How it works
Luumen ingests notes from SAP
Notes are pulled in continuously as SAP publishes them. Each note carries its identifier, CVSS score, description, affected products, and recommended fix.
AI summarizes the note
Luumen generates a human-readable summary, classifies severity and impact, and extracts the SAP components and versions the note affects.
Luumen matches notes to hosts
Each note is compared against the
SAP Components property reported for each host. Hosts that have an affected component (at an affected version) are flagged as exposed.Irrelevant notes are auto-resolved
Notes with no matching hosts in your fleet are marked Resolved automatically — they don’t clutter the active list.
Where to find them in the UI
Open System Alerts → SAP Security Notes to see the current list. Two tabs at the top:- Unresolved — notes that match at least one host in your fleet and need attention.
- Resolved — notes auto-resolved because no hosts match, plus any you’ve manually resolved.
| Column | Description |
|---|---|
| CVSS | Severity score and label (Critical, High, Medium, Low). |
| Name | SAP note ID, CVE identifier when present, and a short title. |
| Days Open | Days since the note was published or first detected as relevant to you. |
| Hosts | Count of hosts in your fleet affected by this note. |
Triage flow
When a new note appears as Unresolved:- Open the note and read the AI summary to understand the impact.
- Click into the Affected hosts list to see which hosts in your fleet are exposed.
- Decide on a remediation path — typically applying the SAP-recommended fix (often itself an SAP Note / transport) on each affected host.
- After applying the fix and the next agent run, the note’s component versions should no longer match. The note moves to Resolved automatically.
Why a note might be missing
If you expect a specific note to appear and don’t see it, the most common cause is missing component data:- The matching engine uses the
SAP Componentsproperty. If a host has no value for that property, no security note can match against it. - See SAP security notes troubleshooting for the diagnostic flow.