Show TOC

Example FiltersLocate this document in the navigation structure

Use

In the following examples, the security audit log is enabled on the server pawdf050. The active profile is PROFILE1.

In example 1, Filter 1 is configured so that the system records any dialog logon attempts, RFC or CPIC logon attempts, or transaction starts that are categorized as important or critical events. The events are recorded for all users and for events in any of the SAP system clients.

Figure 1: Example 1: Filter 1 for a Profile

In example, 2, Filter 2 is configured so that the system only records events categorized as critical in client 000 for TESTUSER.

Figure 2: Example 2: Filter 2 for a Profile

In example 3, the detailed configuration is used to specify that the security audit log should record accesses to the file system. In this case, if the mapping to the physical path and file name has not yet been maintained, the system records such accesses so that these paths and file names can be maintained as soon as feasible.

Figure 3: Example 3: Recording Access to the File System