We have recently configured EAM on HANA. Using the Firefighter id we have triggered 2 statement-
1. Create user User_Name and password
2. Create schema Schema_name.
I could see that logs are generated for the SQL statement Create user User_Name and password and not the other.
In HANA system - Audit logs shows both the statements.
I raised an OSS and told to refer class CL_GRAC_AD_SUPER_USER_HDB and method - IF_GRAC_AD_SUPER_USER~GET_SECAUDIT_LOG.
In the mentioned method -
lv_query = `SELECT USER_NAME AS "USER", REPLACE(REPLACE(REPLACE(ADD_SECONDS("TIMESTAMP", 0 - (SELECT value FROM M_HOST_INFORMATION WHERE lower(key) = 'timezone_offset' LIMIT 1)), '-', ''), ':', ''), ' ', '') AS "LOG_TIME", ` "Note 2818210
&& `CLIENT_IP AS "TERMINAL", EVENT_STATUS || '-' || EVENT_ACTION AS "ACTION", ` "Note 2785042
&& `RIGHT(IFNULL(OBJECT_NAME, ''), 40) AS "PROGRAM", SUBSTRING(IFNULL(STATEMENT_STRING, ''), 1, 132) AS "LOG_TEXT" `
&& `FROM AUDIT_LOG WHERE AUDIT_POLICY_NAME IN (` && lv_audit_log_name && `) AND EVENT_ACTION IN ('CREATE ROLE','DROP USER','DROP ROLE','CREATE USER','ALTER USER',`
&& `'REVOKE ROLE','GRANT ANY','REVOKE APPLICATION PRIVILEGE','GRANT STRUCTURED PRIVILEGE','GRANT APPLICATION PRIVILEGE','REVOKE ANY','GRANT ROLE',`
&& `'REVOKE STRUCTURED PRIVILEGE','REVOKE PRIVILEGE','GRANT PRIVILEGE','CREATE STRUCTURED PRIVILEGE','DROP STRUCTURED PRIVILEGE','ALTER STRUCTURED PRIVILEGE') `.
so the method does not include CREATE SCHEMA . Could anyone please help me with this as we need to capture logs for create schema.