I LOVE SAP

Blog for BASIS Knowledge sharing

«
»

Security Audit Log

Posted by Della on November 17, 2009

The Security Audit Log is a tool designed for auditors who need to take a detailed look at what occurs in the SAP System. By activating the audit log, you keep a record of those activities you consider relevant for auditing. You can then access this information for evaluation in the form of an audit analysis report.

The audit log’s main objective is to record:

  • Security-related changes to the SAP System environment
    (for example, changes to user master records)
  • Information that provides a higher level of transparency
    (for example, successful and unsuccessful logon attempts)
  • Information that enables the reconstruction of a series of events
    (for example, successful or unsuccessful transaction starts)

Specifically, you can record the following information in the Security Audit Log:

  • Successful and unsuccessful dialog logon attempts
  • Successful and unsuccessful RFC logon attempts
  • RFC calls to function modules
  • Successful and unsuccessful transaction starts
  • Successful and unsuccessful report starts
  • Changes to user master records
  • Changes to the audit configuration

To configure the audit log –> sm19

To see the audit log –> sm20

To delete old log –> sm 18

 

Before you activate the audit log you have to setup several parameters in RZ10 :

 

rsau/enable: Set to 1 to activates audit logging
rsau/local/file: Name and location of the audit log file
rsau/max_diskspace/local: Max. space of the audit file. If maximum size is reached auditing stops.
rsau/selection_slots: Max. number of filters

rsau/enable: Set to 1 to activates audit loggingrsau/local/file: Name and location of the audit log filersau/max_diskspace/local: Max. space of the audit file. If maximum size is reached auditing stops.rsau/selection_slots: Max. number of filters

the maximum size of an audit file is 2 gigabytes for a single day, so the in case of profile parameter rsau/max_diskspace/local the min value is 1000000kb & maximum value is 2GB

For profile parameter rsau/max_diskspace/per_file minimum is 1MB & Maximum is 2 GB

For rsau/max_diskspace/per_day minimum value should be 3*per_file & maximum 1024 GB.So check these parameter.

For more detail see the following page  http://help.sap.com/saphelp_nw04/helpdata/EN/2c/c59d37d373243de10000009b38f8cf/frameset.htm

 

This entry was posted on November 17, 2009 at 10:00 am and is filed under Log File. Tagged: , , , , , , , . You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

3 Responses to “Security Audit Log”

  1. Advanced Planning and Scheduling said

    December 10, 2009 at 3:51 pm

    Wonderful post, I have to dig this further I believe. Sure visit this blog more often.

    Reply

  2. sumit said

    March 27, 2012 at 12:34 pm

    i have ecc 6 . i set all the parameters. security audit profile is also activated. file is also created but in SM 20 it’s showing “The result set for this selection was empty”.

    Reply

    • Della said

      March 27, 2012 at 12:51 pm

      hi Sumit, thanks for reading my blog
      but i’m so sorry… i’m not working as a Basis Consultant again since last year, so I can’t help you to answer your question, because I totally forgot :(
      sorry :(

      Reply

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

«
»
 
Follow

Get every new post delivered to your Inbox.