on 09-20-2013 6:22 PM
Hello Everyone,
I was wondering if anyone knows how/where to look for logs of who added a transport to a buffer. Someone is manually adding transports into system buffers they shouldn't be in and I would like to find out who it is. I looked through the transport logs, slog & alogs and the only information I can find is when it was added to the buffer but not by who. Please help me find this guy who is trying to ruin my life.
Thanks,
Issac
Hi Issac,
You may see the information for any transport in details in TMS Alert Viewer.
http://help.sap.com/saphelp_sm32/helpdata/en/5f/a065b4b9d811d2b433006094b9ea64/frameset.htm
But if the transport is added to buffer from OS level , <sid>adm will be the user recorded in SLOG.
If it is added from STMS it will show the user in SLOG.
With Regards
Ashutosh Chaturvedi
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
HI,
If added through sap.
Check for the ULOG in the transport directory
sidadm 20130921122803 RFC: tp ADDTOBUFFER SIDKXXXX SID clientXXX pf=/usr/sap/trans/bin/TP_DOMAIN_SID.PFL -Dtransdir=/usr/sap/trans (pid=XXXX)
Search for the SLOG for that particular transport no related to the time 20130921122807.
In the Slog you will be able to see how it added via TMSADM or SID that imported it and the request got added as it was forwarded due to the configuration of the transport .
Please also check the transport route what system is before that system whose buffer you are checking.
Was that transport imported in the earlier system and the request was forwarded to the system next to it.
Try to check if up can find the pid=XXXX in the workprocess or SM59 trace.
Thanks
Rishi Abrol
There is 2 avenues to update the buffer, STMS and tp commands directly from OS... If done from STMS then and you know the time of the addtobuffer command, you can check STAD or SM20 for the culprit... if it was done at OS level unfortunately the SLOG capture only the user (usually <sid>adm) which will force you to think who else in your team has access to it an or maybe you should consider restricting the access.
Regards, Juan
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
84 | |
25 | |
12 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.