Show TOC

Background documentationLogging and Tracing Locate this document in the navigation structure

 

The following files are available for logging important security events and helping administrators with troubleshooting:

  • Security log

    Location in Log Viewer: ./log/system/security.<n>.log

    Location in file system: \usr\sap\<SID>\<instance_number>\j2ee\cluster\server<n>\log\system\security.<n>.log

  • Security audit log

    The security audit log is part of the security log. It uses the category System/Security/Audit in the log entries of the security log.

    For more information, see Security Audit Log of the AS Java.

  • Trace files

    Location in Log Viewer: ./log/defaultTrace.<n>.trc

    Location in file system: \usr\sap\<SID>\<instance_number>\j2ee\cluster\server<n>\log\defaultTrace.<n>.trc

    This file contains all the trace information for the whole server and includes trace information for user management engine (UME) libraries and the UME provider (com.sap.security.core.ume.service). The information in this file is on a fine-granular level and includes exceptions, warnings, and debugging information. It is mainly required by the SAP support team.

  • Directory server logs

    When you use an LDAP directory server as a data source for the UME, you can configure log files to monitor and troubleshoot the connections.

    For more information, see the following:

Viewing Logging and Trace Files in the Log Viewer

  1. In the visual administrator, on the Cluster tab, choose   <system_id>   Server   Services   LogViewer  .

  2. Make sure the Runtime tab is displayed.

  3. In the navigation tree, choose   Cluster   Server   <ASJava_installation_directory>   and navigate to the required file.

Configuring the Log Viewer

You can change the severity level of logging and tracing using the log configuration services in the visual administrator.

  1. In the visual administrator, on the Cluster tab, choose   <system_id>   Server   Services   Log Configurator  .

  2. Choose the configuration you want to change.

    • For security logging, choose   Categories   Root Category   System   Security   Audit  .

    • For tracing, switch to advanced mode and choose   Locations   Root location   com   sap   security  .

  3. Change the severity level as required.

    1. Select the required package and choose Edit.

    2. Under Severitychange the severity settings.

    The new severity level is activated immediately. You do not need to restart the server.