Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

AIS in ECC 6.0

Go to solution
Former Member

‎11-20-2008 10:12 AM

0 Kudos

Hi,

We want to implement AIS in our ECC 6.0 system.

Kindly enlighten me how to go or infact start about it.

Regards,

Shailaja

1 ACCEPTED SOLUTION

Go to solution
former_member1061482
Participant

‎11-20-2008 10:21 AM

0 Kudos

Configuration is done using T-code SM19.

You can set two types of filters: Static(It needs a system restart) or Dynamic

Various parameters need to be set using RZ11. Their list can be found in SM19->Environment-> Profile Parameters.

This is the basic requirement. Depending on your business requirement, you can select the various audit classes which need to be audited in SM19. Through SM20 you can check the logs.

14 REPLIES 14

Go to solution
former_member1061482
Participant

‎11-20-2008 10:21 AM

0 Kudos

Configuration is done using T-code SM19.

You can set two types of filters: Static(It needs a system restart) or Dynamic

Various parameters need to be set using RZ11. Their list can be found in SM19->Environment-> Profile Parameters.

This is the basic requirement. Depending on your business requirement, you can select the various audit classes which need to be audited in SM19. Through SM20 you can check the logs.

Go to solution
Former Member
In response to former_member1061482

‎11-20-2008 10:37 AM

0 Kudos

AIS is usually used as an acronym for "Audit Information System".

This is different from the "Security Audit Log" (SM19).

Searching for transaction SECR will help you further on the "AIS".

Cheers,

Julius

Go to solution
former_member1061482
Participant
In response to former_member1061482

‎11-20-2008 10:40 AM

0 Kudos

Hi Julius,

Thanks for correcting me!

I will look for tcode SECR. Thankyou!

Go to solution
Former Member
In response to former_member1061482

‎11-20-2008 10:45 AM

0 Kudos

Also see SAP Note 451960 (mentioned when you start transaction SECR).

Cheers,

Julius

Go to solution
Former Member
In response to former_member1061482

‎11-20-2008 10:49 AM

0 Kudos

Hi,

Thanks for the reply.can some one tell me what is system audit and business audit.

what is the diff.Should we go for both to be implemented.

and also the AIS program concept (secr) has been changed from the former menu technique to a role based maintenance now.Can some one elaborate on this.

Regards,

Shailaja

Go to solution
Former Member
In response to former_member1061482

‎11-20-2008 10:51 AM

0 Kudos

Read the SAP note I mentioned and go through the menu's of the roles mentioned.

It should be clear for you to start with.

Cheers,

Julius

Go to solution
Former Member
In response to former_member1061482

‎01-05-2009 5:20 AM

0 Kudos

Hi,

As per the said note, I have assigned the role (sap_auditor---->Z_auditor) to one test user id.

Now for that Id, in the AIS menu only business audit node is appearing

but not system audit node.

what may be the reason...

Regards,

Shailaja

Go to solution
Former Member
In response to former_member1061482

‎01-05-2009 6:09 AM

0 Kudos

The roles for AIS have been split into menu roles and authorization roles for easy maintenance.

Menu roles are SAP_AUDITOR* -- These have only the menus no authorizations

Authorization roles are SAP_CA_AUDITOR* -- These have only the authorizations no menu

You create a copy of these roles for your own customer specific namespace.

For system audit there are three different roles one for general system audit (SAP_AUDITOR_SA_BC), one for users and authorization audit (SAP_AUDITOR_SA_BC_CCM_USR)and one for tables and repository objects audit(SAP_AUDITOR_SA_BC_CUS_TOL).

The composite role SAP_AUDITOR contains all the business audit roles (only)in AIS.

To find individual business roles use the serach SAP_AUDITOR_BA*

Authrioization roles for BA can be found using SAP_CA_AUDITOR*

Go to solution
Former Member
In response to former_member1061482

‎01-05-2009 9:51 AM

0 Kudos

Have you checked the contents of the Z_auditor role? does it contain the system audit roles which are listed in the note provided by Julius?

Go to solution
Former Member
In response to former_member1061482

‎01-07-2009 6:20 AM

0 Kudos

checked the contents of the Z_auditor role It does not contain the system audit roles.

Added the system audit roles and the nodes are appearing.

One small info :SAP_AUDITOR_SA_CCM_USR and SAP_AUDITOR_SA_BC_CCM_USR are both same

And SAP_AUDITOR_SA_CUS_TOL and SAP_AUDITOR_SA_CUS_TOL are same.

Thank you all.

Regards,

Shailaja

Go to solution
ashok_backiaraj
Participant
In response to former_member1061482

‎01-13-2010 10:35 AM

0 Kudos

Hi,

Kindly let me know how to implement SAP AIS? What are the questions to be asked to the client? Any questionair for requirement gathering, any step-by-step confirguration steps available etc.

Could you please guide in in this regard?

Cheers,

Go to solution
Former Member
In response to former_member1061482

‎01-13-2010 10:44 AM

0 Kudos

Some questions for the AIS:

- Do you hijack other people's threads?

- Do you expect others to do all your work for you without putting something back in again?

- What is your favourite RTFM?

- What is the terminal velocity of a heavily laden swallow?

- etc..

Go to solution
Former Member
In response to former_member1061482

‎11-15-2010 3:14 AM

0 Kudos

Shailaja,

in ECC 6.0 there are AIS specific roles, you need to just assign to the AUDITOR via su01 or create a Z_AUDITOR composite role, and assign "AIS" specific single roles.

Regards

Shailendra

Go to solution
Former Member

‎11-20-2008 10:47 AM

0 Kudos

Hi Shailaja,

Just to add up you can check SAP_AUDITOR* standard SAP roles , which will be very useful while implementing AIS.

Regards,

Sneha