Standardized and best-practice processes, tailored to your IT infrastructure
The Security Audit Log (SAL) is one of the most important elements when it comes to security in your SAP landscape. With SAL critical and security relevant activities in SAP systems can be recorded and evaluated. The settings in SAL are relevant for secure continuous operation.
In order to explain the relationship between TREX and SAP Solution Manager, I would like to ask you a question first. Can you remember when you last used the search help (F4) in SAP, what you were looking for and above all what the search string looked like? Now, the entitlement admin might have looked like this. Any role for a new key-user in the HCM area, but how exactly was that called? Would you Google the same way? - Not much. The Enterprise Search in Solution Manager 7.2 In the SAP Solution Manager, the SAP Enterprise Search provides a comprehensive full-text search. With only one keyword, you can search centrally for all types of documents in the ITSM and ChaRM, such as incidents or changes, via the Fiori Launchpad. If you have added attachments, they will also be searched for the keyword. At a technical level, a special BOL query object is passed to the Enterprise Search, which passes the HANA database and performs a search. What if you don't use the Solution Manager on SAP HANA? Enterprise Search with TREX 7.1 SAP offers the possibility to use Solution Manager 7.2 on another database (AnyDB), for example DB2 or Oracle. In order to use Enterprise Search (also embedded search) in this case, you need the TREX admin tool. This stands for Text Receival and Information Extraction, which basically describes the functionality of the software. The TREXEngine takes the search text in the form of the Query object and provides an intelligent search of keywords and long texts in previously classified documents. Installation and Usage Tips Run the TREX configuration after the basic configuration of the Solution Manager. In SOLMAN_SETUP you will find the Embedded Search scenario, which is the guide for the configuration. In the Process Management scenario, configure the embedded search using the description. Here the object connectors are created and the indexing jobs are started. Both are required to use the solution documentation in conjunction with other components. If you are installing UNIX, make sure that the shared libraries are up-to-date or that they are initially available.
SM30 Table maintenance
Especially after security incidents it may be necessary to find out which (technical) users have logged in at which time. The USR02 table provides a first entry point. In the TRDAT column you can find the last login date for the user you want. However, a history of previous applications is not found in this table. In such cases, the Security Auditlog or SAL helps. Preparation In order to access the desired data, it must also have been saved previously. In the Security Auditlog, you can use various filters to determine which users are logged on which client and which information. The Security Auditlog stores, depending on configuration, logins, RFC calls, and other actions for specific users. You can make these settings in the SM19 transaction. Note: Logging user activity must be aware of the users concerned! Configure the SAL only for technical users or in consultation with users / works council / etc. It can be seen there among other things when the SAL was activated and last edited (1). You can also select the various filters (2), activate the filters individually (3), specify clients and users (4) and specify which activities are logged (5). Static configuration in the SM19 Under the Dynamic Configuration you can also see if SAL is currently active for the system. Determine the status of the SAL Evaluation of the SAL If the Security Audit Log is active, switch to the SM20 evaluation of the Security Audit Log. Select the desired user and client and the appropriate time window. The option Dialogues login is sufficient for the login. Then, restart the AuditLog analysis. Start evaluation You will get an overview of the user's login to the selected client of the system.
SAP Basis refers to the administration of SAP system that includes activities like installation and configuration, load balancing, and performance of SAP applications running on Java stack and SAP ABAP. This includes the maintenance of different services related to database, operating system, application and web servers in SAP system landscape and stopping and starting the system. Here you can find some useful information about SAP Basis: www.sap-corner.de.
In every company with several SAP systems, there is a person responsible for the complete SAP Basis topics, usually there is even a separate department for this. This person ensures the trouble-free operation of the SAP systems. The person responsible also accompanies maintenance work or upgrades and intervenes in special situations, such as poor performance. Even for companies that hand over operation of the SAP Basis to an external service provider, there are often tasks from the user and authorization management environment at this point.
With "Shortcut for SAP Systems" a tool is available that greatly facilitates some tasks in the SAP basis.
Since pure SAP systems are rather the exception, non-SAP systems can also be controlled and monitored.
To store all the information on the subject of SAP - and others - in a knowledge database, Scribble Papers is suitable.
Therefore, SAP Basis is an important core of any SAP infrastructure and is required in both previous versions such as R/3, as well as current versions such as S/4HANA 2021.