Skip to Content
Author's profile photo Nandakumar S Nair

Read access logging(Recording functionality)

The Read Access Logging (RAL) tool allows you to monitor and log read access to sensitive data. It covers the following SAP technologies.


– Webservices

– Web Dynpro ABAP

– Dynpro (SAP GUI)

RAL can be accessed using the SAP transaction SRALMANAGER. There are mainly two components of RAL, an Administration part and a Monitor part.

In this document I will briefly explain about the Recording functionality in RAL.

Step 1

Login ECC and go to transaction sralmanager.


RAL will get displayed in the browser. Select ‘Recordings’.


Step 2

Click on Create button.


Enter the channel, give Recording name and description.


It would be in recording mode when you click on Create button, if not select the Play button.


Now go to the ECC and enter transaction which you are recording.


Select the field to be recorded and CTRL+RIGHT CLICK. Then select Record field under Read Access Logging in the context menu.


You will get a message saying that “Field ‘RFKI1-GPART’ has been added to the recording ‘FPI1’ “

If you are re-recording then the following message will be displayed.


After recording the relevant fields, go back to SRALMANAGER and stop the corresponding recording.


To view the details of recording use the Lens button.


List of recorded fields will be displayed as below.


Step 3

For configuring details such as log domain, log context of the recorded fields click on Configuration in RAL.


Search the already existing configuration by providing the recording name. If does not exist create new configuration


Create Log group.


Drag and drop the recorded fields from the field list to Log group.


You can add the log domain by searching corresponding field.


Now Save as Active. Done with the recording.



Step 4

To test the recorded transaction, go to the tcode and enter values to the recorded fields.



Once the values have entered go to RAL and select the second tab Monitor.


Click Read Access Log and enter the user name and date/time in the search criteria.


You can find the list of entries with the recorded values of the user.


Select the entry based on time and you can see the values entered in the transaction.


These are the steps involved in RAL to track and monitor the transactions.

Assigned Tags

      You must be Logged on to comment or reply to a post.
      Author's profile photo Harikumar Sasidharan Nair
      Harikumar Sasidharan Nair

      Useful content.

      Author's profile photo Abyson Joseph
      Abyson Joseph

      Very informative... Thanks for the share..

      Author's profile photo Kiran Kumar Valluru
      Kiran Kumar Valluru

      Hi Nanda,

      Nice Document with detailed steps. Keep posting!

      Best Regards,


      Author's profile photo Nandakumar S Nair
      Nandakumar S Nair
      Blog Post Author

      Thank you kiran. 🙂

      Author's profile photo Ramakrishna Dadi
      Ramakrishna Dadi

      Nice document.

      But mention the SAP version in which the tcode SRALMANAGER made available.



      Author's profile photo Nandakumar S Nair
      Nandakumar S Nair
      Blog Post Author

      Hi Rama,

      Thanks for your comment.RAL is available from SAP NW 7.31 SP10.

      Thanks & Regards,

      Nandakumar S

      Author's profile photo VENU G
      VENU G

      Hi Nanda,

      Nice Document and very good explanation.



      Author's profile photo Nandakumar S Nair
      Nandakumar S Nair
      Blog Post Author

      Thanks Venu.

      Author's profile photo Mahesh Madhavan
      Mahesh Madhavan

      Very useful. Never heard of this functionality before. Thanks a lot for sharing this.



      Author's profile photo Nandakumar S Nair
      Nandakumar S Nair
      Blog Post Author

      Thank you Mahesh for the comments.

      Author's profile photo Salim Assaf
      Salim Assaf

      Very nice!  I can definitely see this being useful.

      Author's profile photo Nandakumar S Nair
      Nandakumar S Nair
      Blog Post Author

      Thanks Salim. 🙂

      Author's profile photo Former Member
      Former Member

      Very well documented.. Keep on posting!!!

      Author's profile photo Former Member
      Former Member

      Thank you very much for the detailed explanation.

      Author's profile photo Narayanan k.b
      Narayanan k.b

      Nice Document .

      Is there any way available to measure the performance implication of the same?
      I mean where the logs are stored and its growth etc .


      Author's profile photo sylvester daudu
      sylvester daudu

      Hi Nandakumar,

      Thank for your piece on adding a transaction code to RAL. I enjoyed it.

      Please could you help clear the below?

      I thought, we normally unchecked the Without Condition Check box to define, and assign conditions and expressions during configurations?

      By default, Without Condition is checked, meaning no condition and expressions are defined. If a log group contains no conditions, then every read access to the recorded fields in the log group is logged. This is mostly used when we want to record every access to data like viewing table with values. E.g. accessing PA0002 table via SE16.  Am I right?

      Please what happened to the Without condition checked box for transaction code e.g. FPI1 you illustrated with?

      Also, please, how did you identified the corresponding field to be searched to add the log domain?  At what stage or window is this search performed to add the log domain?

      In your example, do you have existing log Domain that you associate FPI1 to?

      I thought is advisable to create log domain before recording and Configuration, so that we can associate the Log Domain appropriately.





      Author's profile photo Shubham Bathla
      Shubham Bathla

      Hi Nanda,


      Great Blog 🙂