Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

A user logs off" event not recorded in SM20

Go to solution
Former Member

‎10-21-2013 1:11 PM

0 Kudos

Hello,

A user logs off" event is not being recorded into the Security audit when the user logs off from CRM WEB UI.  Where as it works fine for the Abap user login & log-offs. Has anyone come across this problem in their environment.

System : SAP CRM ABAP 7.0

SAP_BASIS :  702

Regards,

Mudasir H Syed.

1 ACCEPTED SOLUTION

Go to solution
jimguo
Advisor
Advisor

‎10-26-2013 3:58 PM

0 Kudos

Hello,

For SAPGUI and RFC logon, logoff activity is recorded, but for HTTP logon, it's not recorded.

Technically SAPGUI and RFC clients keep connection to application server, but HTTP clients works

in a different way and it's hard to track logoff activity.

Thanks.

Jim

10 REPLIES 10

Go to solution
Former Member

‎10-21-2013 4:21 PM

0 Kudos

Hi Mudasir,

Kindly review and adjust the SM20-Audit settings accordingly:

Audit Class: Dialogon

Event Class: Non-crit

Area: AU

SUBID: C

Message: Logoff

For more explanatory details: kindly refer to: http://scn.sap.com/thread/3298688 and let us know if this doesn't address your issue.

BR,

Ameet Kumar

Go to solution
Former Member
In response to Former Member

‎10-22-2013 11:53 AM

0 Kudos

Hello Ameet,

I have checked the Audit settings and all the Events are selected in our system including the 'Log off' which you have mentioned.

The Dialog user log off ( User type - A ) is being captured whereas Http user log off ( User type - H ) is not available in the logs.

Regards,

Mudasir H syed.

Go to solution
Former Member
In response to Former Member

‎10-22-2013 2:17 PM

0 Kudos

Hi Mudasir,

I am surprised to know the user type: H - http user type, which is not as such.

We have the connection type as H-https, which we maintain for RFC maintenance under SM59.

We have only A (Dialog), B (Background processing), C (Communication), S (Service) and L (Reference).

Like you have already mentioned that for A-type users, you are able to see the logon/logoff reports so there is no other configuration need to be done. Kindly check.

BR,

Ameet Kumar

Go to solution
Former Member
In response to Former Member

‎10-23-2013 10:36 AM

0 Kudos

Hello Ameet,

If the Dialog user is logged in from ITS / WEB UI then it is being recorded as type H user ( Screenshot below ). However the logoff is not getting recorded.

Mudasir H Syed.

Preview file
3 KB

Go to solution
Former Member

‎10-23-2013 7:50 AM

0 Kudos

Hi Mudasir,

did the user log off from the system (using the log off function of the UI), close the browser window or just leave the window open and the session was closed due to inactivity? In the latter two cases, the http session is just closed, which is not recognized as a logoff (in fact, the user will not be logged out at all).

Regards,

Patrick

Go to solution
Former Member
In response to Former Member

‎10-23-2013 10:37 AM

0 Kudos

Hello Patrick,

The user is logging off using log off function from UI still it is not being recorded in the security audit.

Regards,

Mudasir H Syed.

Go to solution
jimguo
Advisor
Advisor

‎10-26-2013 3:58 PM

0 Kudos

Hello,

For SAPGUI and RFC logon, logoff activity is recorded, but for HTTP logon, it's not recorded.

Technically SAPGUI and RFC clients keep connection to application server, but HTTP clients works

in a different way and it's hard to track logoff activity.

Thanks.

Jim

Go to solution
Former Member
In response to jimguo

‎10-28-2013 1:55 PM

0 Kudos

Hello Jim,

The http user logon is being captured in the audit. And when I log-off from UI then the corresponding entry is being removed ( which indicates log-off process being done at server side ) & I can see the same in http session monitoring too.  But the same logoff is not being captured in SM20 audit logs.

I think its due to lack of any Audit  filter for Http user  log-offs.

Thanks,

Mudasir

Go to solution
Former Member

‎10-28-2013 4:47 AM

0 Kudos

Hi Mudasir,

This is a tipical issue.

The trace of http logon or logoff  via SM20 is not supported technically.

SM20 only can trace the logon or logoff with DIAG protocol (SAPGUI) and RFC protocol.

The reason why we cannot rely on SM20 audit log for http logon or logoff is

because http logon is not stable, it does not have real session,

technically no way to ensure http logon cannot be traced properly.

Therefore I have to say, please do not expect that http logon/logoff can be recorded in SM20 correctly.

Thanks and hopefully this could be helpful!

Sunny

Go to solution
Former Member

‎10-28-2013 10:48 AM

0 Kudos

Hi Mudasir,

Hope that you have now got the clarifications on your query.

As, the audit log activities can be performed for the user types which are connected to the SAPGUI and RFC clients which gets connected to the application server. But in case of HTTP-user type, it can't be established at the application server.

So finally, to answer your query: user-logon/off logs for HTTP-user type can't be recorded.

BR,

Ameet Kumar