Hi,
Currently we are automating the security audit log extraction of all apps used in our organization to SPLUNK for security and auditing purposes. One such application in SAP CI DS.
But unlike other SAP applications (SAP IAS,workzone,CPI) CI DS does not have any API exposed publicly. We have referred to the below community post as well wherein it is mentioned that no API available to fetch security logs.
Solved: How-to export CI-DS Logs to external system - SAP Community
Hence, we tried to raise a ticket with SAP and we have got suggestion to do web scraping as no other options found.
We have conducted further analysis and obtained the internal URL from the web browser's network capture. We discovered the get_log method, which retrieves all the audit log details.
URL:
We have tried to hit the get_log url from external tool (insomnia).
Current Limitation
- The
get_log method is an internal UI API and does not officially support OAuth2 tokens or non-interactive access. - Even after obtaining an OAuth token from SAP Cloud Identity Services (IAS), the endpoint redirects to the CI-DS login page, indicating that it only accepts browser-based SAML authentication.
- This makes it impossible to integrate with external systems for automated log extraction using standard API authentication.
Is there any option to overcome the authorization issue to access the get_log url ?If not is there any standard web scraping tool available to achieve this, if so can we please get the details and the steps to achieve the same.
Regards,
Gayathri Ravi
Bluesky
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.