he Security Audit Log complements the System Log. Both are tools used to keep a record of activities performed in SAP Systems. However, they use slightly different approaches and have different objectives. We show how these two types of logging compare in the table below.
The Security Audit Log | The System Log |
Objective | |
Records security-related information that can be used to reestablish a series of events (for example, unsuccessful logon attempts or transaction starts). | Records information that may signal system problems (for example, database read errors, rollbacks). |
Audience | |
Auditors | System administrators |
Flexibility of Use | |
You can activate and deactivate the Security Audit Log as necessary. Although you may wish to audit your system on a daily basis, you do not have to. For example, you may wish to activate the Security Audit Log for a period of time before a pre-designated audit and deactivate it between audits. | The system log is needed on a continuous basis. You do not deactivate the system log. |
Log Availability | |
The audit logs are local logs maintained on each application server. However, in contrast to the system log, the system maintains its audit logs on a daily basis and you have to archive or delete the log files manually. This way, you can refer to logs from previous days and the time frame for available logs is increased. | There are two types of system logs, local and central. Local logs are maintained on each individual application server. These files are circular, meaning that once they are full, they are overwritten from the beginning. The sizes of these logs, as well as the time frame where they are available, are limited. You also have the option to maintain a central log. However, the central log is currently not completely platform independent. At the current time, it can only be maintained on a UNIX platform. The central log is also not kept indefinitely. |
Handling Sensitive Data | |
The Security Audit Log contains personal information that may fall under data protection regulations. You need to pay close attention to the data protection regulations before you activate the Security Audit Log. | The system log does not contain any personal data. |
No comments:
Post a Comment