Enabling Audit Logging

SAP Host Agent provides the means to perform audit logging for every operation the SAP Host Agent is executing. If you want to use audit logging, you have to activate it using the related entries in the host_profile file.

Context

The operating systems which are supported by Host Agent have built-in means of audit logging. On UNIX and Linux, SAP Host Agent uses the syslog (/var/log/messages), and in Windows the Application Eventlog. The user can decide if audit logging is done using OS means or provide a file to which all audit messages are written. Audit logging is disabled by default. You can enable and configure it using host_profile parameters.

Procedure

Edit the host_profile file.
For information about where you can find this file, see the Profile File section in Architectural Overview of SAP Host Agent.

Change the following parameters according to your needs:

Parameter	Description
service/auditlevel=0/1	0 disables audit logging, 1 enables audit logging.
service/auditlogfile=`<FILE_NAME>`	\|If an audit logfile is provided by the user, SAP Host Agent uses the `<FILE_NAME>` logfile in the SAP Host Agent’s work directory for audit logging. Eventlog and Syslog are not used in this case. If the file does not exist, it is created by SAP Host Agent.
service/auditlogfilesize=0...X	If an audit logfile is provided, the user can decide to which extent the logfile is allowed to grow. All sizes must be given in MB (Megabyte). If the configured size is exceeded, the current audit logfile is saved to `<FILENAME>`.old and a new audit logfile is created. If the size is set to 0 or if the parameter is not configured at all, the audit logfile can grow unlimitedly.

Restart SAP Host Agent to activate the changed configuration settings.

Example

Audit logging output is always written in one line and can look like this:

[2012/08/24 11:22:16][AUDIT SUCCESS]Operation ListInstances; Socket type Network Socket; Remote IP 127.0.0.1; Remote port 60779; Username Not Available Labels parameters