on 09-05-2019 7:23 AM
Hello Experts,
we want to use the SAP API Mangement on Cloud Foundry.
Regarding to data security we think about logged data by sap.
Does somebody know which kind of data will be logged by SAP (e.g. Payload Content...) and how critical is it regarding to data security?
Thank you and have a good day
Tim
Hi Tim,
Are you asking about data that is logged for your own usage, or data which is logged and stored by SAP itself?
For data logged by SAP itself - as with other products on the Cloud Platform is must adhere to strict security and privacy controls - you can read more here: https://www.sap.com/about/trust-center.html
You can also check out https://www.sap.com/about/trust-center/certification-compliance.html to see the compliances for SAP CP, including SOC 2 and ISO 27001. SAP takes data and security very seriously.
As for the tool - SAP API Management itself is designed to not persist much data aside from Analytics - so for example the payload of a call will not by default be persisted. However it is a configurable tool, meaning depending on how a customer configures the tool there may be a residue of data (for example if a customer configures a Cache policy the payload data will be persisted to disk cache to be served from cache).
There are audit logs but this is data about the usage of the tool itself (when someone logged in, what they did on the service, what calls were made and what happened on a network level), and are not about the customer data in-flight (unless configured to store data).
If you have a specific concern please let us know.
Regards,
Elijah
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Elijah,
Is there any guide on how to interpret the audit logs with regards to extract information regarding SAP API Management calls maybe by an Application. I'm mainly looking for the data that supports the analytic reports in SAP API Management, e.g. which app called what service when, and what was the status. Dashboard provides a summary, but there are times where we need to drill down to specific instances.
User | Count |
---|---|
101 | |
13 | |
13 | |
11 | |
11 | |
7 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.