Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry. Saviynt Copilot Icon
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SAP Audit Logs Import

Go to solution
Shubhamjain27
Regular Contributor II
Regular Contributor II

‎08/05/2024 12:01 AM

Hi,

We have a requirement to get the Audit logs and customer has suggested to use RSAU_READ_LOG table.

We have SAP ECC connector.

Now, to get the Audit logs, based on the document https://docs.saviyntcloud.com/bundle/SAP-v23x/page/Content/Importing-Audit-Data.htm

It is mentioned to add AUDIT_LOG_JSON for ECC and use SFTP to get the file to a location from where the Saviynt can fetch the data.

My question is, do we need to use the SFTP or just by adding the AUDIT_LOG_JSON in the ECC connector will do the job?

If we have to do the both, then how the connector is going to know that the data has been loaded and where the data is being loaded?

Labels:
0 Kudos
1 REPLY 1

Go to solution
rushikeshvartak
All-Star
All-Star

‎08/05/2024 02:27 AM

perform the following steps to import audit logs into Saviynt:

  1. For SAP ECC, audit log is generated in a file and is placed at the path defined in IM_FILE_PATHproperty. Create a SFTP process to fetch the file from SAP ECC and place it in the SFTP location.

  2. Create a SFTP connection in EIC to connect to the SFTP server and fetch the audit file. The property FILES_TO_GET in the SFTP connection should be mentioned as follows. For details about creating SFTP connection, see the SFTP File Transfer Integration Guide:

    JSON
    [
  {
    "eic_dest_dir":"DataFiles/Logstash",
    "src_dir":"/download/SAP",
    "regex_list":["^.*\\.txt"]
  }
]
     
    Note

    Update the src_dir value to the reflect the SFTP location where the audit file is fetched and stored.

  3. Create and Schedule File Transfer job to fetch the files from SFTP location to Saviynt. Once the job runs successfully, audit data is pushed to the SAP audit logs elasticsearch index.

you need both SFTP will pull log files from sap ecc and then load in elastic search of saviynt


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos
Copyright © 2024 Khoros, LLC