03-28-2007 7:53 AM
please explain the usage of transaction codes SM18, SM19, SM20 in SAP, for audit.
Regards
Puneet
03-30-2007 11:52 AM
Hi all,
try also transaction SM20N. It is similar to SM20 but offers advanced selection options.
03-28-2007 8:34 AM
Hi Puneet,
These transactions are for Security administration.
SM20 - Security Administrator run this report periodically to get the details of 'Failed logons' of the users in the Production system and investigate the causes.
Apart from that other details e.g.Failed transations,users running the critical reports etc can also be obtained.
SM18 - to delete old Security logs.
SM19 - Audit Profile can be maintained.Go to 'Detailed Display',you can see the various Events correspond to their criticality.
<removed_by_moderator>
Thanks,
s<i><b>A</b></i>mik.
Message was edited by:
Samik Sarkar
Edited by: Julius Bussche on May 27, 2008 11:14 AM
03-28-2007 10:08 AM
Hi Puneet,
Transactions SM18, SM19, SM20 deals with security Audit Log.
<b>SM18</b>
To archieve or delete old audit log files
<b>SM19</b>
you can configure the Static/Dynamic fileters here.
The system administrator or security administrator defines the events you
want to audit in filters. Filters consist of the following information:
. Client
. User
. Auditclass
. Weight of events to audit
The audit class returns information about the following:
. Dialog logon
. RFC/CPIClogon
. Remotefunctioncall(RFC)
. Transaction start
. Reportstart
. User master change
You can specify the weight of events to audit:
. Audit only critical
. Audit important and critical
. Auditallevents
<b>SM20</b>
SM20 to assess the security audit log.
Soppose if you wanted to find out the transaction run by a perticular user in certain period, You can get this information in SU20.
Please visite:
http://help.sap.com/saphelp_46c/helpdata/en/95/d2a8e96d6611d1a5700000e835363f/frameset.htm
Hope it helps.
<removed_by_moderator>
Thanks & Regards,
Santosh
Edited by: Julius Bussche on May 27, 2008 11:15 AM
03-28-2007 12:38 PM
Check the below link which explains all about Auditing and logging in SAP.
http://help.sap.com/saphelp_nw04s/helpdata/en/8a/a8b5386f64b555e10000009b38f8cf/frameset.htm
Hope it helps.
Br
Sri
<removed_by_moderator>
Edited by: Julius Bussche on May 27, 2008 11:15 AM
03-28-2007 4:31 PM
Review the following document from SAP.
It has what need in one nice PDF.
<a href="http://help.sap.com/printdocu/core/Print46c/en/data/pdf/BCCSTADM/BCCSTSAL.pdf">Audit Log pdf</a>
Cheers,
Ben
03-30-2007 11:52 AM
Hi all,
try also transaction SM20N. It is similar to SM20 but offers advanced selection options.
04-24-2007 3:36 AM
Hi all, i would like to tag on this thread to ask on SM19. If i wanted to define only 3 users to log, does it mean i have to go to sm19 3 times? Currently in the function i can only choose to log either 1 person or put an '*' which i assume means all.
Cheers!
04-24-2007 5:55 AM
04-24-2007 8:09 AM
Hi,
if you want to log only 3 users you have to create 3 filters. May be you can use a generic filter (for example user* or *user). For generic filters you have to set the system profile parameter rsau/generic_users to 1.
Regards
Rainer
11-08-2007 11:14 PM
Continuing on the same topic, I tried accessing the logs for SM20. all i got is "No Aduit files" message, is this because the Audit log was not turned on? Or is there any other reason for the same.
05-27-2008 11:07 AM
07-09-2008 10:01 AM
Hi all,
I would like to know why after activated a filter in static configuration, when I read the report in SM20, I have to give one more time the details on the audit I want.
Moreover, the parameter rsau/local/file is missing in RZ11. Is it normal?
Thanks for responding