-
Products and Technology
By Category
-
Groups
Activity Groups
Industry Groups
Influence and Feedback Groups
Interest Groups
Location Groups
Customer Only Groups
- Developers
- Partners
- Events
- Help Center
- Topic Pages
-
Explore SAP
Products
Learning and Support
-
- Products and Technology
- Groups
- Developers
- Partners
- Events
- Help Center
- Topic Pages
-
Explore SAP
- Explore SAP
-
Products
- Products
- SAP Business Suite
- Artificial Intelligence
- Business applications
- Data and analytics
- Technology Platform
- Financial Management
- Spend Management
- Supply Chain Management
- Human Capital Management
- Customer Experience
- SAP Business Network
- View products A-Z
- View industries
- Try SAP
- Partners
- Services
- Learning and Support
- About
- SAP Community
- Developers
- DevOps and System Administration
- Forum
- Re: Security audit log for user specific and table
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Security audit log for user specific and table
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2023 Apr 10 2:34 AM
- SAP Managed Tags
- Basis Technology
- Security
Hi,
I would like to activate the security audit log for a set of tables user specific. Is it possible in SM19? If yes, which option i would need to select.
Does it capture the changes in DBTABLOG or any other table available?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2023 Apr 10 2:49 AM
- SAP Managed Tags
- Basis Technology
- Security
Hello cravisap,
Please check transaction AUT10 if it's works for you.
Regards,
Neeraj Jain
Neeraj Jain
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2023 Apr 10 3:18 AM
- SAP Managed Tags
- Basis Technology
- Security
Please refer below SAP help link if it works:
Neeraj Jain
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2023 Apr 10 3:13 AM
- SAP Managed Tags
- Basis Technology
- Security
Hi Neeraj,
Thank you for sharing the information. I do not have AUT10 tcode in my system. I am using SAP BW on oracle system.
I tried to check the data in SCU3 which would display all the data logs especially what data has been changed.
I want to capture the log data for a user specific for a list of tables. For instance, i have 100 users with 1000 tables.
I want to capture USER10 manual activity on TABLE05 data. I dont want to capture all the users information. How to configure it.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2023 Apr 11 10:56 AM
- SAP Managed Tags
- Basis Technology
- Security
Hi @cravisap ,
What you want to achieve is not possible by security audit log (standard) events only. I'd either require:
1. A correlation of security audit log events with events recorded in DBTablog (Table change log - requires the table to be activated for logging). For example: SAL Event -> User starts SE16N and subsequentially DU9 event for the loaded table and susequential record edits for the table. This is one of many possible use cases with different possible event sources.
2. Implement BAdIs and user exists where necessary to log custom SAL events as per note 1941568.
3. Adressing such events on the user's endpoints for example with EDR tooling
4. A combination of 1 too 3
Certain SAP security solution and service providers (like us at NO MONKEY ) provide consultancy and training for such detection scenarios and can guide through the process of implementing such capabilities.
As a general advice: Start with understanding and model your threats and attack surface first to decide on a meaningful prioritization to implement detection capabilities.
BR
Marco
Bluesky