Custom Audit Logging

I have some custom workflows that require auditing.
Basically, I need to create a rule or something that logs a particular string into idm's internal logging mechanism that can be reviewed later when necessary.
I was wondering if someone has an example on how to do this.

Found it. Its TRACELOG. Gettingstarted tutorial mentioned it.
My bad - should have looked harder.

Similar Messages

Customizing Audit Log Report - Adding/Removing Columns from Display

Hi All -
Has anyone tried adding/removing the columns from Out of Box Auditi Log report with minor customizations to the code/configuration files ? Right now , when the Audit Log report is executed, there are numbe of columns that appear on report (Server, Client IP etc) which are too technical for the client and requirement is remove some of these and add some more for the attributes that we are audit logging through Audit workflow service. If you have done something similar in the past, please provide me with some inputs. Any sample code, examples will be highly appreciated.

Hello Gurus,
I also have same kind of requirement.WE have to send a monthly report to customer where number of users created and deleted to be given to them.
Its urgent.Please help
Thanks in advance

Removing audit log report fields

Hi all,
Can we customized the fields shown in the audit log reports? They are very technical, and some just have no value most of the time, and I need all the columns fit in one page. If possible I want to have the original kept intact, meaning creating a new custom audit log report based on the orginal one. thanks in advance.

Can you please confirm that you have configured events to audit?
Configure
audit settings for a site collection
Here is step by step how to configure audit setting.
http://anthony-verschraegen.blogspot.ca/2013/04/sharepoint-2013-configuring-audit.html
Amit

Adding entries in Audit Log Tab in Component Monitoring under Runtime Workb

Hello Experts,
I am trying to add my own audit log entries to the Audit Log Tab under Runtime Workbench -> Component Monitoring. I found this sap help link (http://help.sap.com/saphelp_nwpi71/helpdata/en/3b/6fe540b1278631e10000000a1550b0/frameset.htm) I am not sure if i am going in the right direction or not. But, when I tried to use the code in my User Defined Function in Message Mapping it gives me java error on PublicAPIAccess.
Can anyone please let me know what am i doing wrong or if I am going in a totally wrong direction to achieve me goal.
I am using PI 7.1 without EP1 and my example uses File adapter.
Thanks!!

Hi,
if you are trying to add custom audit log for system monitoring in RWB in component monitoring, then i think it is not feasible........moreover for this thing, you can ask your basis guys to configure CCMS in your XI system to recieve alerts for your system.............
if you are trying to add custom audit log msgs for your msg processing, then you should develop a custom J2EE adapter module and add your audit log entries in the process method of your adapter module..............
Regards,
Rajeev Gupta
Edited by: RAJEEV GUPTA on May 6, 2009 7:12 AM

Audit log of customized table.

Dear experts,
I need to trace log of some tables.
In spro transacction there is one customize transacction KEDE. This transacction is used to define derivation rules and generates entries with tables names. This records are generated in TKEDRS table. I do not need to audit this table. I need to audit some the tables recorded in field table of table TKEDRS.
K9XXXYYYNNNN.
XXX- ID SYSTEM
YYY- ID CLIENT
NNNN-Number
This custom point generates tables in dictionary. I need to trace this tables for audit log of changes. One solucion is configure SCU3 and tables in SE11.
This table do not have modification digalog. (cdhdr, cdpos, ... ) tables.
Are there other solution?
Thanks and regards.
David Sánchez.

Dear experts,
I need to trace log of some tables.
In spro transacction there is one customize transacction KEDE. This transacction is used to define derivation rules and generates entries with tables names. This records are generated in TKEDRS table. I do not need to audit this table. I need to audit some the tables recorded in field table of table TKEDRS.
K9XXXYYYNNNN.
XXX- ID SYSTEM
YYY- ID CLIENT
NNNN-Number
This custom point generates tables in dictionary. I need to trace this tables for audit log of changes. One solucion is configure SCU3 and tables in SE11.
This table do not have modification digalog. (cdhdr, cdpos, ... ) tables.
Are there other solution?
Thanks and regards.
David Sánchez.

Auditing and Custom error logging

Guys,
Can one of you tell me how can we do auditing in ODI i.e like say if load files how many records the file have and how many we have loaded for each file and how many are
bad records etc and how many records we have inserted/updated in each table etc.
Basically some sort of report we need to send in the end as audit report after odi batch run every day
Can we do this in ODI?
Is it possible to do sort of custome error logging like what we do in pl/sql, like inserting into error log table when ever oracle error comes or any runtime error which we need to insert into table etc.
Can we do this kind of error handling ODI?
Cheers
Sri
Edited by: aranisrinivas on 26-Nov-2011 10:13

Just use below details for your required information
'<%=odiRef.getPrevStepLog("STEP_NAME")%>'
'<%=odiRef.getPrevStepLog("SESS_NO")%>'
'<%=odiRef.getPrevStepLog("MESSAGE")%>'
'<%=odiRef.getPrevStepLog("ERROR_COUNT")%>'
You can get more details from below tables.
1) snp_sess_txt_log -( It holds the scripts used for the task and session details)
2) snp_sess_task_log-(It holds the time details error msg and all)
3) snp_sess_task -( it holds the name of the task and technology , context details
Thanks

Weu0092d like to get Custom reports. The base of reports is Security Audit Log

Wed like to get Custom reports. The base of reports is Security Audit Log files. This is files for SM20.
What does the file structure look like? What is field of it?
Thanks!

Hello Marina
The data written to the security audit log correspond to the DDIC structures RSLGENTR (up to release 4.6) and RSAUENTR2 (in newer releases). DDIC structures can be viewed using TA SE11 (data type).
As I can see you have already opened a thread regarding this. Please don't duplicate the threads, as this only widespreads the information.
Regards,
Désiré

Audit Log Report not display and error is "Report Contents No data"

Dear All,
i have reuired the audit log report but when i am click the Site Action->Site Setting->Audit log reports->Run a custom report-> select the day and option and click ok the i have received the error
Please help me please check below screen shot

Can you please confirm that you have configured events to audit?
Configure
audit settings for a site collection
Here is step by step how to configure audit setting.
http://anthony-verschraegen.blogspot.ca/2013/04/sharepoint-2013-configuring-audit.html
Amit

Write to audit log from Axis Handler

Hi guys,
Using PI 7.11 SP 04 I have deployed the com.sap.aii.af.axisproviderlib.sda containing the libraries for Axis.
This is deployed fine and I can write my Handlers without trouble.
There is only 1 issue bugging me and that is the writing to the Adapter Audit Log. In SAP Note 1039369 FAQ XI Axis Adapter it is described how to write to the Audit log.
I can successfully write to the Channel monitor. But when I try to write to the Audit log data is still just written to the Channel monitor and not the audit log.
So what I have done is:
StatusAgent sa = (StatusAgent) getOption(Constants.MONITOR_AGENT_KEY);
Hashtable ht = getOptions();
ht.put("audit", Boolean.TRUE);
ht.put("pivoted", Boolean.TRUE);
sa.reportEvent(Status.OK, "This should be written to audit log but is written to channel monitor", ht);
sa.reportEvent(Status.ERROR, "This should also be written to audit log but is written to channel monitor", ht);
If i print the content of my hashtable in the channel monitor I can see that my entries are put into the table just fine. The 'audit' entry just seems to be completely ignored.
Anyone have and suggestions?
Regards,
Daniel

Hi Guys,
I need to know what JAR file i need to download for the following packages from SAP PI.
import com.sap.aii.axis.monitor.Status;
import com.sap.aii.axis.monitor.StatusAgent;
import com.sap.aii.axis.utils.Constants;
I am doing AXIS custom modules and i need to write to the PI 7.1 Audit Logs.
Thanks in advance.
Raj

"logon time" between USR41 and security audit log

Dear colleagues,
I got a following question from customer for security audit reason.
> 'Logon date' and 'Logon time' values stored in table USR41 are exactly same as
> logon history of Security Audit Log(Tr-cd:SM20)?
Table:USR41 saves 'logon date' and 'logon time' when user logs on to SAP System from SAP GUI.
And the Security Audit Log(Tr-cd:SM20) can save user's logon history;
at the time when user logged on, the security audit log is recorded .
I tried to check SAP GUI logon program:SAPMSYST several ways, however,
I could not check it because the program is protected even for read access.
I want to know about specification of "logon time" between USR41 and security audit log,
or about how to look into the program:SAPMSYST and debug it.
Thank you.
Best Regards.

Hi,
If you configure Security Audit you can achieve your goals...
1-Audit the employees how access the screens, tables, data...etc
Answer : Option 1 & 3
2-Audit all changes by all users to the data
Answer : Option 1 & 3
3-Keep the data up to one month
Answer: No such settings, but you can define maximum log size.
4-Log retention period can be defined.
Answer: No !.. but you can define maximum log size.
SM19/SM20 Options:
1-Dialog logon
You can check how many users logged in and at what time
2-RFC login/call
Same as above you can check RFC logins
3-Transaction/report start
You can see which report or transaction are executed and at what time
(It will help you to analyise unauthorized data change. Transactions/report can give you an idea, what data has been changed. So you can see who changed the data)
4-User master change
(You can see user master changes log with this option)
5-System/Other events
(System error can be logged using this option)
Hope, it clear the things...
Regards.
Rajesh Narkhede

500 Internal Server Error - Channel Monitoring Audit Log

Hi Experts,
We are facing an error in the 'Audit Log' of the communication channel monitoring of a File Sender Adapter.
The channel uses a custom written Java Module which uses XSLT parser internally. The audit log displays the following error:
500 Internal Server Error
Error: "Application error occurred during the request processing."
Troubleshooting Guide https://sdn.sap.com/irj/sdn/wiki?path=/display/jsts/home
Details: "The WebApplicationException log ID is [4698F300D2C40C2000000000000009AA]."
This error occurs both when the file is processed successfully or when in error. In case of a positive test case file, we can even see the message reaching Pipeline (SXMB_MONI). But only the audit log does not show the processed steps in the channel monitoring and displays the above error message.
We have even established that the cause of the error is Java Module (First, we executed by removing our custom Java Module from the module steps and the audit log showed the steps correctly. But by putting the module back in the channel, the error resumed).
Initially, the error was not coming and we were able to test this properly. But over the time the audit log error started. Now, we are not able to get rid of this even by restarting the channel or restarting the Java stack of the server.
To me, it seems like a memory issue in the Java Stack.
Any thoughts?
Can we find out where to find the details of the WebApplicationException log ID displayed above?
Thanks,
Sudheer

Hello,
This could be generic but may helo you:
500 Internal Server Errors
Description: The server encountered an unexpected condition which prevented it from fulfilling the request.
Possible Tips: Have a look into SAP Notes u2013 804124, 807000
Regards,
Caio Cagnani

Audit Log Not Being Created

Hi,
I'm using the workflow application "Audit" as an activity in my custom workflow and I'm passing the required arguments.
In the workflow trace file, I can see that the Audit application is run using the passed parameters but no record is being created matching that information in the "log" table.
Any ideas/suggestions?
Thanks
Here is the trace for your information:
Resolved reference requesterWSUser = object
Assigning requesterFullName = Test1 Manager1
Action Set Audit Resources List
Result title set to 'Set Audit Resources List'
Evaluating XPRESS
Resolved reference approved = false
Resolved reference auditApps = [AD_Simulated]
Resolved reference auditApps = [AD_Simulated]
Assigning depApps = [AD_Simulated]
Action Audit
Result title set to 'Audit'
Iterating over depApps = [AD_Simulated]
Iteration 0
app = AD_Simulated
Argument op = audit
Argument type = User
Argument status = success
Argument action = View
Argument reason = User Access Recertification
Argument subject = TestManager1
Resolved reference user.waveset.organization = null
Resolved reference app = AD_Simulated
Resolved reference app = AD_Simulated
Argument resource = AD_Simulated
Resolved reference enduserId = testuser4
Argument accountId = testuser4
Resolved reference enduserView.accounts[Lighthouse].firstname = Test4
Resolved reference enduserView.accounts[Lighthouse].lastname = User4
Resolved reference enduserId = testuser4
Resolved reference requesterFullName = Test1 Manager1
Argument error = The access of the user Test4 User4(testuser4) has been recertified by Test1 Manager1
Calling application 'com.waveset.session.WorkflowServices'
Application requested argument op
Application requested argument logResultErrors
Application requested argument action
Application requested argument status
Application requested argument type
Application requested argument subject
Application requested argument name
Application requested argument resource
Application requested argument accountId
Application requested argument error
Application requested argument parameters
Application requested argument attributes
Application requested argument originalAttributes
Application requested argument overflowAttributes
Application requested argument auditableAttributesList
Application requested argument organizations
Step complete 'Audit'
Step inactive 'Display Message'
-------------------------------------------------------------------------

I agree with the anokun7. Check to make sure the action your are giving it is a valid one. ( See IDM Workflow Forms and Views pdf and search for Action Names, it will give you a list of all the valid actions) Also you can add your own attributes to the Audit object as well using the attributes variable. ( It expects a map: <map>
<s>Key</s>
<ref>value</ref>
<map>
Value can be a reference, or string, or however complex you want to make it. Just be aware of what view (if any) is available at the time you call the audit. Hope this helps
Message was edited by:
dmac28
Oh yeah..The attributes will appear on the audit log reports, Based on what action and type you audited it will show up on that record. i.e Delete action, on Type User...that audit record will have a changes value which will have whatever attributes you passed to the audit object.

Audit Log Report generating an "Out of Memory" error message.

Greetings. We are a new IDM customer. We are running IDM 6.0 with an Oracle database. We are now getting the following error message when we run the IDM Audit Log Report for Today's Activities:
"java.lang.OutOfMemoryError".
How do we increase the memory setting for reporting? Thanks.

Hi,
I am also getting the same error. I have netbeans with tomcat andi modified the setting the netbeans.conf to
netbeans_default_options="-J-Xms32m -J-Xmx750m -J-XX:PermSize=32m -J-XX:MaxPermSize=750m -J-Xverify:none -J-Dapple.laf.useScreenMenuBar=true"
i have 896MB of RAM. However, the error is still showing up? Any ideas on how to resolve this?
Thanks,

Content of the Audit Log

Hello,
It seems that the text of the audit log is contained in table xi_af_msg_audit ins the J2EE schema under field text_key.
If I access this key directly from the database it seems to be unnecessarily long, with a lot of blank space padding.
Is it possible to control what is recorded in this field and hence what is displayed in the Audit Log?
Kind regards,
Peter

You can simply use the AuditMessageKey class to write your own audit log entries. A similar code would be
AuditMessageKey auditMKey = new AuditMessageKey(message.getMessageId(), AuditDirection.INBOUND);
          Audit.addAuditLogEntry(
               auditMKey,
               AuditLogStatus.SUCCESS,
               "Custom Message");
Regards,
Prateek

Automatic User Device Affinity - Audit logs retention

Hello,
We have problems on generating primary user info on a lot Computers and we suspect that problem is because audit logs are kept for too short time.
So the config is following:
1) User device affinity threshold (minutes): 2880
2) User device affinity threshold (days): 30
So there are two questions:
1) For how long do we need to keep audit logs on SCCM client to successfully generate user device affinity;
2) How long do we need to wait till information populates in SCCM DB?
Thanks,
Pēteris

Also from UserAffinity.log I can see that information is sent with state messages:
"Found same state message existing. (was sent before) Skip sending same state message for user"
Hi,
You could try to delete state message about the user in WMI on a client to see if user device affinity could be populated. That is stored in root\ccm\statemsg -> Enum Classes -> Recursive -> double-click CCM_StateMsg -> Instances. There
should be messages that contain "domain/user_Auto".
Best Regards,
Joyce
We
are trying to better understand customer views on social support experience, so your participation in this
interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place.

Custom Audit Logging

Similar Messages

Maybe you are looking for