BusinessObjects Auditing – Considerations & Enabling
Dear Folks,
This is the continuation of my previous blog on BusinessObjects Audit Universe and reports deployment here SAP BusinessObjects 4.0 Auditor Configuration & Deployment End to End and is supposed to be successor of this blog. I would like to talk about Audit considerations, how it works and the process of enabling auditing in BusinessObjects.
As you all aware auditing enables us to have a detailed historical view of user and object interaction and the system usage over a period of time. Based on the audit reports we can identify usage pattern of the business community such as peak usage, unused reports and inactive users. Further this will help us to fine tune environment for effective utilization.
Auditing considerations
While implementing Auditing requirements we should be in a position to consider the below factors.
- By implementing System auditing we are imposing additional load to the system which need to be considered during initial sizing exercises.
- We should precisely identify the required system metrics without including redundant information from audit tables as auditing unnecessary metrics will again increase system load.
How auditing works in BusinessObjects
Audit information will be collected from the servers which are enabled for their auditable actions. The collected information will be stored in the form of audit log files in the BusinessObjects server locally. As per the polling interval configured, the CMS would be collecting this log details and adds them in to audit database to make it ready for reporting. Thus audit information will be always historical. If you want to extract the real-time information of the repository CMS database will be the only source of truth.
Enabling/Disabling trace logs
To enable and disable trace logs at various levels refer the blog here Configuring trace Logs in BusinessObjects 4.0
Enabling System auditing
For audit enablement we should always configure a database to hold the set of audit tables as a first step. Subsequently we should identify list of actions to be captured and enable them as auditable. CMC is the place where you need to do all these stuff.
Deployment of Audit Universe and reports
You can refer the blog here for as-is samples of Audit universe and reports and their deployment. SAP BusinessObjects 4.0 Auditor Configuration & Deployment End to End. If required you can even customize and develop your own set of reports on top of this.
Hope the blog is informative and helpful. Thanks for reading.
Hi Mani,
I'm tuned to your posts. Good one as always.
We've turned on Auditing, configured the ADS & Audit universe(by downloading), but when running some basic reports, cannot understand the metrics that are being returned. Is there a place or a document which talks about how to interpret the various event measures being recorded as a part of auditing? Also, what is best way to estimate the peak usage using the objects in the audit universe? By no. of logons or no. of objects accessed or something else? Thanks.
Hello Sirisha,
Have a look at ASUG presentation here. Should help you answering your questions related to BI 4.0 Audit.
http://events.asug.com/2012BOUC/1309_Audit_Thyself_Using_SAP_BusinessObjects_4_0.pdf
As far as the Peak load is concerned I would suggest you to try with Wily Introscope here instead of Auditing.
Wily Introscope for BI Platform 4.0: Why it is important and how to get started
Regards,
Mani
Thank you Mani,
I'll read through these & get back if I have more questions. Thanks again for your inputs & time.
So far, the best articles on Audit. But I have to be honest, I get hard time with audit database / universe to get right information.
One of them, maybe you have a solution. In your dcument, you tell to how get scheduled vs Ad hoc information. This is one of my answer I search for about 2 weeks. No joke.
When I filter refresh (Ad hoc) information, it mix it with scheduling information. It's like audit write a refresh information for each scheduling. Which make sense...maybe but from a client perspective, I like to have these two metric separatly...
Also, if a user open a new web intelligence and make a refresh, without saving the reports, is this will be collect in audit ?
Thanks for your words Patrick. much appreciated. Would you mind sharing your BusinessObjects version as the Audit schema has been completely changed in BI4.x compared to XIR2 & XI.3.x. Good question to be frank. When you say about Scheduling it involves report refresh and report scheduling activities where as for adhoc requests its only report refresh.
Thanks. We have BO 4.0 SP5 FP3 in Oracle audit (4.1 in couple of month). I used the oracle audit universe we can obtain somewhere, don't really remember where.
So, you confirm what I say about scheduling vs Ad hoc. Like I said, it make sense but our business like to know how our users used the web intelligence. For sure, I can substract total refresh duration (include scheduling) minus scheduling duration. But then, if you start to drill and try to understand, it's not possible. (Without micro analysis)
Also, like I said, what about Ad hoc without saving ? We have about 200 users logs during a normal day, this is very important to count.
By the way, I build explorer space in Explorer to used all this.
I continue, I never give up.! 😛
For schedules, the Event type is Run, so exclude it in your Query Filter.
Good one as always.. 🙂
Hi Mani,
Thank you for posting all these which are very helpful.
I have few questions and just wanted to understand if this is possible in BO 4.1.
Background
Requirements: From Audit perspective, what can we do to log these objects ?
If there’s any details document of video regarding this, I would appreciate if you can share that.
Thank you
SAP BO-BPC
Hi Manikandan,
All your posts on Auditing are useful. I am looking for a clarification which I am not able to find in the forums or in the SAP Community.
In SAP BI 4.1 SP7, the audit logs for the event type "Rights modification" are not logged into the ADS. I tried to replicate the same in SAP 4.2 SP3, the issue is still the same. DO you have any information on this?
Thanks in advance!