Security of Logs and Traces 
The query log is SAP NetWeaver Enterprise Search's own protocol for searches that may be subject to data protection measures. The query log records the details of search requests and searches that users start on the Search UI or that the system starts automatically. The log is used to analyze errors and to optimize the search offering.
Caution
Logging is switched off when the system is delivered. Before you switch on the logging and configure settings that are subject to data protection measures, familiarize yourself with the data protection regulations in your company.
You can configure the following in customizing for the query log (transaction ESH_QL_CUST):
Whether or not the system logs data at all.
Whether the names of the users who submitted search requests are also recorded or the requests remain anonymous.
Whether or not access to the query log itself is recorded in the application log.
In detail, the query log records the following information:
Language, time, and status of the outcome of the search
Type of search request, for example, whether a user or the system submitted the request
Content of the request, for example, search terms that a user entered
Search object connectors and object types contacted
User name (optional)
The user's related actions, for example, clicking a link in the search results
Information about TREX indexes contacted
Runtime and number of hits for the search
You can use transaction ESH_QUERY_LOG to filter and analyze the log selectively. You can also start a recorded search request again based on the current circumstances. You cannot navigate from the log to objects found during searches.
Delete log files that are not longer required at regular intervals. To do this, scheduled the ESH_QL_QUERY_LOG_REORG program as a background job.
Access to the query log is protected using the following roles:
Role |
Included in Collective Role |
Protects |
|---|---|---|
SAP_ESH_CUST_QUERY_LOG |
SAP_ESH_ADMIN |
Customizing of the query log |
SAP_ESH_DISPLAY_QUERY_LOG |
Content Manager collective role |
Display of the query log |
SAP_ESH_REORG_QUERY_LOG |
SAP_ESH_ADMIN |
Deletion program for log files that are no longer required |
More Information
For the SAP NetWeaver Enterprise Search query log: Trace and Log Files
For roles and authorizations in SAP NetWeaver Enterprise Search: Authorizations
In addition to the query log, SAP NetWeaver Enterprise Search also uses the general SAP NetWeaver logs and traces. For more information about security aspects of these logs and traces, see:
Auditing and Logging (SAP NetWeaver Security Guide)
Trace and Log Files (MaxDB Security Guide)
Trace and Log Files (Search & Classification (TREX) Security Guide)