Security of Logs and Traces

The query log is Embedded Search's own protocol for searches that may be subject to data protection measures. The query log records the details of search requests and searches that users start on the Search UI or that the system starts automatically. The log is used to analyze errors and to optimize the search offering.

You can configure the following in customizing for the query log (transaction ESH_QL_CUST):

• Whether or not the system logs data at all.

• Whether the names of the users who submitted search requests are also recorded or the requests remain anonymous.

• Whether or not access to the query log itself is recorded in the application log.

In detail, the query log records the following information:

• Language, time, and status of the outcome of the search

• Type of search request, for example, whether a user or the system submitted the request

• Content of the request, for example, search terms that a user entered

• Search object connectors and object types contacted

• User name (optional)

• The user's related actions, for example, clicking a link in the search results

• Information about TREX indexes contacted

• Runtime and number of hits for the search

You can use transaction ESH_QUERY_LOG to filter and analyze the log selectively. You can also start a recorded search request again based on the current circumstances. You cannot navigate from the log to objects found during searches.

Delete log files that are not longer required at regular intervals. To do this, scheduled the ESH_QL_QUERY_LOG_REORG program as a background job.

Access to the query log is protected using the following roles:

For roles and authorizations in Embedded Search: Authorizations