cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Which Data will be logged by sap on API Management

tis
Explorer

on ‎09-05-2019 7:23 AM

0 Kudos

Hello Experts,

we want to use the SAP API Mangement on Cloud Foundry.

Regarding to data security we think about logged data by sap.

Does somebody know which kind of data will be logged by SAP (e.g. Payload Content...) and how critical is it regarding to data security?

Thank you and have a good day

Tim

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

ElijahM
Advisor
Advisor
‎09-11-2019 2:06 AM
0 Kudos

Hi Tim,

Are you asking about data that is logged for your own usage, or data which is logged and stored by SAP itself?

For data logged by SAP itself - as with other products on the Cloud Platform is must adhere to strict security and privacy controls - you can read more here: https://www.sap.com/about/trust-center.html

You can also check out https://www.sap.com/about/trust-center/certification-compliance.html to see the compliances for SAP CP, including SOC 2 and ISO 27001. SAP takes data and security very seriously.

As for the tool - SAP API Management itself is designed to not persist much data aside from Analytics - so for example the payload of a call will not by default be persisted. However it is a configurable tool, meaning depending on how a customer configures the tool there may be a residue of data (for example if a customer configures a Cache policy the payload data will be persisted to disk cache to be served from cache).

There are audit logs but this is data about the usage of the tool itself (when someone logged in, what they did on the service, what calls were made and what happened on a network level), and are not about the customer data in-flight (unless configured to store data).

If you have a specific concern please let us know.

Regards,
Elijah

Show replies
Show replies
yingli
Explorer
‎10-05-2022 7:50 PM
0 Kudos

Hi Elijah,

Is there any guide on how to interpret the audit logs with regards to extract information regarding SAP API Management calls maybe by an Application. I'm mainly looking for the data that supports the analytic reports in SAP API Management, e.g. which app called what service when, and what was the status. Dashboard provides a summary, but there are times where we need to drill down to specific instances.

Ask a Question