Security Audit Log (BC-SEC) (SAP Library

Security Audit Log (BC-SEC)

Purpose

The Security Audit Log is a tool designed for auditors who need to take a detailed look at what occurs in the SAP System. By activating the audit log, you keep a record of those activities you consider relevant for auditing. You can then access this information for evaluation in the form of an audit analysis report.

The audit log's main objective is to record:

Security-related changes to the SAP System environment
(for example, changes to user master records)
Information that provides a higher level of transparency
(for example, successful and unsuccessful logon attempts)
Information that enables the reconstruction of a series of events
(for example, successful or unsuccessful transaction starts)

Specifically, you can record the following information in the Security Audit Log:

Successful and unsuccessful dialog logon attempts
Successful and unsuccessful RFC logon attempts
RFC calls to function modules
Successful and unsuccessful transaction starts
Successful and unsuccessful report starts
Changes to user master records
Changes to the audit configuration

Implementation Considerations

Caution

The Security Audit Log contains personal information that may be protected by data protection regulations. Before using the Security Audit Log, make sure that you adhere to the data protection laws that apply to your area of application!

Integration

With the Security Audit Log, SAP Systems keep records of all activities corresponding to designated filters.

For a detailed description on the technical aspects of the audit log, see The Design of the Security Audit Log.

The Security Audit Log complements the system log; however, the Security Audit Log has a slightly different purpose and a different audience (see Comparing the Security Audit Log and the System Log).

Activities

For more information about the various activities that you need to perform when using the Security Audit Log, see:

Defining Filters to enable auditing and configure the information you wish to audit.

Displaying the Audit Analysis Report for a detailed description on how to specify your audit analysis report. You can view the recorded information as desired. You can view everything that you have logged, or you can select a sub-group (for example, certain transactions or certain users).

Deleting Old Audit Files for information on archiving and deleting your audit files.