Enabling security audit alert in CCMS
Refer to blog XI : Configuring CCMS Monitoring for XI- Part I for how to configure CCMS for XI
Refer to SAP Help for information on CCMS and Security alerts: http://help.sap.com/saphelp_nw04s/helpdata/en/01/3ade372d2fc227e10000009b38f8cf/frameset.htm
In this blog I’ll show how to configure security audit alerts in CCMS, with security audit alerts you can keep close eye on security related issues of your system.
Following is step by step approach to enable security audit alerts in CCMS
- Goto RZ20->SAP CCMS Monitoring Templates and copy Security template to your custom monitoring node (if you configured any), refer to above mention blog for reference.
- To enable alerts in CCMS you need to activate security audit in your system.
- Goto SM19 -> dynamic configuration.
- Select Audit Class for alerts like “Dialog logon”, “RFC/CPIC logon”, “RFC call” etc.
- Chose Events when you want alert:
- All: on all events
- Severe and Critical: only for important and critical events.
- Only Critical: you want alert only for critical events.
- Click on “Detail configuration” to see detail of important, critical and non-critical events.
- Activate configuration (don’t forget to click on “Filter Active” checkbox).
- Goto CCMS and security template and refresh it now.
Other important transactions related to Security Audit:
- – SM18 – delete old audit logs
- – SM20 – analysis of audit log.