SM20 Evaluation of the Security Auditlog
Call Inheritance Hierarchy
The monitoring of SAP systems, for example, is handled by modern AIOPs software, which permanently performs essential checks thanks to regular checks. This allows us to focus on optimizing your SAP systems, not only reactively in the event of an error, but also proactively to avoid possible errors before they occur.
In the SAP Basis area, it is necessary to make temporary changes to the security settings of clients and systems in the course of system updates. You can use the system changeability variable to specify whether changeability of cross-client data, such as programs or menus, and cross-client customizing is allowed.
SWEC Events for change document
This option is useful if several transactions are to be checked simultaneously for their existing assignment to a particular user. This variant must first identify all roles that have already been assigned to the user. This is done in the transaction SE16N by entering the table AGR_USERS. In addition, the limit of the maximum hit number can be set in this image. The user concerned must now be entered here. Furthermore, the output should be limited to the roles only. After the query is executed, all the roles assigned to the previously entered user are displayed. These are now completely marked and copied. Then in the transaction SE16N a step back is taken and this time the table AGR_1251 is selected. Now all the roles that have been copied previously are inserted here. In addition, the object S_TCODE and the transactions to be searched for are filtered. Warning: When entering transaction codes, be sure to be case-sensitive! At this point, the output can also be limited to the roles and object values (in this case, the transactions). After the query is executed, the transactions entered will now show those that the user can already perform. In addition, the role assigned to the transaction is shown. In conclusion, the SUIM is only partially suitable for identifying certain transactions with user assignment. Although the search using the S_TCODE permission object also allows you to view multiple transactions. However, since the result is missing the assignment of transactions considered to roles, the SUIM transaction can only be usefully used to check a single transaction for its existing assignment to a particular user.
A positive aspect of standardisation and automation is the increase in the quality of tasks, since manual errors can be almost excluded. It also increases the speed at which certain tasks can be performed. This is accompanied by a reduction in the proportion of administrative activity and thus in the proportion of the operation of the system landscape.
With "Shortcut for SAP Systems" a tool is available that greatly facilitates some tasks in the SAP basis.
Job scheduling: your system needs to run various automatic background jobs that consume resources.
Understanding the structure and functioning of the system is especially important for IT administration. It is not for nothing that "SAP Basis Administrator" is a separate professional field. On the page www.sap-corner.de you will find useful information on this topic.
Suppose you have 3 SAP systems in your network: SRC, TRG and PRX.