cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Tracking a user's daily activity

Go to solution
Former Member

on ‎09-25-2010 6:08 AM

0 Kudos

Friends,

We have some problem as a user with some high authorizations is changing the data at the production sever on a regular basis. We have very few users and want to trace that one. Is it possible to trace a user's daily ativity including T-Codes used, changes done, authorization objects used etc. If it is possible, please help and tell the way to do this thing.

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎09-25-2010 10:12 AM
0 Kudos

Hi,

Just enable and activate security audit in SM19.

You can read the log using SM20 t-code

Refer the below link for how to configure it...

[Security Audit Log (BC-SEC)|http://help.sap.com/saphelp_nw04/helpdata/en/68/c9d8375bc4e312e10000009b38f8cf/frameset.htm]

Regards.

Rajesh Narkhede

Show replies
Show replies

Answers (8)

Answers (8)

Former Member
‎04-03-2014 6:11 AM
0 Kudos

This message was moderated.

Show replies
Show replies
Former Member
‎09-30-2010 4:36 AM
0 Kudos

Thanks a lot guys, it was really helpful.

Show replies
Show replies
Former Member
‎09-29-2010 7:02 PM
0 Kudos

Hello,

Transaction ST01, check "Authorization Check" and click "Trace On". At the end of the day click on the "Trace Off" and "File Analysis" and determine which critical authorization objects have been accessed by users.

Best regards,

Roger Vier

Show replies
Show replies
Former Member
‎09-29-2010 7:44 PM
0 Kudos

> 

> Hello,
> 
> Transaction ST01, check "Authorization Check" and click "Trace On". At the end of the day click on the "Trace Off" and "File Analysis" and determine which critical authorization objects have been accessed by users.
> 
> Best regards,
> Roger Vier

If you are going to use the ST01 method, I would advise you to first go to Edit>Filter>Shared and input the user ID in the "Trace for user only" field before turning the trace on. You probably do not want to trace every user's activity (by the sound of the first post) and that would be a lot of data to sift through if you only are looking for one user's activity.

Joey

Former Member
‎09-29-2010 4:04 PM
0 Kudos

Hi Joey Stephens,

I tired doing the way you mentioned by i could not see the Tcodes which have been excuted by user,I tried executing some tcodes and when I check to see below is the information i could see when i double the user but not the information of tcodes he executed.

ABAP Instance name steps T Response time

RSBTCRTE 6 0

/BDL/TASK_SCHEDULER 6 0

Regards

Uday

Show replies
Show replies
Former Member
‎09-29-2010 4:19 PM
0 Kudos

The column that will have the T-code is the "ABAP Instance Name" column.

It does not make sense, because I would assume "ABAP Instance Name" would have the Insance information in it, but in fact it show sthe T-code, report, function module or program that the user executes.

If it is a background user, you will not see any t-codes, but rather reports/programs only.

Former Member
‎09-29-2010 1:37 PM
0 Kudos

If you want to know what t-codes this user is running, you can find this information this way:

(this is in an ECC 604 system, so the exact menu, options may vary in your system)

Run transaction ST03N (Workload in System <SID>)

Select "Expert Mode" in the left-hand pane

Double-click on the Instance you want to look at or "Total"

On teh bottom half of the left-hand pane, expand "User and Settlement Statistics"

Double-click on "User Profile"

In the right-hand pane you will have a list of all the users who have run transactions in the specified time period.

Double-click on the user you wish to look at.

This will show you the T-codes this user has run, how many steps run, and what resources used.

Hope this helps...

Show replies
Show replies
Former Member
‎09-28-2010 8:23 PM
0 Kudos

Why dont you try and remove auth in first place if you dont want any change in your production server.

Tracking these users will anyway cost you some resources like disk space if you activate security audit log ... and then you have to check the logs as well.

implement proper security concept and limit the users to get rid of this unwanted changes in Production.

Regards

Shailesh Mamidwar

Show replies
Show replies
Former Member
‎09-28-2010 8:08 PM
0 Kudos

Hi,

Audit log will help if its already enabled in this case.

You can try with Tcode STAD,STAT as mention, also check for sm21.

Regards,

Deepanshu

Show replies
Show replies
Former Member
‎09-27-2010 9:26 AM
0 Kudos

Hi,

You can also give a try checking at Tcode STAD,STAT

Regards

Uday

Show replies
Show replies
Ask a Question