Security Audit Log / Logging of downloads from query results?

Similar Messages

• Problem in Font when file is downloaded from query output

  Hi,
  We are facing a problem as we are not able to simulate a scenario at our end where a file is downloaded from a query. The snapshot of the file which is downloaded in excel is shown below. The name displayed below has special characters in it. The actual value for the name is VÁRADI GÁBORNÉ, but when the file is downloaded into excel, the special characters get converted to some different characters and the last character ie É gets converted to “?” and the values for the next column get concatenated to the Name 1 column and all the values move one column left.
  Sold to     Cl     Name 1                                      Sal.per.     Sales doc.
  57983     CD     V罵ADI G罛ORN?00002110       2150451     
  57983     CD     V罵ADI G罛ORN?00002110       2150451     
  The procedure used by the user to download the file from the query is as follows:
  1.     The query is executed in background with file name entered in Save with ID option
  2.     After the job is complete, the file is displayed from the saved list of that query.
  3.     This saved list is then downloaded as .DAT file and then opened with excel.
  Any pointers to solve the problem will be highly appreciated.
  Regards,
  Kaushal Mehta

  Hi,
  There is no problem of device type as when we are testing the query with the same inputs (same variant, same printer), the output to the excel comes correctly. But at the user end, the output does not come out properly. Infact the saved list displayed for that query shows the output to be correct, but when that list is exported to excel, the output gets distorted for the user (not for us).
  Thanks for your inputs,
  Kaushal

• Download BW Query results in HTML format

  On a daily basis, I need to get BW query results exported to an HTML extract file on the BW server.  The HTML file will then be transferred to a Windows server for use in a dashboard view by a third party developed portal.  The query has an input variable for period.
  What is the best/simplest method for scheduling an existing BW query to run on a daily basis to produce an HTML  extract / download file to the BW server file system?
  We are currently on BW 7.01 SP6.  We just completed a technical upgrade from BW3.5, but did not do a functional upgrade.
  I have read through many postings but have been unable to find a solution.  I have reviewed RSCRM_BAPI u2013 no html format.
  Any help would be greatly appreciated.
  Thanks,
  Mark Norton

  Hello Mark...
  Amer is right. You can create a broadcast setting to daily sends your
  query as MHTML format.
  You can send to your e-mail but there is a possibility to save on KM and CM repository.
  There is a little explanation on the link below:
  http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/5c6b686a-0901-0010-8aab-c4d0e5a093a7?quicklink=index&overridelayout=true
  To create a broadcast setting, open the query via Query Designer.
  Click "Query" -> "Publish" -> "BEx Broadcaster"
  While you are creating the broadcast, there is a "Output Format" option.
  There is MHTML.
  I hope you find this information useful.
  Thanks
  Edward

• How to get POF object's field value from query result

  hi,all:
  I want to get field value from the query result, my code is below
  Set setResults = cache.entrySet(createFilter("homeAddress.state = 'MA'"));
  for (Iterator iter = setResults.iterator(); iter.hasNext(); )
  Contact c=(Contact)iter.next();
  System.out.println ("firstame####=" + c.getFirstName());
  * but I get error*
  Exception in thread "main" java.lang.ClassCastException: com.tangosol.util.ConverterCollec
  tions$ConverterEntrySet$ConverterEntry cannot be cast to com.oracle.handson.Contact
  at com.oracle.handson.QueryExample.printResults(QueryExample.java:159)
  at com.oracle.handson.QueryExample.query(QueryExample.java:86)
  at com.oracle.handson.QueryExample.main(QueryExample.java:43)
  who can tell me how to get POF object's field value from query result

  Hi,
  If you look at the Java Doc for the entrySet method here http://download.oracle.com/docs/cd/E15357_01/coh.360/e15725/com/tangosol/util/QueryMap.html#entrySet_com_tangosol_util_Filter_ you will see that it returns a Set of Map.Entry instances so you need to do this...
  Set setResults = cache.entrySet(createFilter("homeAddress.state = 'MA'"));
  for (Iterator iter = setResults.iterator(); iter.hasNext(); )
      Map.Entry entry = iter.next();
      Contact c=(Contact)entry.getValue();
      System.out.println ("firstame####=" + c.getFirstName());
  }JK

• ADF - How to create table which column header come from query result

  I would like to create table that show the summary of task for each month, the query result such as
  Status MonthofYear Total Task
  03 2007/06 9
  03 2007/05 12
  03 2007/04 10
  03 2007/03 7
  05 2007/06 6
  05 2007/05 3
  06 2007/06 1
  09 2007/06 1
  And the table that I would like to show in jdeveloper is
  Status 2007/06 | 2007/05 | 2007/04 | 2007/03 | ......... | 2006/05
  03 9 | 12 | 10 | 0 | .......
  05 6 | 3 | 0 | 0 | .......
  06 1 | 0 | 0 | 0 | .......
  09 1 | 0 | 0 | 0 | .......

  Lucas worked out a solution for this:
  http://technology.amis.nl/blog/?p=2070

• .pdf documents will not download from websites - results in a tab labeled 'Untitled'

  While on a website, I click a link to access a .pdf document. The .pdf document is downloaded to the Downloads window. When I double click on the .pdf file in Downloads, a new tab opens up in Firefox, however, the tab is labeled (Untitled) and the page is blank. Because of this I have been unable to download any forms or similar type documents from the internet.
  This happens every time I try to download a document from the Internet. It has been consistent.

  Back up all data.
  Quit Safari. In the Finder, select Go ▹ Go to Folder... from the menu bar, or press the key combination shift-command-G. Copy the line of text below into the box that opens, and press return:
  /Library/Internet Plug-ins
  From the folder that opens, remove any items that have the letters “PDF” in the name. You may be prompted for your login password. Then launch Safari and test.
  If you still have the issue, repeat with this line:
  ~/Library/Internet Plug-ins
  If you don’t like the results of this procedure, restore the items from the backup you made before you started. Relaunch Safari again.

• [SQL Question] to_char function not eliminating time from query results

  Have a query that returns a time/date field, and I want to eliminate the time, because its not necessary
  select distinct c.short_name as client, c.client_id, p.list_id, p.entity_id, e.aid, a.first_name, a.last_name,
  p.sf_completed_date, p.email_sent, p.consent_given as dw1_consent, e.share_info_approved as rb_consent
       from profiles p, entities@ROADBED_ASPHALT_READ e,           clients@ROADBED_ASPHALT_READ c,
       lists@ROADBED_ASPHALT_READ l, associates@ROADBED_ASPHALT_READ   a
            where e.share_info_approved = 'Y'
            and sf_completed_date > trunc(to_date('09/11/2006', 'mm/dd/yyyy'))
            and e.list_id in  (715,/*959,*/993,/*995,*/1001,/*1106,*//*1252,*//*1292,*/1321,/*1354,*/1882,/*2061,*/2173,2273,2306,/*2334,*//*2464,*/2693,
  2716,2754,2779,2805,2863,/*2864,*//*2939,*/2966,/*3411,*/3412,3602,3679,/*3886,*//*4011,*//*4026,*//*4295,*/4777,4837,5418,7640)
            and p.entity_id = e.entity_id
            and p.list_id = l.list_id
            and l.client_id = c.client_id
            and e.aid = a.aid
            order by c.short_name, a.first_name, a.last_name, sf_completed_date;This query will run by the column of sf_completed_date, it still isn't getting ride of the time, and I have no idea why.
  thanks

  Use the function substr(p.sf_completed_date, (instr(p.sf_completed_date,'/',1) + 1), length(p.sf_completed_date))
  example :
  SQL> select instr('1234/5678', '/',1) from dual;
  INSTR('1234/5678','/',1)
  5
  Result gives the position of character '/'.
  SQL> select length('1234/5678') from dual;
  LENGTH('1234/5678')
  9
  SQL>
  Result gives length of the string - the last character.
  Now ----
  SQL> select substr('1234/5678',(instr('1234/5678', '/',1) + 1), length('1234/5678')) from dual;
  SUBS
  5678
  SQL>
  The result gives you the desired result after / here in your case the date
  Hope the example will help you to solve the problem
  Surej.
  Message was edited by:
  Surej

• How to manipulate field, char (1) from query results to be a varchar2

  Trying to manipulate the value from SQL Reports data model query (SVALUE1) and use a conditional stmt to change to varchar2 using a variable. i.e,
  if svalue1 = 'Y' then
       tp_srch_type = 'P-P';
  elsif svalue1 = 'N' then
       tp_srch_type = 'P-M';
  elsif svalue1 = 'R' then
       tp_srch_type = 'P-OP';
  return (tp_srch_type);
  I want the report to display the variable tp_srch_type and not svalue1.
  I am limited to using boolean return type when trying to code the trigger in the svalue1 object browser.
  Is it a function or placeholder that can be used within the data model or should this be a PL/SQL outside the data model? If so, how to implement?

  Hi,
  you have at least two different ways to achieve that:
  - you can define a new field in your query using a DECODE function:
  e.g. SELECT svalue1,
  DECODE(svalue1,'Y','P-P','N','P-M','R','P-OP',...) sValue1Dec;
  then you can use sValue1Dec in your layout instead of svalue1;
  - otherwise you can extract only svalue1 from your query and next you can define a 'column formula' field (in the same group as svalue1) defining its PL/SQL formula as:
  function ..............is
  tp_srch_type ....%type;
  begin
  if svalue1 = 'Y' then
  tp_srch_type = 'P-P';
  elsif svalue1 = 'N' then
  tp_srch_type = 'P-M';
  elsif svalue1 = 'R' then
  tp_srch_type = 'P-OP';
  return (tp_srch_type);
  end;
  then you can use your CF field in your layout instead of svalue1;
  Hope this helps you.
  Bye
  Raffy

• Creating XML from query result (how?)

  Hi,
  It's a very general question. That is the simplest way to create XML containing data returned by a query?
  I've got 3 tables: 2 primary and a linked table. One of the primary tables contains a CLOB column. I need to export the tables to a XML file. That is the simplest way to do that? (There is many XML-related functions in Oracle XML DB and I don't know which may be good.)
  Thanks in advance,
  JackK

  That is the simplest way to create XML containing data returned by a query?Simplest:
  SQL> set long 10000
  SQL> set pages 5000
  SQL> show user
  USER is "SYS"
  SQL>  select XMLTYPE(CURSOR(select * from user_objects where rownum = 1)) as SIMPLEST
    2  from dual;
  SIMPLEST
  <?xml version="1.0"?>
  <ROWSET>
    <ROW>
      <OBJECT_NAME>ICOL$</OBJECT_NAME>
      <OBJECT_ID>20</OBJECT_ID>
      <DATA_OBJECT_ID>2</DATA_OBJECT_ID>
      <OBJECT_TYPE>TABLE</OBJECT_TYPE>
      <CREATED>16-JAN-13</CREATED>
      <LAST_DDL_TIME>16-JAN-13</LAST_DDL_TIME>
      <TIMESTAMP>2013-01-16:10:03:32</TIMESTAMP>
      <STATUS>VALID</STATUS>
      <TEMPORARY>N</TEMPORARY>
      <GENERATED>N</GENERATED>
      <SECONDARY>N</SECONDARY>
      <NAMESPACE>1</NAMESPACE>
    </ROW>
  </ROWSET>Edited by: Marco Gralike on Mar 13, 2013 1:59 PM

• To download the query output to falt file

  Hi all,
  i have a query which i know will give more than 65k records as the output for a selection.
  i cannot run this query in excel due to its limitation.
  if i run on web i cannot download this as downloading is happening to excel file only.
  The customer ideally wants to download the query result to a text file(csv,tab-delimited etc) which inturn it will upload to MS-Access.
  How do i achieve this?
  SAP has given response use try using these options:
  1.open interfaces to receive the output of a query via the MDX language.
  2.open hub tool as it is designed for big amounts of data.(i suppose this is not possible as i want to download query output not the data target contents)
  how do i achieve my scenario with option 1?
  Are there any alternatives??
  Any useful help will be rewarded.
  Regards,
  Dhanya.

  hi vivek,
  thnks for the useful reply.
  i have some problem with my ID,hence loggin in through my coleague's ID.
  i will assign u points as i get logged in.
  I did as u said by downloading it to unconverted format.
  the file got download to a text file.where the output has
  1.header rows(10 lines almost)
  2.the values r coming in single quotes e,g:
  '144000023073      'TAAS SETTLEMENT CONV 738 '19333000   '30.09.2006          '0.000
  how can i remove all this?
  Regards,
  Dhanya
  I

• Getting the name of the program or the FM called from security audit log

  Dears,
  Is there a way to get the name of the ABAP program called through transaction SE38, or the FM called through transaction SE37, from the security audit log ?
  What is available is only : RSABAPPROGRAM for transaction SE38, and RSFUNCTIONBUILDER for transaction SE37
  Thanks.
  Reda

  I had always assumed this log to be in the SUBMIT statement, but never used it.
  If I remember correctly this is recorded it the runtime submit, so it should be there.
  Perhaps it is only in selected reports? I will check in my system.
  Please compare with sm20n and run the report from sa38. The submits are different in sa38 etc compared to se38.
  The FM will only be recorded it it has a destination extention in the source system which is mostly remote. Local fm calls are not recorded for sure.
  Cheers,
  Julius
  Edited by: Julius Bussche on Jul 26, 2011 11:32 PM

• The event logging service encountered an error while processing an incoming event published from Microsoft-Windows-Security-Auditing.

  Last night, some of our systems installed updates released on 11/13/2014.  
  KB3021674
  KB2901983
  KB3023266
  KB3014029
  KB3022777
  KB3020388
  KB890830
  Today, all of the servers running Windows Server 2008 R2 started logging the following error in the Security log over and over:
  Log Name:      Security
  Source:        Microsoft-Windows-Eventlog
  Date:          1/15/2015 11:12:39 AM
  Event ID:      1108
  Task Category: Event processing
  Level:         Error
  Keywords:      Audit Success
  User:          N/A
  Description:
  The event logging service encountered an error while processing an incoming event published from Microsoft-Windows-Security-Auditing.
  Servers running Windows Server 2008 that also installed the updates are not experiencing the problem.  It looks like one of the updates may have introduced this problem with Server 2008 R2.

  ...Did you for sure confirm that:
  https://technet.microsoft.com/library/security/MS15-001
  is the cause?
  I did.  I had a VM that was not experiencing the problem.  I took a snapshot and tested the patches one by one.  Installing only KB3023266 immediately caused the issue to occur (after reboot).  A similar process was used to confirm that
  installing KB2675611 resolved the problem.
  Note that I found the installation of KB2675611 is usually quick, but it took several hours hours to install on some of our systems.  We had installed this patch a few months ago on a couple of servers and it was always quick to install.  But,
  it seems like installing it on a symptomatic system can cause it to take a long time.

• "logon time" between USR41 and security audit log

  Dear colleagues,
  I got a following question from customer for security audit reason.
  > 'Logon date' and 'Logon time' values stored in table  USR41 are exactly same as
  > logon history of Security Audit Log(Tr-cd:SM20)?
  Table:USR41 saves 'logon date' and 'logon time' when user logs on to SAP System from SAP GUI.
  And the Security Audit Log(Tr-cd:SM20) can save user's logon history;
  at the time when user logged on, the security audit log is recorded .
  I tried to check SAP GUI logon program:SAPMSYST several ways, however,
  I could not check it because the program is protected even for read access.
  I want to know about specification of "logon time" between USR41 and security audit log,
  or about how to look into the program:SAPMSYST and debug it.
  Thank you.
  Best Regards.

  Hi,
  If you configure Security Audit you can achieve your goals...
  1-Audit the employees how access the screens, tables, data...etc
  Answer : Option 1 & 3
  2-Audit all changes by all users to the data
  Answer : Option 1 & 3
  3-Keep the data up to one month
  Answer: No such settings, but you can define maximum log size.
  4-Log retention period can be defined.
  Answer: No !.. but you can define maximum log size.
  SM19/SM20 Options:
  1-Dialog logon
  You can check how many users logged in and at what time
  2-RFC login/call
  Same as above you can check RFC logins
  3-Transaction/report start
  You can see which report or transaction are executed and at what time
  (It will help you to analyise unauthorized data change. Transactions/report can give you an idea, what data has been changed. So you can see who changed the data)
  4-User master change
  (You can see user master changes log with this option)
  5-System/Other events
  (System error can be logged using this option)
  Hope, it clear the things...
  Regards.
  Rajesh Narkhede

• Security Audit Log SM19 and Log Management external tool

  Hi all,
  we are connecting a SAP ECC system with a third part product for log management.
  Our SAP system is composed by many application servers.
  We have connected the external tool with the SAP central system.
  The external product gathers data from SAP Security Audit Log (SM19/SM20).
  The problem is that we see, in the external tool,  only the data available in the central system.
  The mandatory parameters have been activated and the system has been restarted.
  The strategy of SAP Security Audit Log is to create many audit log file for each application server. Probably, only when SM20 is started, all audit files from all application servers are read and collected.
  In our scenario, we do not use SM20 since we want read the collected data in the external tool.
  Is there a job to be scheduled (or something else) in order to have all Security Audit Log available (from all application servers) in the central instance ?
  Thanks in advance.
  Andrea Cavalleri

  I am always amazed at these questions...
  For one, SAP provides an example report ( RSAU_READ_AUDITLOG_EXTERNAL ) to use BAPIs for alerts from the audit log yet 3rd party solutions seem to be alergic to using APIs for some reason.
  However, mainly I do not understand why people don't use the CCMS (tcode RZ20) security templates and monitor the log centrally from SolMan. You can do a million cool things in SolMan... but no...
  Cheers,
  Julius

• Security audit log for the last 30 days?

  Hi,
  My current settings for the security audit log is 20 MB (by default).  I dont want to control it with file size limitation, but by the no. of days the audit is recorded (max 30 days).
  What are the parameters that I would need to maintain?
  Or any additinal config is required?
  Thanks,
  Abdul

  Hi,
  My current configuration is like this:
  Name                Description                                           Current value                                            System default value
  FN_AUDIT     Name of security audit file          audit_++++++++
  DIR_AUDIT     Directory for security audit files     /usr/sap/GSP/DVEBMGS00/log     /usr/sap/GSP/D00/log
  rsau/enable     Enable Security Audit          0
  rsau/max_diskspace/local     Maximum space for security audit file     300M     20M
  rsau/max_diskspace/per_day     Maximum size of all security audit files per day          0
  rsau/max_diskspace/per_file     Maximum size of one single security audit file          0
  rsau/selection_slots     Number of selection slots for security audit          2
  rsau/user_selection     Defines the user selection method used inside kernel functions          0
  I have just activated the audit, and in just 30 minutes, I can see that the file is about 45MB.  If this is the growth rate, the 300MB allocated for audit will completely used in just a day.
  My requirement is - I want to track users and their activities for the last 30 days (or 45 days).  No log should be overwritten unless it is atleast 30 days old.
  In SM20, when I give selection from 1.1.10 to 31.1.10, it should show me all the activities during this period, without any breaks.
  Other doubts: Do I have to start auditing manually every day?  Or will it keep writing logs until it reaches 300 MB which can spread upto multiple days.
  Regards
  Abdul
  Edited by: Abdul Rahim Shaik on Feb 4, 2010 11:17 AM