION = [value4]
Show replies
Show replies
Ask a Question