Security-Related Logging and Tracing

Use

Logging Security-Related Changes and Authorization-Related Activities

The following tables are used to log changes to analysis authorizations and other authorization-related activities:

RSUDOLOG

This table contains log information about execution of a query (or other transaction) in the administration transaction for analysis authorizations in Query Monitor (transaction RSRT) by one user for another.

For further information about executing transactions (especially RSRT) with another user, see Management of Analysis Authorizations and Checking Analysis Authorizations as Another User.

The log data includes the following:

User name of the user who has executed a transaction under another user name
User name of the other user
The transaction that was executed
Password prompt flag
Flag to show correct password entered
Session ID
Time stamp

RSECVAL_CL

This table contains log information about changes to value authorizations. The log data includes the following:

The authorization that was changed
The characteristic that the authorization was changed for
Object version of the characteristic
Session ID
Time stamp for the change

RSECHIE_CL

This table contains log information about changes to hierarchy authorizations. The log data includes the following:

The authorization that was changed
The characteristic that the authorization was changed for
Object version of the characteristic
Hierarchy-specific data
Session ID
Time stamp for the change

RSECUSERAUTH_CL

This table contains log information about the assignment of analysis authorizations by users in the administration transaction for analysis authorizations.

More information: Assigning Information to Users

The log data includes the following:

Authorization
Use name of the user whom the authorization was assigned to
Time stamp
Session ID

Note

You can analyze changes to value and hierarchy authorizations and to user-user authorization assignments using InfoProviders from the technical content. More information: Change Documents (Legal Auditing).

RSECTXT_CL

This table contains log information about changes to authorization texts. The log data includes the following:

The authorization that was changed
The authorization's short, medium and long text
Session ID
Time stamp for the change:

RSECSESSION_CL

This table contains log information about user activities in the session, including the date and time of any changes made. You can use this table to find out which user values, hierarchy authorizations or authorization texts have been changed.

Logging LOPD-Relevant Access in Reporting and Planning Applications

SAP BW provides a mechanism for logging access in reporting and planning applications, which are security-related in accordance with the Spanish data protection law L ey O rgánica de P rotección de D atos de Carácter Personal (LOPD) sicherheitsrelevant sind. For more information, see SAP Note 933441 Information published on SAP site .