on 01-28-2011 7:31 AM
Hi All,
I need to switch on the security audit log in the system because our auditor want to have security audit log for the users having sap_all and sap_new in the production environment. As far as I know we cannot switch on the audit log for particular user id's in the system. And if it is right then switching on the audit log for all users will impact the system performance at a great extent.
If anyone has some expert advice on this situation then please share your thoughts.
Thanks
Sunny
Hi Sunny
In my experience the security audit log cause no performance issues at all, the data is written to an external file so no additional datai is dumped on your DB.
Im actually not in front of my PC but im pretty sure you can play with the filter in SM19 and get something closer to your requirement.
Regards
Juan
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Juan,
Thanks for your reply.
You are right audit logs are written to external files. But the problem I have following problems:
1) If I need to record security audit logs for a set of users. Then there is no option in SM19 to define particular set of users. Either I can specify single user for all users.
2) If I am activating security audit logs then it will impact system performance because when user is doing some activity at same it is logging the changes so it will take some memory to do that which will impact performance if number of users will be high.
Thanks
Sunny
Most of activity recorded by SM20 can be obtained via STAD, ST03N and SUIM, disadvantage is that retention period is short and you might have to put the pieces together manually, but im sure you know that.
You also dont have to enable SM19 to record all the activities but if you are looking for specifics you can filter the rest out saving some unnecesary log writing. But again in my opinion Security audit doesn't cause mayor perfirmance issues.
Regards
Juan
2) If I am activating security audit logs then it will impact system performance because when user is doing some activity at same it is logging the changes so it will take some memory to do that which will impact performance if number of users will be high.
I also believe the same, i had a long discussion on my Company that we should enable the Security log or not as it will create unnecessary performance issue, but till now it's more then 3 months i have not seen any memory issue or any increased run time with the Transaction. And Yes i have not selected all the Parameter which is available on SM19
Regards,
Subhash
User | Count |
---|---|
88 | |
10 | |
10 | |
9 | |
7 | |
7 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.