on 01-19-2009 1:42 AM
Hi Gurus,
I am a IT manager in our company. Our Basis has SAP_ALL authorization in our PRD circumstance. I
want to know how to audit his actions in PRD. Does anyone know any tool can do this?
BTW, I don't care the tool support by SAP-itself or third part.
Thanks in advance!
Jason
Hello Jason,
If it only the daily monitoring you want to do then use trsansaction Sm19/Sm20 for this purpose.
With regards.
Ruchit Khushu.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Jason,
You are right. In our company we have some special users with SAP_ALL and SAP_NEW in production. All actions performed by them are audited using SM19/SM20. Not only we use it for internal audit but for SOX as well. SM19/SM20 can be used for daily recording of activites so after a long period also you can actually see the results. Regarding the files please check OSS note 539404. It is a generic FAQ note for SM19.
Regards.
Ruchit.
Hi Pranay,Ruchit and other friends,
Thank you very much for your kindly reply.
You gave me many good ideas, It will take me some time to digest it.
I will close this thread when I understand completely.
Regards&Thanks!
Jason
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
For privileged users like these we have a written a custom program that generates all the activities of the user ids you identify in advance. The details are there in user tables you need to get it in a readable format. Any ABAP programmers can develop this one quickly.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Jason,
You basis Id will be considered as a 'professional user' if he hits the database.. To check his activities u may use STAD Tcode or activate a trace.
To see whether he hits the database or not... run the report CDHDR via SE16 Tcode.
Hope this helps.
Regards,
Pranay
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Pranay Suryawan
Thank you very much for your timely reply.
(1)You mentioned 'STAD Tcode or activate a trace', Could you give me more explanation about 'activate a trace'?
(2)'Run the report CDHDR via SE16 Tcode.'
I found a lot of our operating colleagues's operation record in CDHDR. Was that normal?
BTW, Our DBA is responsible for the relevant work about DB, Our Basis is responsible for the SAP administration.
Hi Jason,
Try giving the date range, this will give you the report for the required time frame. In this way you have all the users which falls in actual 'Professional users' category.
Also try out T code USMM
Refer to this:
https://websmp108.sap-ag.de/licenseauditing
http://help.sap.com/saphelp_nw04/helpdata/en/84/41026810914c9d8603001a3d008f3b/content.htm
Hope this helps.
Regards,
Pranay
If you really want to use any tool for such things then go for Virsa compliance calibrator and firefighter. This is a segrigation of duties tool and help company in SOX audit.But for the time being use transaction SUIM in sap, this will give you what you need at the moment.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi, Pankaj Saluja
(1)You let me know 'Virsa compliance calibrator and firefighter' and 'SOX', This is the first time I've heared it. Thank you!
Can we support the softwares you mentioned to non-SAP Basis User for auditing SAP Basis?
(2)You mentioned 'SUIM', absolutely, I alwasy use it. But I don't know how to use it for auditing purpose. Could you give me some examples?
User | Count |
---|---|
86 | |
10 | |
10 | |
9 | |
6 | |
6 | |
6 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.