In the following examples, the Security Audit Log is enabled on the server pawdf050. The active profile is PROFILE1.
In example 1, Filter 1 is configured so that the system will record any dialog logon attempts, RFC or CPIC logon attempts, or transaction starts that are categorized as important or critical events. The events are recorded for all users and for events in any of the SAP System clients.
In example, 2, Filter 2 is configured so that the system only records events categorized as critical in client 000 for TESTUSER.
In example 3, the detailed configuration is used to specify that the Security Audit Log should record accesses to the file system. In this case, if the mapping to the physical path and file name has not yet been maintained, the system records such accesses so that these paths and file names can be maintained as soon as feasible.
Example 1: Filter 1 for a Profile
Example 2: Filter 2 for a Profile
Example 3: Recording Access to the File System