How to determine the destination port from a audit fail event
I have a bunch of audit failure events (4625) in our security log. The details only show the source address and port but no destination port info.. Is there anyway I can find out that info.? What I really want to know is what application\port does these
login try to authenticate into..
Thanks
Hi,
I am not aware of any way to determine the destination port based on event logs. However, you can try to use NetMon or other software to catch packages to see if it works.
As for application, you can check the Process Information in the event.
Best Regards,
Amy
Similar Messages
-
How to determine the Support Team from Reported-by?
Hi All,
We need to determine the support team based on reported-by.
I have concluded it is only possible by customization of developing ZBADI from these threads:
Re: How to determine the Support Team from the Reported by?
Automatic determination support team based on own specs?
Re: Route tickets based on Message creaters's location
So we have created ztable which has relation between SAP component, Reported-by and Support Team.
Now i need to develope a ZBADI and assign to the action definition SLFN0001_ADVANCED_FIND_PARTNER(i hope).
Can anyone help me out with the piece of code. Because i don't which FMs to be called for read and update the support desk message.
Note: Action definition SLFN0001_ADVANCED_FIND_PARTNER uses method call Z_CRM_DNO_PARTNER_1(which is a copy of CRM_DNO_PARTNER_1 and applied some correction as per note: 1041455).
Thanks in advance.
Regards
Sanjaiclosing this thread.
-
How to determine the Support Team from the Reported by?
Hello Everyone,
I am working with Solution Manager 4.0 and I want to use Automatic Partner Determination in Service Desk. My employer wants the Support Team (SLFN0003) to be determined by the Reported by (SLFN0002).
There are already parts of the Automatic Partner Determination that work, like determining the Sold-to Party from the IBase component. Because of that I believe the customizing leading to a correct Partner Determination Procedure is working. But somehow I cant seem to get the determination of the Support Team from the Reported by to work. Hopefully someone can help me on this matter.
Thanks in advance!
Best regards,
Michael Sitalmethod if_ex_order_save~check_before_save.
data gs_status type zsmgl_status.
data lt_tguid type crmt_object_guid_tab.
data lt_orderadm_h type crmt_orderadm_h_wrkt.
data lt_status type crmt_status_wrkt.
data ls_status like line of lt_status.
data lt_partner type crmt_partner_external_wrkt.
data ls_partner like line of lt_partner.
data lt_partner_h type table of crmt_partner_com.
data lt_partner_h1 type crmt_partner_comt.
data ls_partner_h like line of lt_partner_h.
data ls_field_names type crmt_input_field_names.
data lt_field_names type crmt_input_field_names_tab.
data lv_logical_key(42) type c.
data lt_input_fields type crmt_input_field_tab.
data ls_input_fields like line of lt_input_fields .
data gt_partner_h type crmt_partner_external_wrkt.
data gs_partner_h like line of gt_partner_h.
data lt_cjest type table of crm_jest.
data ls_cjest type crm_jest.
clear lt_status.
clear lt_partner.
clear lt_orderadm_h.
insert iv_guid into table lt_tguid.
call function 'CRM_ORDER_READ'
exporting
it_header_guid = lt_tguid
importing
et_status = lt_status
et_orderadm_h = lt_orderadm_h
et_partner = lt_partner
exceptions
document_not_found = 1
error_occurred = 2
document_locked = 3
no_change_authority = 4
no_display_authority = 5
no_change_allowed = 6
others = 7.
if sy-subrc = 0.
Get in only if status is changed to Inprogress.
clear ls_cjest.
select single * from crm_jest into ls_cjest where objnr = iv_guid and inact = ' '.
if ls_cjest-stat = 'E0010'.
read table lt_status into ls_status with key status = 'E0002'.
if sy-subrc = 0.
Read Status from Intermidiate Table.
select single * from zsmgl_status into gs_status
where guid = iv_guid
and stat = 'E0002'
and inact = ''.
if sy-subrc = 0.
make copy to _h table
loop at lt_partner into ls_partner.
move-corresponding ls_partner to ls_partner_h.
append ls_partner_h to lt_partner_h.
clear ls_partner_h.
endloop.
loop at lt_partner_h into ls_partner_h where partner_fct = 'SLFN0003' or partner_fct = 'SLFN0004'.
case ls_partner_h-partner_fct.
when 'SLFN0003'.
ls_partner_h-ref_partner_no = gs_status-partner_number.
ls_partner_h-partner_no = gs_status-partner_number.
modify lt_partner_h from ls_partner_h transporting ref_partner_no partner_no.
clear ls_partner_h.
when 'SLFN0004'.
if gs_status-bu_partner is not initial.
ls_partner_h-ref_partner_no = gs_status-bu_partner.
ls_partner_h-partner_no = gs_status-bu_partner.
else.
ls_partner_h-partner_no = ' '.
ls_partner_h-ref_partner_no = ' '.
endif.
modify lt_partner_h from ls_partner_h transporting ref_partner_no partner_no.
clear ls_partner_h.
endcase.
endloop.
endif.
lt_partner_h1[] = lt_partner_h[].
loop at lt_partner_h1 into ls_partner_h where ref_partner_fct = 'SLFN0003' or ref_partner_fct = 'SLFN0004' .
clear ls_field_names.
ls_field_names-fieldname = 'PARTNER_FCT'.
insert ls_field_names into table lt_field_names.
ls_field_names-fieldname = 'PARTNER_NO'.
insert ls_field_names into table lt_field_names.
ls_field_names-fieldname = 'DISPLAY_TYPE'.
insert ls_field_names into table lt_field_names.
ls_field_names-fieldname = 'NO_TYPE'.
insert ls_field_names into table lt_field_names.
ls_field_names-fieldname = 'KIND_OF_ENTRY'.
insert ls_field_names into table lt_field_names.
ls_input_fields-ref_guid = iv_guid.
ls_input_fields-ref_kind = 'A'.
ls_input_fields-objectname = 'PARTNER'.
ls_input_fields-field_names = lt_field_names.
lv_logical_key = '0000'.
lv_logical_key+4 = ls_partner_h-partner_fct.
lv_logical_key+12 = ls_partner_h-partner_no.
lv_logical_key+28 = ls_partner_h-ref_display_type.
lv_logical_key+30 = ls_partner_h-ref_no_type.
ls_input_fields-logical_key = lv_logical_key.
insert ls_input_fields into table lt_input_fields.
endloop.
call function 'CRM_ORDER_MAINTAIN'
exporting
it_partner = lt_partner_h1
changing
ct_input_fields = lt_input_fields
exceptions
error_occurred = 1
document_locked = 2
no_change_allowed = 3
no_authority = 4
others = 5.
endif.
endif.
endif.
endmethod -
How to determine the schema name from stored function or procedure
Hi all
I need to find the way to determine the name of shema in which the given stored procedure residing. This SP is created with AUTHID CURRENT_USER what means that expression like SYS_CONTEXT('USERENV','CURRENT_USER') or SYS_CONTEXT('USERENV','CURRENT_SCHEMA') will be return the name of user or schema of user which calls given SP.
can somebody help me?What is the problem you are trying to solve?
Presumably, when you're creating a stored procedure, you know what schema owns it. So it's pretty trivial to simply create a local variable L_OWNER in your procedure, assign it the value of the schema owner, and then use that owner. Most people don't really need to figure out at runtime what they already knew at compile time.
Barring that, you could inspect the data dictionary as user130038 suggested. That requires that you know the name of the procedure (which would likely also have to be a local variable that is initialized to a hard-coded value. And if there are multiple users that own procedures with the same name, it may not be reliable.
Inspecting the call stack is the most reliable and dynamic approach. But it is also the most costly in terms or runtime performance and in terms of code complexity.
Justin -
How to find the database details from server audit specification with successfull login group?
Hi,
We have created a server audit for successfull logins.When we read the audit file using
sys.fn_get_audit_file we find that all the fields related to the databases
ie database_principal_id,database_principal_name,database_name are either 0 or null.
Is there a method to find out to which database the login is accessing from the server
audit specification of successfull login group.Although the logins are reading and writing
data to the databases why there are no details of the databases?
Thanking you in advance,
Binny MathewHello Binny,
The logins are used to connect to the instance and the access to the databases is performed via database users. So, once you connect to the instance via your login, the server level audit takes this action, records it, but without caring to which databases
you want to connect after that.
Unfortunately there is no similar action group on the database audit specifications, that can track which user connected to the DB, except if you are using contained databases in SQL 2012.
Probably you can share why you need such information and if there is something else specific that you wish to achieve, so we can propose a different solution/audit configuration.
Regards,
Ivan
Ivan Donev MCT and MCSE Data Platform -
How to determine most recent date from the date column of internal table
Dear friends
would you like to tell me. how i determine the most recently changed record by looking at date and time from internal table i am not supposed to sort the table by date and time... I must check date and time with other records date and time to determine which record is most recently changed...
here the scenario is.
id idnumber chdate chtime
1 123456 20060606 135312
2 123456 20060606 135900
3 123456 20060606 132300
4 123457 20060606 140000
5 123457 20060606 142500
in the above scenario i must keep in my mind that the most recently changed record is identical to its idnumber i can say that:
the record should be fetched this way
id idnumber chdate chtime
3 123456 20060606 132300
5 123457 20060606 142500
because here the id 3 is the most recently changed in the idnumber 123456
where id 5 is the most recently changed in the idnumber 123457
please help me to determin how i am supposed to carry out this task any suggestion, code will be great help of mine.
regards
NaimAfter testing my suggestion above, I realized that it doesn't work because the delete adjacent actually will keep the first one and delete the rest. I'm working with Srinivas's code a bit now, I think it is almost what you want. I am under the impression that you dont' want to HIGHest date/time, but just the last record of the sequence, if this is the case, then this code will help. Here we will assign an index to each record per the idnumber, that way we can sort it and get the lastest record.
report zrich_0001.
types: begin of itab_type,
id type i,
idnumber type i,
chdate like sy-datum,
chtime like sy-uzeit.
types: end of itab_type.
types: begin of itab_type2,
id type i,
idnumber type i,
index type i,
chdate like sy-datum,
chtime like sy-uzeit.
types: end of itab_type2.
data: itab type table of itab_type with header line,
itab2 type table of itab_type2 with header line,
prev_rec type itab_type.
data: v_id type i.
start-of-selection.
itab-id = 1.
itab-idnumber = 123456.
itab-chdate = '20060606'.
itab-chtime = '135312'.
append itab. clear itab.
itab-id = 2.
itab-idnumber = 123456.
itab-chdate = '20060606'.
itab-chtime = '135900'.
append itab. clear itab.
itab-id = 3.
itab-idnumber = 123456.
itab-chdate = '20060606'.
itab-chtime = '142500'.
append itab. clear itab.
itab-id = 4.
itab-idnumber = 123457.
itab-chdate = '20060606'.
itab-chtime = '140000'.
append itab. clear itab.
itab-id = 5.
itab-idnumber = 123457.
itab-chdate = '20060606'.
itab-chtime = '120000'.
append itab.
clear itab.
<b> data: counter type i.
* Assign an index to each row per idnumber
loop at itab.
on change of itab-idnumber.
if sy-tabix > 1.
clear counter.
endif.
endon.
clear itab2.
move-corresponding itab to itab2.
counter = counter + 1.
itab2-index = counter.
append itab2.
endloop.
* Sort it and get rid of older records.
sort itab2 by idnumber ascending
index descending.
delete adjacent duplicates from itab2 comparing idnumber.</b>
read table itab2 with key idnumber = '123456'.
write:/ itab2-chdate, itab2-chtime.
read table itab2 with key idnumber = '123457'.
write:/ itab2-chdate, itab2-chtime.
Regards,
Rich Heilman -
How can I find my Mac Adress for the Ethernet Port from a Apple Airport Express Device ?
How can I find my Mac Adress for the Ethernet Port from a Apple Airport Express Device ?
You can only locate, lock or erase your device when it is logged into iCloud and 'Find My Phone' is enabled, additionally the device will need to be switched on and connected to a wifi or cellular network.
Unfortunately, you cannot activate iCloud or 'Find My Phone' remotely. -
How to determine the download media required from my License key?
Hi
After recently rebuilding a dead PC, The user has advised me she used to use Illustrator.
Unfortunately the user does not have the install media available.
Support advised my license key is a volume license for Design Standard.
I have downloaded Design Standard (Universal) but the Licence key is not accepted.
Can anyone advise how to determine the correct download based on my License key?
Many thanksSome times you may need to sign in to volume licensing account and download
refer
Adobe Licensing Website | Serial numbers | Orders | Accounts -
How to change the default port of webdispatcher
Hello Everyone,
We wish to know to how to change the default port of SAP webpatcher port from 81$$ to 80.
Appreciate your response.
Thanks,
VadiHello Vadi
you have to change the PORT value in your profile parameter from 81$$ to 80
icm/server_port_0 = PROT=HTTP,PORT=81$$ to
icm/server_port_0 = PROT=HTTP,PORT=80
Also, in SMICM, then change http service port and activate it and above parameter will require SAP restart
$$ is used generally to accomodate multiple port services running in SMICM and so as to avoid the parameter setting according to instance number of any system.
thanks
Bhudev -
How to determine the mount point for directory /tmp ?
Folks,
Hello. I am installing Oracle 11gR2 RAC using 2 Virtual Machines (rac1 and rac2 whose OS are Oracle Linux 5.6) in VMPlayer and according to the tutorial
http://appsdbaworkshop.blogspot.com/2011/10/11gr2-rac-on-linux-56-using-vmware.html
I am installing Grid infrastructure. I am on step 7 of 10 (verify Grid installation enviroment) and get this error:
"Free Space: Rac2: /tmp"
Cause: Could not determine mount point for location specified.
Action: Ensure location specified is available.
Expected value: n/a
Actual value: n/a
I have checked the free space using the command:
[root@Rac2 /]# df -k /tmp
Output:
Filesystem 1k-blocks used Available Use% Mounted on
/dev/sda1 30470144 7826952 21070432 28% /
As you see above, the free space is enough, but could not determine mount point for /tmp.
Do any folk understand how to determine the mount point for directory /tmp ?
Thanks.I have just checked "/home/oracle/.bash_profile". But in my computer, there is no "oracle" under /home directory.Is this your first time Linux and Oracle installation? I had a brief look at your referenced link. The reason why you do not find a "oracle" user is because the instructions use "ora11g" instead, which, btw, is not standard. The directories of your installation and your installation source can be somewhat different from known standards and you will have to adjust it to your system.
My best guess is that you have either missed something in the instructions or you need to ask the author of the blog what is wrong. The chance to find someone here who has experience with these custom instructions is probably unlikely.
I suggest you try to locate the cluster verification tool, which should be in the bin directory of your grid installation. Alternatively you might want to check the RAC, ASM & Clusterware Installation forum: RAC, ASM & Clusterware Installation -
How to determine the solution's ID in absl?
Hello Community,
I have a simple question yet I fear there is no simple answer (possibly no answer at all).
The question is:
Does any body know ways how to determine the ID (e.g. Y123ABCDY_) of the solution the code is running in?
My use case is the following:
We have a solution template which will be deployed in different customer tenant.
Thus, each deployment will have a different solution ID.
Now, somewhere in code, we generat PDFs using the OutputManagementUtilities.GetPDF reuse library.
This method requires the form template code of the pdf to be generated as a parameter.
However, this PDF form template code is composed of the solution ID and a fixed suffix.
Thus, currently I need to modify the absl code in each customer installation to manually modify the form template code prefix to the solutions solution ID.
Therefore I'd like to construct the form template code in absl but for this I need a way to determine the solution's ID.
Any ideas?
Best regards,
LudgerHi Fernando.
After reading your post I initially thought "what is the ObjectTypeCode" supposed to do any good to determine the solution ID"?
Using the Object Type code of a custom bo is indeed a way to solve this problem.
With a little additional code I can extract the relevant solution ID part from there.
Thanks for the hint, that was really useful.
Best reegards,
Ludger -
How to determine the length of a curved path in illustrator CS2
how to determine the length of a curved path in illustrator CS2?
bornfree,
The free Patharea/Pathlength Filters from Telegraphics is your friend (the former gives you both area and length, both in different units):
Telegraphics - Free plugins for Photoshop & Illustrator...and other software -
How to determine the maximum allowable length of a filename for Window ?
Hi all,
Could I know how to determine the allowable file length (the length of the absolute path) for a file in Window environment?
Due to some reason, I generated a zip file with a very long filename ( > 170) and put in a folder(the length of the folder path around 90). The length of the absolute path is around 260.
I used FileOutputStream with the ZipOutputStream to write out the zip file. Everything is working fine while i generating the zip file.
However, while i try to extract some files from the zip file i just created, i encountered the error
java.util.zip.ZipException The filename is too long.
I am using the class ZipFile to extract the files from the zip file like the following
String absPath = "A very long filepath which exceed 260";
ZipFile zipF = new ZipFile(absPath); //<-- here is the root causeIs it possible to pre-determine the maximum allowable filepath length prior i generate the zip file ? This is weird since i got no error while i created the zip file, but have problem in extracting the zip file ......
ThanksAssuming you could determine the max, what would you do about it? I'd say you should just assume it will be successful, but accommodate (handle) the possible exception gracefully. Either way you're going to have to handle it as an "exception", whether you "catch" an actual "Exception" object and deal with that, or manually deal with the length exceeding the max.
-
How to determine the contract header's valid period...
1. How to determine the service contract header's start date, end date, when related muliple items with different start date and end date?
i.e., what is the different between the header's valid period and item valid period?
For example:
Sold to A has 5 items, which has different contract line item start date and end date, e.g.,
item 2: 2010.9-2011.9
item 3: 2011.4-2012.4
As for combined the all item bolonged to sold to A to one contract, so the item should have different contract start date and end date.
However, how to determine the contract header's start date and end date?
2. Another question is: When process service contract data migration from legance to CRM, how to design the above scenario logic?
Thanks in advance,Sent again, to wait the answer....
-
How to determine the value of -D__SUNPRO_CC?
Could any body tell me how to determine the value of -D__SUNPRO_CC? Iam now using Sun Studio 9.
Thanks in advance.The C++ Users Guide describes all the predefined macros set by the compiler.
The __SUNPRO_CC macro is a 3-digit hex number. The first digit is the C++ compiler major version number, which is 5 for all releases from WorkShop 5 in 1998 through the current release, Sun Studio 10. The second digit is the minor version number, increasing by 1 for each release in the major release series. The 3rd digit is a place holder for the very rare (none since 1994) cases when we have a micro version number. It is zero in current releases.
The current compiler release is C++ 5.7, so __SUNPRO_CC is set to 0x570.
You can see the macro setting by running
CC -dryrun -c foo.cc
and look for the -D__SUNPRO_CC =0xNNN on the ccfe command line.
Maybe you are looking for
-
Hi! My name is Derek Turner and I have been hacked through a friend's email message to me which I opened unsuspecting any danger. Initially, he sent me an 'attention' or warning email with a link which I tried to open but it could not be opened, so
-
SUP Travel Expense Approval login issue
Hi Guys, We have configured Sybase Unwired Platform 2.1 and SAP NetWeaver Gateway 2.0 to use SAP Travel Expense Report application on iOS platform. SAP have upgraded their application to version 1.2.10. Now we have not changed any configuration as we
-
Trouble connecting to Canon iR-ADV C5030/5030
Hello, I have a new MacBook Air (OS X 10.9.2), and I am having trouble printing from my office's Canon iR-ADV C5030/5030. Does Canon have the appropriate drivers for OS X 10.9.2? I'm a new Mac user and utterly lost! Thanks!
-
What can I do to fix this?
-
HT1212 My computer won't recognize the iOS
My computer won't recoginize the iOS and my iPod is disabbled. I need help!!