I guess most of you have ever changed the variable content in the debugger every day, right?
Suppose you are doing some evil thing ( for example, bypass the authorization check via debugger ) in a system where you have enough authorizations to change
the variable value in debugger, are you aware that your crime is already being recorded and you will be challenged by your system admin based on that evidence?
Sure, they are recorded in system log, SM21.
SM21 is very easy to use, just specify the criteria:
Suppose I changed the content of LV to 123.
This is the respective entry recorded in SM21.
( You can get an overall view of what activities you have done on the system during that day. You also observed that once you log on system AG3 via SAP gui,
the dispatcher automatically assign you with a appropriate application server instance. Still remember BC400? )
double click it to navigate to detail. You can deny by saying that “someone stole my user and did that operation”. However the Terminal will make your excuse as a nonsense.
Even when you change the process flow in debugger via Shift+F12, it will also be recorded.
If you click Trace button, you can get a more detailed technical log based on OS level. By clicking “Display Components” you can set a filtler to only those traces which you are interested.
Those trace files are stored in application server folder DIR_HOME, you can view them via AL11. Double click:
And the dev_XXX files are just what you have seen in SM21.
if you want to operate on those log programmingly, you can have a look at the code in package SYSLOG.