Free Download SAP BASIS Books And Interview Questi

RSS Feed Homepage

Purging Old Audit Files
2008-02-07 20:26:00
Use The audit log is saved to an audit file on a daily basis. Depending on the size of your R/3 System and the criteria you have specified, you may be faced with an enormous quantity of data within a short period of time. You should archive your audit files on a regular basis and purge the original files as necessary. Use the Transaction SM18 to purge old audit files. You can either purge files from all application servers or from the local server where you are working. If an application server is not active when you purge, it will be included in the next reorganization.This procedure only deletes the audit log file(s)! It does not perform any other administrative tasks, such as archiving. If archives are necessary for future references, you must manually archive them before deleting.You cannot purge files that are less than 3 days old! Procedure Call the transaction SM18 or execute the program RSAUPURG. The Audit : Purge old audit files screen appears.Enter the minimum age to ...
More About: Files

Reading the Audit Analysis Report
2008-02-07 20:26:00
This section describes how to read the audit report produced from the procedure Displaying the Security Audit Log. The Main Audit Report The following shows a portion of the audit analysis report. Introductory Information At the top of the report, you find the selection options from the previous screen that you applied to the audit file for this report (for example, From date/time, To date/time, User, and Transaction code). Audit data The audit report itself follows the introductory data and can be seen in the above diagram. The following information is always provided:Time Inst. (name of the application server) User Tcod (Transaction code) Text The following information is optional and must be specified for viewing before reading the audit log. (see The Audit Log Display Options).Date Client Program name Terminal number Message number Parameter records Summary information is included at the end of the list (for example, the number of records read, the numb...
More About: Reading , Analysis

Displaying the Security Audit Log
2008-02-07 20:26:00
Use The audit log produces a report on the activities that have been recorded in the audit file. You can analyze a local server, a remote server, or all of the servers in your R/3 System. The audit analysis report produced by the Security Audit Log is designed analog to the System Log. Prerequisites In order to view an audit log for a server, you must have enabled the auditing procedure for the application server (see Specifying Selection Criteria). Procedure Choose Tools ® Administration ® Monitor ® Security Audit Log ® Analysis. The Audit Log: Analysis screen appears; local analysis is the default.If you want to analyze a remote server, choose the menu option Audit log à Choose à Remote audit log. If you want to analyze all servers, choose the menu option Audit log à Choose à all rem. audit logs. Your choice is displayed next to the Imported audit log entries field.Enter any restrictions you want to apply to the audit report in the appropriate fields (...

Changing Selection Criteria Dynamically
2008-02-07 20:25:00
Use You specify the information you want to audit in the Security Audit Log selection slots.There are two possible methods for specifiying or changing the selection criteria. They are:Saving the selection criteria permanently in the database (see Specifying Selection Criteria ). Changing the selection criteria dynamically on one or more application servers. This topic concentrates on dynamically changing the selection criteria. By changing the selection criteria dynamically, you can modify the selection criteria for one or more application servers in a running system. These changes are active until the application server is shut down. Prerequisites The following profile parameters must be set:Audit Log Profile Parameters Profile Parameter Description rsau/enable Enable Security Audit rsau/local/file Name of Security Audit File rsau/max_diskspace/local Maximum Space for Security Audit File rsau/selection_slots Number of selection slots for secur...

Specifying Selection Criteria
2008-02-07 20:25:00
Use You specify the information you want to audit in the Security Audit Log selection slots.There are two possible methods for specifiying or changing the selection criteria. They are:Saving the selection criteria permanently in the database. Changing the selection criteria dynamically on one or more application servers (see Changing Selection Criteria Dynamically). This topic concentrates on permanently saving the selection criteria in the database. If you save the selection criteria permanently in the database, then all of the application servers use the identical selection criteria for saving audit events in the audit log. You only have to define the criteria once for all application servers. You can also define several selection criteria (audit profiles) that you can alternatively activate.The settings take effect at the next application server start. Prerequisites The following profile parameters must be set:Audit Log Profile Parameters Profile Parameter Descrip...

The Security Audit Log
2008-02-07 20:24:00
Use In a system such as SAP R/3, it is important to be able to audit security-related system information such as changes to the configuration or unsuccessful log-on attempts. The Security Audit Log is a tool designed for auditors who need to take a detailed look at what occurs in the SAP R/3 System. By activating the audit log, you keep a record of those activities that you specify for your audit. You can then access this information for evaluation in the form of an audit analysis report.The audit log's main objective is to record:security-related changes to the R/3 environment(for example, changes to user master records)information that provides a higher level of transparency(for example, successful and unsuccessful log-on attempts)information that enables the reconstruction of a series of events(for example, successful or unsuccessful transaction starts) The following information can be recorded in the audit log:successful and unsuccessful dialog log-on attemptssuccessful and...

The Design of the Security Audit Log
2008-02-07 20:24:00
Overview The Security Audit Log keeps a record of security-related activities in the R/3 System. This information is recorded daily in an audit file on each application server. To determine what information should be written to this file, the audit log uses selection criteria, which are stored in a control block. When an event occurs that matches the selection criteria (for example, a transaction start), the audit log generates a corresponding audit message and writes it to the audit file. The audit log can then be viewed for analysis in the audit analysis report. See the diagram below:The audit log is maintained on a daily basis. The audit files from previous days are neither deleted nor overwritten, but kept until they are manually purged. Due to the amount of information that accumulates, you should archive these files on a regular basis and delete the originals from the application server (see Purging Old Audit Files). The Audit File / The Audit Record The audit files a...
More About: Design

The Security Audit Log Versus the System Log
2008-02-07 20:24:00
The Security Audit Log complements the System Log. Both are tools used to keep a record of activities performed on the SAP R/3 System. However, they use slightly different approaches and have slightly different objectives. How these two types of logging compare is described below. The Security Audit Log The System Log Objective Records security-related information that can be used to reestablish a series of events (for example, unsuccessful logon attempts or transaction starts). Records information that may signal system problems (for example, database read errors, rollbacks). Audience auditors system administrators Flexibility of Use You can activate and deactivate the audit log as necessary. Although you may wish to operate your audit on a daily basis, you do not have to. You may wish to activate the audit log for a period of time before an pre-designated audit and deactivate it between audits. The system log is needed on a continuous basis. You do not ...
More About: Versus

Program sapcpe
2008-02-07 20:23:00
Use Program sapcpe ensures automatic adjustment of locally installed executables, if changes have been made to the executables on the central instance. Prerequisites See Installing Local Executables using Automatic Adjustment. Features Program sapcpe does the following:It performs the initial copy of executables from the central directory to the local directory if you set up a system for local executables (see Installing Local Executables using Automatic Adjustment). Only the most often used executables are copied. For executables that are used less often, spacpe sets up soft links to the executables in the central directory (see graphic in Features of the Automatic Adjustment). Which executables are copied, and which executables have a soft link is determined in special files. This is covered in a later section. It checks that the local executables are up to date at each startup of an R/3 instance that uses local executables. sapcpe checks the local executables ag...

Functions of the Automatic Adjustment
2008-02-07 20:23:00
Use When you restart the SAP instance using command startsap , the program sapstart is automatically called. This program automatically calls the program sapcpe. The program sapcpe ensures that the automatic adjustment of the executables is made by copying /usr/sap//exe/ctrun from the central directory to the local /usr/sap//exe/run directory. At all subsequent startups, sapcpe checks that the local executables are still current and copies any new or altered executables from the central /usr/sap//SYS/exe/ctrun directory. File Structure for Using Local Executables Prerequisites If you start an R/3 instance and the following 3 conditions are met, sapcpe starts automatically:The directories /usr/sap//SYS/exe/run and /usr/sap//SYS/exe/ctrun exist. /usr/sap//SYS/exe/run is located on the host system of the R/3 instance and is for locally-stored executables. /usr/sap//SYS/exe/ctrun accesses (normally using NFS mount) the central directory of the execu...
More About: Automatic , Functions , Adjustment

Executables, Difference between Central and Local
2008-02-07 20:22:00
After a standard installation, you can do the following:Putting the central storage for the executables on a central server. The executables can be used commonly through distributed instances over the network (NFS). Advantages Disadvantages You need to provide storage for executables only once, on a central system in your network.If the executables are changed, all the instances are automatically provided with the correct executables are a restart. Startup of instances is slow because executables have to be loaded across the network rather than from local disk storage.Central storage can result in workload problems that lower performance.If the hosts of distributed R/3 instances run out of memory, then they must page active executables over the network. This can result in heavy workloads on the network and on the central system where the executables are stored.See also: Structure of the Executables after the Standard InstallationPutting local storage of executables in ...
More About: Local , Difference

Structure of Executables after Standard Installation
2008-02-07 20:22:00
In a standard R/3 System, executables (program files) are stored in a single executables directory. The name of this directory is operating-system specific. The following section explains the UNIX configuration. After a standard installation with several instances in a homogenous R/3 System, the executables are located in a directory on a central server (host or host system). Normally, it is the host on which the central instance of the R/3 System was created. Normally, additional dialog instances are also installed on other hosts. These distributed R/3 instances use the central executables directory together over your network using NFS. See the following graphic. File Structure after the Standard Installation In UNIX systems, the name of the default directory for the executables used by R/3 is /usr/sap//SYS/exe/run . The directory contains a soft link to either the dbg directory or the opt directory ( dbg is the default here). The dbg directory contains execut...

Platform-Independent File Names
2008-02-07 20:21:00
Application data must often be stored outside the database in files. Depending on the particular operating system in use, files may be stored in different directories. Also, file and path names must conform with different syntax requirements.Therefore, many R/3 application programs use platform-independent logical file names and call the function module FILE_GET_NAME when storing data in files. The function module takes a logical file name as input and returns the corresponding platform-specific file name. This conversion of file names is based on definitions of logical file and path names that are stored in tables.By using this function module, the assignment of file names in application programs can be standardized and performed independently of the specific requirements of different hardware and software platforms.The definitions of platform-independent file names are maintained in the implementation guide in section Basis Components ® System Administration ® Platform ...
More About: File , Independent , Names

Setting Up Locals Executables on UNIX R/3 Instances
2008-02-07 20:21:00
Use If you have a distributed homogeneous R/3 System, then you can choose how the distributed instances are to access the executable files (programs) of the R/3 System. Here, homogeneous means that the host on which the various R/3 instances run, all have the same UNIX operating system.In a heterogeneous R/3 System made up of instances running on different UNIX operating systems, or running on UNIX and NT, the aforementioned does apply universally since the since the various platforms cannot use their executables in common. Implementation Considerations In a homogeneous UNIX-R/3 System, you can choose between a standard installation (see Structure of Executables after the Standard Installation) and an installation of local executables with automatic adjustment.For more information on the differences, and advantages and disadvantages of both choices see The Differences Between Central and Local Executables.
More About: Unix

Controlling Log Switching
2008-02-07 20:20:00
This topic does not apply to R/3 Systems running on IBM AS/400 or Microsoft Windows NT hosts. The log processes described in this topic aren?t required on these platforms. Log switching occurs in central logging when the system replaces the old log with the active log. In local logs, log switching occurs when the system begins overwriting the circular log file. Central log switching is regulated by the rslg/max_diskspace/central parameter. Local log switching is regulated by the rslg/max_diskspace/local parameter.The rslg/max_diskspace/local and rslg/max_diskspace/central parameters specify the length of log files. If these parameters value are large, switching occurs less frequently than if the value were smaller. Additionally, a large log size can help prevent lost messages in the event that sudden heavy message activity causes rapid switching of the central log.To control central log switching, set the rslg/max_diskspace/central parameter to the maximum combined length of the ...
More About: Switching

Debugging Central Log Processes
2008-02-07 20:20:00
This topic does not apply to R/3 Systems running on IBM AS/400 or Microsoft Windows NT hosts. The log processes described in this topic aren?t required on these platforms. R/3 provides developers and system programmers with debugging facilities for system log processes. The debugging facilities consist of starting a process in trace mode. When in trace mode processes, exhaustively log their activities to trace logs. These traces logs are separate from the system log and unique to the send and collection processes. You can start the send and collect processes in trace mode using the following command line options: -v2 Redirect through stderr to a special log. -vt Write as free-format c-User entries in the R/3 trace file. This option is valid only if R/3 Trace is activated. -v The same as specifying both -v2 and -vt.Deleting Logs If you use debug mode, trace output is not written in the system log. Instead, trace output is written into a separate trace log. T...
More About: Central , Debugging , Processes

Troubleshooting Central Logging
2008-02-07 20:20:00
This topic does not apply to R/3 Systems running on IBM AS/400 or Microsoft Windows NT hosts. The log processes described in this topic aren?t required on these platforms. If you attempt to display the central log file and receive the error Syslog file not found, you may have problems with your central log configuration. To verify if you have configured your central log system correctly, display the central log file from each server in your R/3 system. The central system log should contain the message:Central system log is collected on .where is the host you specified in the rslg/collect_daemon/host parameter.To verify your central log configuration, check the configuration on the central log host and each server in your R/3 system. Ensure that the following parameters are set correctly:rslg/collect_daemon/hostrslg/co llect_daemon/listen_portrslg/collect_daem on/talk_portThe SAPSYSTEM number in these parameters must be set to the central database server. If one or more instances ha...
More About: Troubleshooting

Terminating Processes
2008-02-07 20:19:00
This topic does not apply to R/3 Systems running on IBM AS/400 or Microsoft Windows NT hosts. The log processes described in this topic aren?t required on these platforms. You should explicitly terminate the collect and send system log processes as part of any shutdown or reboot of the host operating system. If you start processes with the start-up profile, the processes are shut down automatically by a system shutdown. The log system processes are not affected by an abnormal termination of the R/3 System. Abnormal termination is termination of the work and dispatcher processes.Should you need to shut down a log process with an operating system command, you can have the process perform a normal or an expedited orderly termination. An example of such an operating system command is the UNIX kill command.Using a terminate option starts a normal termination. The affected process finishes any processing that is underway. The process then terminates rather than sleeps. In this case, a s...
More About: Processes

Starting the System Log Processes
2008-02-07 20:19:00
After you have set the central logging parameters, you must start the R/3 system processes that send messages from local logs to the central log. On the central system, you start a collection process and a send process. On each instance, you must start a send process.This section does not apply to R/3 System s running on IBM AS/400 and Microsoft Windows NT hosts. Central logging is not offered on these platforms, and the processes described below are not needed. Start a Collection Process on the Central Instance You should start a collection process only on the instance where the central log is to be maintained. To start the collect process, add the following commands to the start profile of the instance: #---------------------------------------- -------------------------# start rslgcoll #---------------------------------------- -------------------------_CO =co.sap_DVEBMGS00# create a link name for rslgcollExecute_05 =local ln -s -f $(DIR_EXECUTABLE)/r...
More About: Processes

Specifying Log File Pathnames
2008-02-07 20:18:00
You can specify the paths and file names for local and central system log files with the following system profile parameters: Parameter Definition rslg/central/file Specifies the active central log filename. The default file name is:SLOGJ rslg/central/old_file Specifies the old central log filename. When a log switch occurs, the active log file is copied onto the old log file. The default filename is:SLOGJO rslg/local/file Specifies the local log filename. The default filename is:SLOGAbout the R/3 System Number To specify log file path names, you can use the R/3 system number directly or you can specify the symbols $$ in the profile. A system?s number is identified by the SAPSYSTEM parameter. This parameter is defined in a system?s start-up and system profiles. The SAPSYSTEM appears in R/3 instance names. For example, the system:hs1044_C11_17C11 is the SAPSYSTEM. The host name is hs1044 and it is defined by the SAPDBHOST parameter. 17 is the R/3 System n...
More About: File

Understanding Central Logging Concepts
2008-02-07 20:18:00
If you like, you can configure your server to write to a central log as well as to a local log. Central logging requires 2 or more R/3 instance or application servers. A single system is the central system. This system collects the log data from the other instance or application servers. For central logging to work, you must do the following:Set the logging parameters in each system profile. Start a collection process on the central application server. Start a send process on the central system and on each instance. Central System Log Processes To maintain a central system log, two processes are required: a send process and a collection process. Each instance uses the send process. From each instance, the send process copies local messages to the central log.The send process is activated automatically at intervals. Each time a send is activated it forwards all the log messages that were posted since its last activation. After forwarding the local messages, the send process sle...
More About: Concepts , Understanding

Setting Central Logging Parameters
2008-02-07 20:18:00
On each application server central logging is inactive by default. Before you can enable central logging, you must ensure that the logging parameters in the central system and in each instance are identical. The system parameters that control central logging all begin with the rslg prefix.To set the rslg parameters, you can edit the profile on each application server, or you can edit the DEFAULT.PFL file on the central application server. The recommended method is to edit the DEFAULT.PFL. Editing the DEFAULT.PFL To set the central logging parameters using the DEFAULT.PFL profile, do the following:Display the rslg parameter values on the central system. To do this, choose Environment ® Display SAPPARAM from the System Log initial screen.Check the values of the following parameters: rslg/collect_daemon/hostrslg/collect_daem on/listen_portrslg/collect_daemon/ talk_portrslg/send_daemon/listen_portrslg /send_daemon/ talk_portThese parameters must be set and identical on the cen...
More About: Central

Using the Expert Mode
2008-02-07 20:17:00
The System Log utility has two modes: normal and expert. The expert mode is intended primarily for use by R/3 should it become necessary to analyze a problem in your system. To enter expert mode, choose Edit ® Expert mode.In expert mode, you have a number of additional selection options you can use. You can also exclude or include specific system log messages. Setting Expert Selection Options Choose Attributes under the Selection text group box to display the following fields: Attribute Description Program Restricts the display to messages from one program. Problem classes Limits the report to a specific message type. You can enter one or more of the following message classes:K system kernel messages from the Basis systemS status messages T transaction messagesW warning messagesX other types of messages From file/positionTo file/position Defines the segments of the log file that are read. If you have already read the system log once, you can de...
More About: Mode

Reading a Log Report
2008-02-07 20:17:00
To display a current system log, choose Refresh Syslog from the System Log initial screen. The system displays a table with the system log entries. The information available with this table depends on your selection criteria. If you used the default selection criteria, your system log appears similar to the following:To get detailed information about a specific entry, double-click the entry:The title page of the system log includes a summary of your selection criteria. The last page of the log is a table of contents for the log. If you select the with statistics option in the Format text box, the system includes a statistical analysis. This analysis includes a report of message frequency by client, transaction, report, and user.An empty User field in a log report means that the system issued the message during startup or shutdown of the R/3 System. There are some other system activities that are not assigned to an individual user. Sorting the System Log Display You can use the S...
More About: Reading , Report

Displaying a Log Report
2008-02-07 20:16:00
To display system logs, choose Tools ® Administration from the R/3 initial screen. The system displays the System Administration initial screen. Choose Monitoring ® System log. The System Log initial screen appears. The System log entries read field tells how many log entries the system has read from the log file. When you first enter the System Log initial screen, this field is set to 0. To read the system log, choose Refresh SysLog. The system then reads in entries from the log file so that you can display them. By default, the system reads the log for the last one to two hours.If you have read a log, the toolbar contains Redisplay only and Read in Syslog buttons along with the Refresh Syslog:Choose Redisplay only to view the last system log you displayed. If you like, you can use the Selection options along with this button to refine the old system log data without re-reading the log.If you want to retain the data from this last read, but want to reread the sy...
More About: Report