In working with multiple customer SAP environments. Based on the docs, an SAP connector is required for each environment. But how would it work on the Sentinel side? In testing, when deploying another Solution, it doesn't create another data connector, just duplicates the workbook and analytic rules. Is it possible, at this point, to have multiple environments and SAP connectors feed into a single data connector? The Watchlists can help delineate some of the data, but my concern is with data duplication. Or would it require separate log analytics workspaces / Sentinel instances be required and then utilize cross workspace queries to pull everything into our central Sentinel.

Second question, in getting this set up in a test environment, we followed the docs and verified everything on the SAP side is configured properly. However, the ABAPAudit logs are not being sent to Sentinel. In the docker logs and connector logs, we can see that the Audit logs are available for extraction but nothing gets sent. There is data in the audit logs, so missing data isn't an issue. The systemconfig.ini is set to True for the Audit Logs. The API.log shows that 4 data sources are being sent and we confirmed in the LAW that they are sending logs, however nothing from the Audit logs so the connector is showing as disconnected due to ABAPAuditLog_CL not having any data.