Technical Articles

June 27, 2022 2 minute read

Exploring the SAP Audit Log Service

A new SAP Tech Bytes series is starting today. In this blog post, I will share what is covered in the video that was release today (2022-06-27) and the videos that will be released in the next couple of weeks.

The SAP Audit Log service is a platform service which stores all the audit logs written on your behalf by other platform services that you use. It allows you to retrieve the audit logs for your subaccount via the Audit Log Retrieval API or view them using the Audit Log Viewer. The SAP Audit Log service only stores audit log entries written by SAP BTP services, when taking action over your account data. As a developer, the custom applications/services (non-SAP), that you deploy to SAP BTP, do not have write access to the Audit Log Service.

SAP%20Tech%20Bytes%20-%20Exploring%20the%20SAP%20Audit%20Log%20service

SAP Tech Bytes – Exploring the SAP Audit Log service

In these new SAP Tech Byte series, I will be exploring the SAP Audit Log service, which is a free service part of the SAP Business Technology Platform. I will start by giving an overview of the service and interacting with it via the API. In the second part, I will proceed to use SAP Cloud Integration to extract the data from the API. In the last part of the series, I will show you how we can store the log entries in SAP HANA Cloud or in an Object Store with SAP Cloud Integration. The architecture diagram below captures what the whole series will cover.

Services%20used%20in%20the%20SAP%20Tech%20Bytes%20-%20Exploring%20the%20SAP%20Audit%20Log%20service

Services used in the SAP Tech Bytes – Exploring the SAP Audit Log service

In case you wonder how I created the architecture diagram above… Hint: No diagram tools used, just code. ~~I will be sharing the details in a future blog post. Stay tuned 📻~~. Check out this blog post – https://blogs.sap.com/2022/06/29/creating-architecture-diagrams-with-code/.

In this first part of the series, I cover the following:

0:00 Intro
1:11 SAP Audit Log Service overview
4:41 Audit Log Viewer
7:15 What’s required to interact with the Audit Log service API
9:35 Create an instance of the Audit Log Management service
13:00 Create service key for the instantiated service
14:20 Call the Audit Log Retrieval API from Postman
14:48 Get an access token (authentication)
17:05 Retrieving Audit Log records
19:13 Pagination – handle query parameter

I hope you find these new SAP Tech Bytes series useful. If you want to be notified of future SAP Tech Bytes videos or just videos focused on SAP Developers, make sure to subscribe to the SAP Developers YouTube channel.

8 Comments

You must be Logged on to comment or reply to a post.

Marçal Oliveras

November 28, 2022 at 2:06 pm

Hi Antonio Maradiaga , I have a few questions I hope you can help:

Unfortunately the "log viewer" app is not available when using Google Cloud subaccounts. Do you know if it will be made available?
Does the Audit Log store logs for the Launchpad Service?
When enabling the log API service it in BTP, it asks for the runtime environment. I thought I had to select Cloud Foundry but it doesn't allow me. I had to select "Others". What does others exactly mean?

Kind regards,

M. Oliveras

Antonio Maradiaga

Blog Post Author

November 29, 2022 at 3:46 pm

Hi Marçal Oliveras,

Not sure when it will be available in all Google Cloud subaccounts. At the moment, it is only available in US Central (cf-us30).
Audit log store logs for Launchpad service: Yes, see the Data Protection and Privacy section of SAP Launchpad in the SAP Help documentation.

Steven Foo

March 28, 2023 at 4:25 am

HI, Thank you for provide your video recording about how to setup the retrieval of the audit log.

Get

We follow your steps until GET part where we encounter the following error in Postman.

Similar to 403 Forbidden, but specifically for use when authentication is possible but has failed or net yet been provided. The response must include a WWW-Authenticate header field containing a challenge applicable to the requested resource.

We test the POST without issue, and we copy the access_token value and paste into the environment. What is missing?

Appreciate your feedback.

Nagesh Caparthy

March 29, 2023 at 2:00 pm

Hi Antonio,

Thank you for the blog and the details.

I have activated the service and have the following error with no details. Not quite sure how to fix this without any error details:

Regards,

Nagesh

Nagesh Caparthy

April 4, 2023 at 10:03 am

It's working now, I added the two roles:

- auditlog-management!b*
- auditlog-viewer!t*

Regards,

Nagesh

Jens Schwendemann

August 2, 2023 at 2:55 pm

Theres also a "chance" that you are authenticating with a corporate IdP where the role was setup to use SAP's built in IdP (SAP ID Service). See https://me.sap.com/notes/3287339

Kaito Omata

April 7, 2023 at 10:49 am

Hi Antonio, I am a new user of Audit Log Viewer.

I would like to ask about the values that can be retrieved in Audit Log Viewer.
I think the org_id or tenant ID displayed in BTP Cockpit and the value that can be retrieved in Audit Log Viewer are different.
How can these values be converted to actual values that can be retrieved in Audit Log Viewer?

Regards,.

Jens Schwendemann

August 2, 2023 at 3:49 pm

Hi All / Antonio,

when I look at the services of an BTP subaccount I see Audit Log Service API as being deprecated. (it was automatically assinged to the subaccount).

Is Audit Log Management Service the replacement or is it something else? Does the deprecation affect the API access you laid out in your blog?

Many thanks and cheers

Jens

Technical Articles

Exploring the SAP Audit Log Service

Assigned Tags