Вы находитесь на странице: 1из 8

Copy 1 459 words

The transaction codes used in the SAP application can be basically categorized into functional and
technical. The transaction codes are specific to various functions of the SAP application like payment
methods, audit logs, reports, workflow and user administration. The transaction codes are the shortcut
codes that can be used to save time and effort of the SAP users. The codes can be used to directly
navigate to the desired screen in the application. With the use of these transaction codes, the users need
not go through the online documentation to understand and use the long navigation path to move to a
desired screen. These codes can be executed in the command field of the application.
The transaction code SM19 is helpful to specify the activities that can be logged in the audit log. The
transaction code SM20 is useful to read the audit logs generated by SM19. The transaction code SM18
is useful to delete the old audit logs.
Security audit can be figured using the kernel parameters. The kernel parameters can be configured in
the place of the profile parameters. The kernel parameters can be found by navigating to a new tab with
the help of the transaction code SM19. The parameter values can be configured dynamically. Once
these values are configured they override the configuration settings in the profile parameters.
The security audit log is useful to record the security specific information in the SAP application. The
examples of recorded information include changes to the user master records and the failed login
attempts by the users. The security audit log is useful for the security auditors to understand what is
happening within the SAP application. When the audit log is activated, the activities that are enabled
for auditing are recorded in the system. Then, an audit report can be generated from this recorded
information for security audit purposes.
The following transaction information can be logged in the security audit log.
The successful and failed login attempts in the dialog screens of the application
The successful and failed login attempts in the RFC
RFC calls to function modules
Modifications to user master records
The successful and failed starts of the user transactions
Alterations to the audit configuration
The audit files are located on the individual application servers. You can specify the location of the files
and their maximum size in the following profile parameters:

rsau/enable Enables the audit log generation in the application server


rsau/local/file Configure the location to store the audit log file on the application server.
rsau/max_diskspace_local Configure the maximum size for the audit log. After reaching this
size, the auditing stops automatically.
rsau/selection_slots Configure the number of selection slots or filters for the audit.

These configurations become active only after the instance is restarted.

Copy 2 530 words


The SAP application has a transaction code specific to its each function. The codes contain letters,
numbers or both of these. The transaction codes help in easy and fast navigation. With the help of
transaction code, the user can skip using the menu for navigation. The user can easily move to desired
task and start the function in a single step.
The security audit log in the SAP application helps the auditors in the company to analyze what is
happening in the SAP application. The audit log records the activities the auditors want to analyze. On
a daily basis, the audit information is stored in the audit log file in the application server. Then, the
auditors can generate an audit report from this logged information and then make required security
analysis useful for the organization.
The audit log files are generated and stored in the application servers. You can make the audit log
configurations in the following parameters:
rsau/enable Enables the generation of audit logs
rsau/local/file Specify the location to store the audit log file on the application server.
rsau/max_diskspace_local Specify the maximum size for the audit log. When the size limit
reaches, the auditing stops automatically.
rsau/selection_slots Specify the number of selection slots or filters for the audit.
These configurations become active only after the instance is restarted.
The audit log filters can be configured in the security audit log configuration screen. The screen can be
accessed with the navigation path menu> Tools-> Administration-> Monitor-> Security Audit Log->
Configuration or by using the transaction code SM19. Filters define what can be recorded in the audit
logs. The following filters can be specified:
The User(s) or Client(s) that should be audited
Audit class (for example, dialog or RFC attempt, start of transaction or report)
Importance of the event (critical, important)
Filters can be either static that are permanent or dynamic that are temporary. The static filters are stored
in the SAP database. The filter that defines which event need to be recorded can be used by all the
application servers. When a static profile is saved and activated, it is loaded when the application server
starts next time.
The dynamic filters can be activated anytime to filter for the selected application events. Later, these
dynamic filters can be automatically distributed to all active application servers. The Audit Log can be
scanned for a period of time, user, transaction, report, etc.
The Security Audit Log records the transactions in an audit file on a daily basis. The size of the file
may increase to a big extent based on the size of the SAP system and the filters that are specified. This
can happen in a short span of time. The audit log file can be deleted with the navigation path menu>
Tools-> Administration-> Monitor Security Audit Log-> Configuration or by using the transaction
code SM18.
The security audit logs are available for long-term. The audit files are available in the system until the

administrator deletes them manually. The SAP system does not support automatic archiving of the audit
log files. The administrator can archive them manually anytime.
Copy 3 516 words
SAP application uses functional and technical transaction codes. The transaction codes are helpful to
perform various functions in the application like audit logs, workflow and user administration. With the
use of transaction codes, the SAP users can save time and effort when working with the application.
The user can directly navigate to a screen by using the transaction code specific to the screen. The
transaction codes save the time to go through the documentation to understand the navigation path to a
screen. These transaction codes have to be applied on the command field.
The security audit log is a helpful tool for the security auditors in the enterprise to understand in detail
what happens in the SAP application. With the help of audit log, the administrator can record the
activities that the auditor want to analyze. The audit information is logged on a daily basis in the audit
log file stored in the application server. Then, using this recorded audit information, an audit analysis
report can be generated by the auditors. Further, statistical analysis can be performed on the
transactions and reports. Though the audit log was not generated for the primary purpose of statistical
analysis, the information is useful for analyzing the number of resources required for performing the
future upgrade and also to understand the transactions and reports on which the administrator should
put more attention.
The transaction code SM19 can be used to record the login attempts in the security audit log. Then, the
SAP systems maintains a record or log of all the activities based on the selection criteria specified. The
transaction code SM20 then helps the administrator to specify all or few of the log entries to generate
an audit report. The administrator can generate the audit report only on the activities configured for
auditing using SM19.
The transaction code SM19 deals with the security audit log configuration. The following dynamic
kernel parameters can be configured in the security log.

rsau/enable Enables the audit log creation


rsau/local/file Configure the location in the application server where the audit log file has to
be maintained
rsau/max_diskspace_local Configure the size limit for the audit log file. After reaching this
size, the application stops performing auditing.
rsau/selection_slots Configure the number of selection slots or filters for the audit.

These configurations get into effect only after the instance is restarted.
The parameters related to security audit files DIR_AUDIT and FN_AUDIT can be configured in the
application servers profile. The configurations of the kernel parameters apply to the entire SAP
system. Also, detailed checks are performed on these parameters to ensure that the values configured
for the parameters are correct.
The configurations set for the dynamic kernel parameters act as superior to the settings set for instancespecific parameters. So, to set any parameter values specific to an instance, the user has to clear the
configurations in the security audit log and then set the values in the application servers instance

profile.
The basic condition is that the parameter configurations cannot be done simultaneously for both the
instance-specific profile and dynamic kernel parameters.
Copy 4 538 words
The SAP application uses various transaction codes for ease of working. These transaction codes can be
basically categorized into functional and technical codes. These transaction codes help in performing
various functions of the SAP application like audit logs, reports and workflow. These are also refereed
to as shortcut codes as these provide shortcut ways of working with the SAP system. These shortcut
codes save time of effort of the SAP users. Using these codes, the users can directly navigate to a
specific screen. The users are saved from referring to the SAP documentation to understand the
navigation path to move to a specific screen. The user has to use the command field in SAP application
to execute these codes.
The security audit log can be configured and managed with the help of the fllwoing three transaction
codes:
SM19 This transaction code can help in configuring the activities that can be logged in the
audit log file.
SM20 - This transaction code helps in reading the data stored in the audit log file and generate
required reports.
SM18 This transaction code helps in deleting the old audit log files.
The administrator can configure the audit log using the kernel parameters. The kernel parameters are
used in the place of profile parameters. The administrator can navigate to the page that contains the
kernel parameters using the transaction code SM19. The administrator can configure the parameter
values dynamically. When the kernel parameter values are set,they override the behavior of the profile
parameters.
Using the security audit log function in the SAP application, the application information specific to the
system security can be rerecorded. Some of the criteria for assessing the security include the
modifications to the user master records and unsuccessful login trials by the users. With the help of the
audit log, the security auditors of the enterprise can assess the security aspect of the SAP application.
When the administrator configures and activates the security audit log, the system records the activities
which have been configured for auditing. Then, the auditors can generate a report from this recorded
information to assess the security situation.
The security audit logs verifies the following aspects and records the information in the audit log:

The login attempts in the dialog screens of the application are checked and success and failure
are recorded
The login attempts in the RFC are checked and success and failure are recorded
RFC calls to function modules
Alterations to the user master records are recorded.
The starts of the user transactions are checked and success and failure are recorded
Modifications to the audit configuration are recorded.

The audit files are maintained on the application servers. With the help of the following profile
parameters, the administrator can configure various aspects of the security audit log:

rsau/enable Enables the creation of the audit logs in the application server
rsau/local/file Specify the audit file location.
rsau/max_diskspace_local Configure the maximum size for the audit log. After reaching this
size, the auditing stops automatically.
rsau/selection_slots Configure the number of selection slots or filters for the audit.

After configuring these parameter values, they become active after the instance is restarted.
Copy 5 568 words
All functions in the SAP application can be easily accessed with the help of a corresponding transaction
code. The codes contain letters, numbers or both of these. Using the transaction codes, the user can
navigate easily and quickly in the SAP application. The user need not use the menu to navigate to a
specific page. To perform a desired task, the user can easily move to the respective screen using the
transaction code.
With the help of security audit log function available in the SAP application, the auditors can verify the
security of the SAP application. Using the audit log function, the activities the auditors want to analyze
can be recorded. The audit information of the activities is stored in a log file in the application server
on a daily basis. Using the information in the audit log file, the auditors can generate an audit analysis
report. With the help of the report, the auditors can assess the security situation and make requires steps
to improve the security situation.
The audit log specific configurations can be set in the following parameter values:
rsau/enable Enables the functionality of generating the audit logs
rsau/local/file Specify the location to store the audit log file on the application server.
rsau/max_diskspace_local Specify the maximum size limit for the audit log file. When the
size limit reaches, the application stops the auditing automatically.
rsau/selection_slots Specify the number of selection slots or filters for the audit.
The instance has to be restarted to make the configurations active.

The filters for the audit log can be specified in the security audit log configuration screen. To access
this application screen, the user can follow the path - menu> Tools> Administration> Monitor>
Security Audit Log> Configuration or by using the transaction code SM19. The filters specify the
information that can be checked and recorded in the audit log files. The following filters can be
specified:
The User(s) or Client(s) that should be audited
Audit class (for example, start of transaction or report)
Importance of the event (critical, important)
The filters can be either static or dynamic. The static filters are permanent filters. The dynamic filters
are temporary.
The static filters are maintained in the database. The filter defines the events that can be
recorded. These filters can be used by all the application servers in the enterprise. After saving
and activating a static profile, the profile becomes active when the application server starts.

The dynamic filters can be activated anytime to filter for the selected events. Later, these
dynamic filters are automatically distributed to all active application servers. The Audit Log can
be scanned for a period of time, user, transaction, report, etc.

The Security Audit Log records the transactions in an audit file on a daily basis. The audit file size
depends on the size of the SAP system and the filters that are defined. Sometimes, the audit file reaches
its configured size limit in a very less time. Then, the audit file can be deleted using the navigation path
menu> Tools> Administration> Monitor > Security Audit Log> Configuration, or by using the
transaction code SM18.
The security audit logs are maintained for the long-term. They are not automatically deleted by the
system. The administrator has to delete them manually. The SAP system does not archive the audit
files. The administrator can archive them manually anytime.
Copy 6 563 words
The SAP application uses various transaction codes for the ease of operation. The transaction codes are
basically of two types functional and technical. The transaction codes help in performing functions
like audit logs and user administration. The transaction codes save time and effort of the SAP users. To
access the application screen specific to an application function, the user can use the corresponding
transaction code. The transaction codes should be executed via the command field. These codes save
the enormous amount of time hat need to be spent in gong through the application documentation to
understand the navigation path.
The security auditors of an enterprise benefit from the security audit log function available in the SAP
application. The audit log function enables recording the activity information of the application for
auditing purposes. An audit log file is created and saved on the daily basis in the application server and
contains the audit information. With the help of this audit file, the administrators can generate an audit
analysis report with required criteria for analysis. Also, the auditors can perform a statistical analysis of
the transactions and reports to get more insights. The report is also helpful to analyze the number of
resources that the organization has to employ for the future upgrade. It can also help to understand the
transactions and reports that need to be paid attention for security requirements.
The transaction code SM19 helps to record the application activities of the SAP application and
maintain an audit in the audit log file. These logs are generated based on the criteria specified by the
administrator for auditing. Then, the transaction code SM20 can be used to generate an audit analysis
report by using the information being logged in the audit log file. Note that the audit analysis report can
be generated only on the activities configured for auditing by using the transaction code SM19. Other
activities outside this configuration cannot be included in the report.
Using the transaction code SM19 that deals with the security audit log configuration, the following
kernel parameters can be configured.

rsau/enable Enables the audit log creation


rsau/local/file Configure the location in the application server where the audit log file can be
stored
rsau/max_diskspace_local Configure the maximum size limit for the audit log file. After

reaching this size, the application stops performing auditing.


rsau/selection_slots Configure the number of selection slots or filters for the audit.

The administrator has to restart the server for these settings to come into effect.
There are other two parameters specific to the security audit files DIR_AUDIT and FN_AUDIT. These
parameters can be configured in the application servers profile. The configurations set in these kernel
parameters are applicable to the entire SAP system. Also, after the configuration is done for these
parameters, the system performs checks on the values to ensure that they are correct.
The settings performed for the kernel parameters are over and above the settings for specific instances.
If the administrator wants to configure the values for a specific profile, then the user has to clear the
settings for the security audit log and then proceed with the configuration of values in the application
server's instance profile.
The basic rule to be considered by the administrator is that the configurations cannot be performed
simultaneously for both the instance-specific profile and dynamic kernel parameters.
Copy 7 521 words
Various functions in the SAP application can be accessed with the help of transaction codes specific to
them. The codes contain letters, numbers or both of these.
The SAP application has a transaction code specific to its each function. The codes contain letters,
numbers or both of these. The transaction codes help in easy and fast navigation. With the help of
transaction code, the user can skip using the menu for navigation. The user can easily move to desired
task and start the function in a single step.
The transaction codes are specific to various functions of the SAP application like payment methods,
audit logs, reports, workflow and user administration. The transaction codes are the shortcut codes that
can be used to save time and effort of the SAP users. The codes can be used to directly navigate to the
desired screen in the application. With the use of these transaction codes, the users need not go through
the online documentation to understand and use the long navigation path to move to a desired screen.
These codes can be executed in the command field of the application.
The security auditors of an enterprise benefit from the security audit log function available in the SAP
application. The audit log function enables recording the activity information of the application for
auditing purposes. An audit log file is created and saved on the daily basis in the application server and
contains the audit information. With the help of this audit file, the administrators can generate an audit
analysis report with required criteria for analysis. Also, the auditors can perform a statistical analysis of
the transactions and reports to get more insights. The report is also helpful to analyze the number of
resources that the organization has to employ for the future upgrade. It can also help to understand the
transactions and reports that need to be paid attention for security requirements.
The security audit log in the SAP application helps the auditors in the company to analyze what is
happening in the SAP application. The audit log records the activities the auditors want to analyze. On
a daily basis, the audit information is stored in the audit log file in the application server. Then, the
auditors can generate an audit report from this logged information and then make required security
analysis useful for the organization.

The audit log files are generated and stored in the application servers. You can make the audit log
configurations in the following parameters:
rsau/enable Enables the generation of audit logs
rsau/local/file Specify the location to store the audit log file on the application server.
rsau/max_diskspace_local Specify the maximum size for the audit log. When the size limit
reaches, the auditing stops automatically.
rsau/selection_slots Specify the number of selection slots or filters for the audit.
These configurations become active only after the instance is restarted.
The following transaction information can be logged in the security audit log.
The successful and failed login attempts in the dialog screens of the application
The successful and failed login attempts in the RFC
RFC calls to function modules
Modifications to user master records
The successful and failed starts of the user transactions
Alterations to the audit configuration