The following files are available for logging important security events and helping administrators with troubleshooting:
Security logging
Location in Log Viewer: ./log/system/security.<n>.log
Location in file system: \usr\sap\<SID>\<instance_number>\j2ee\cluster\server<n>\log\system\security.<n>.log
This file contains the log entries of a number of security related services, including the following:
Authentication
Destination service
User Management
Virus Scanner Interface
Web Services
Successful and failed user logons and logouts (LOGON.OK, LOGON.FAILED, LOGOUT.OK, LOGOUT.FAILED)
Security audit log
This file contains a log of important security events, such as creation or modification of users, groups and roles.
More information: Security Audit Log of the AS Java .
Trace files
Location in Log Viewer: ./log/defaultTrace.<n>.trc
Location in file system: \usr\sap\<SID>\<instance_number>\j2ee\cluster\server<n>\log\defaultTrace.<n>.trc
This file contains all the trace information for the whole server and includes trace information for user management engine (UME) libraries and the UME provider ( com.sap.security.core.ume.service). The information in this file is on a fine-granular level and includes exceptions, warnings, and debugging information. It is mainly required by SAP support.
Change log
Location in file system: \usr\sap\<SID>\<instance_number>\j2ee\cluster\changelog
The change log contains changes that were done manually in the SAP NetWeaver Administrator, such as creating, deleting or modifying a policy configuration, creating, deleting or modifying a keystore view, and so on. The change log contains information about what was changed, who changed it, what was the old value and what is the new value.
Directory server logs
When you use an LDAP directory server as a data source for the UME, you can configure log files to monitor and troubleshoot the connections.
More information:
Viewing Log and Trace Files in the Log Viewer
Use SAP NetWeaver Administrator to view log and trace files. SAP NetWeaver Administrator provides a predefined security view.
More information:
Configuring the Log Viewer
Use SAP NetWeaver Administrator to configure log and trace files.
More information: Configuring Log Controllers .