SAP Basis IT Security - SAP Admin

Direkt zum Seiteninhalt
IT Security
Define Queue
The Advanced Memory thus contains mainly user contexts of different work processes, if these cannot be loaded completely into the roll area. Since the storage area is accessible for all work processes, the work processes can also access external user contexts that lie here. In addition, the Advanced Memory contains a global area where data can be stored independently of user contexts. The extended memory size is determined by the values of em/initial_size_MB and em/global_area_MB. The first parameter determines the size of the storage area in which user contexts can be stored, and the second determines the size of the global area. Parameters for Private Storage Last but not least, there is the private storage, which is only used when the user context of a work process has used up all the other storage areas available to it, i.e. its share of the extended memory and its rolling area. In this case, the workprocess goes into PRIV mode. A workprocess in private mode is bound to its current user context and will not become free for other tasks until the current request is completed. If it has used up all the private memory allocated to it, the workprocess will then be restarted and the memory released. This behaviour is controlled with the abap/heaplimit parameter. At times, the user context may exceed the value of abap/heaplimit. The parameters abap/heap_area_total, abap/heap_area_dia and abap/heap_area_nondia define an upper limit for private storage. The abap/heap_area_total parameter defines how much private storage all workprocesses can use in total. The parameters abap/heap_area_dia and abap/heap_area_nondia, on the other hand, determine how much private storage a single (non-)dialogue workprocess can use.

Especially after security incidents it may be necessary to find out which (technical) users have logged in at which time. The USR02 table provides a first entry point. In the TRDAT column you can find the last login date for the user you want. However, a history of previous applications is not found in this table. In such cases, the Security Auditlog or SAL helps. Preparation In order to access the desired data, it must also have been saved previously. In the Security Auditlog, you can use various filters to determine which users are logged on which client and which information. The Security Auditlog stores, depending on configuration, logins, RFC calls, and other actions for specific users. You can make these settings in the SM19 transaction. Note: Logging user activity must be aware of the users concerned! Configure the SAL only for technical users or in consultation with users / works council / etc. It can be seen there among other things when the SAL was activated and last edited (1). You can also select the various filters (2), activate the filters individually (3), specify clients and users (4) and specify which activities are logged (5). Static configuration in the SM19 Under the Dynamic Configuration you can also see if SAL is currently active for the system. Determine the status of the SAL Evaluation of the SAL If the Security Audit Log is active, switch to the SM20 evaluation of the Security Audit Log. Select the desired user and client and the appropriate time window. The option Dialogues login is sufficient for the login. Then, restart the AuditLog analysis. Start evaluation You will get an overview of the user's login to the selected client of the system.

SAP Basis refers to the administration of SAP system that includes activities like installation and configuration, load balancing, and performance of SAP applications running on Java stack and SAP ABAP. This includes the maintenance of different services related to database, operating system, application and web servers in SAP system landscape and stopping and starting the system. Here you can find some useful information about SAP Basis: www.sap-corner.de.
SPAM: Check Logs
SAP Basis is responsible for the smooth operation of programs in the SAP system. It acts like an operating system for R/3 and subsequent releases including S/4HANA. Every operating system provides an environment in which programs can run, such as MS Office on Microsoft Windows. In the same way, the SAP Basis system with the NetWeaver and HANA platforms provides an environment in which SAP programs can run. In this context, the NetWeaver platform itself relies on server operating systems such as Windows and Linux.

In addition to proactive monitoring to prevent possible errors or even complete system failures, our SAP Basis team also implements clearly defined authorization concepts. So that unauthorized persons cannot access important data and your employees are protected from unintentional violations.

Some missing SAP basic functions in the standard are supplied by the PC application "Shortcut for SAP Systems".

Select the import queue of the target system with a double click.

So much information... how can you keep it so that you can find it again when you need it? That's what Scribble Papers is great for.


This can be an internal administrator or it can be handed over to external service providers.
Zurück zum Seiteninhalt