cancel
Showing results for 
Search instead for 
Did you mean: 

GRC 10.1 Action Usage Report by User, Role and Profile - Not Returning Expected Results

jbc_in_tennessee
Discoverer
0 Kudos
1,765

Greetings, GRC Experts:

I've seen a few questions here about the GRC Action Usage Report (AUR) and the related message that accompanies most all of my queries submitted to this report. The displayed results are accompanied by the message, "The report data is based upon your authorizations." For several years I've questioned whether this AUR is truly returning ALL transaction code usage for the users that I query, or whether some transaction usage gets omitted from the report based on MY specific roles and authorization levels. My obvious intent was to lookup ALL transaction usage for a given user in order to research myriad problems, analyze potential critical access concerns, and validate status of waivered SoD risks.

Please allow me to describe the scenario encountered just now and then I'll hope to frame my question more clearly. Today, I had the need to validate whether a specific user had recently run t-code FBR2. I generated the AUR for that specific user, on a specific date range, for the specific transaction code. The report came back empty, no occurrences of FBR2 within the specified date range. It's important to note here that I personally do not have access to FBR2.

When I checked FB03 for activity against the same user within the same date range, I found dozens of FBR2 transactions executed by the user, even though the AUR displayed none. I must draw the conclusion that the AUR is limiting transaction results to only those that match my own permissions/authorizations.

QUESTION 1: Do you agree? Does the Action Usage Report by User, Role and Profile limit its display results to only those transaction codes/authorizations that match the person running the report?

QUESTION 2: Is there any way to modify the report configuration or settings so that the Action Usage Report returns ALL transaction code usage that fits the query parameters and disregards the roles/permissions/authorizations of the person executing the report?

Thanks to anyone who responds.

Accepted Solutions (0)

Answers (1)

Answers (1)

ramkrishnatip
Explorer
0 Kudos

Hi Jonathan,

I have faced the similar issue. It may be due to 2 reasons.

1. In SM19, not all values/filter are enabled.

2. If the transaction is called from another transaction and the S_TCODE is not explicitly checked for that transaction by the system(can be seen in the trace ST01).

Regards,

Ram

jbc_in_tennessee
Discoverer
0 Kudos

Thank you, Ram. Working with our SAPSecurity team to examine these as potential root causes.