Search This Blog

Thursday, January 6, 2011

Configuring Filters

The system administrator or security administrator defines the events you want to audit in filters. This information is stored in the control block, which is located in the application server.s shared memory. The SAP system uses this information to determine which audit messages should be written to the audit file.


Filters consist of the following information:

· . Client

· . User

· . Auditclass

· . Weightofeventstoaudit

The audit class returns information about the following:

· . Dialog logon

· . RFC/CPIClogon

· . Remotefunctioncall(RFC)

· . Transaction start

· . Reportstart

· . User master change

You can specify the weight of events to audit:

· . Audit only critical

· . Audit important and critical

· . Auditallevents

You specify the information you want to audit in filters that you can either:

. Create and save filters permanently in the database . Change filters dynamically on one or more application servers

If you decide to create and save the filters permanently in the database, all of the application servers use identical filters for determining which events should be recorded in the audit log. You have to define filters only once for all application servers. You can also define several different profiles that you can alternatively activate.

Note: When using static filters, you must restart the instance before the filter is active.

You can also decide to dynamically change the filters used for selecting events to audit. The system distributes these changes to all active application servers. You do not have to restart the instance for the filters to be active. Dynamic filters are not saved for reuse after system stops or system starts.


No comments:

Post a Comment