Technology Blogs by SAP
Learn how to extend and personalize SAP applications. Follow the SAP technology blog for insights into SAP BTP, ABAP, SAP Analytics Cloud, SAP HANA, and more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Security Audit Log (SAL): No UNC, No NFS mounts

cris_hansen
Advisor
Advisor
‎04-13-2016 5:52 PM

Today I am starting a new blog series, about some issues when incorrect configuration is made on the Security Audit Log (SAL).

If you are interested on reading the most comprehensive document on SAL that I ever found, then please read “Analysis and Recommended Settings of the Security Audit Log (SM19 / SM20)”.

Why no UNC and NFS mounts?

The story short: performance.

SAL needs a stable file system to write. UNC (Universal Naming Convention) and NFS (Network File System) mounts are not appropriate. There is a variety of known issues using any of both.

Note that the file handler for SAL file needs to keep opened, due to performance reasons. The file handler would point to an arbitrary location when the file system disappears.

What should I do then?

The SAL files I have are huge, and I do not have enough file system space to store them. What should I do, if I cannot use UNC and NFS mounts?

You should use the local file system. Of course, since you have limited file system space, then you should use OS-level tools to archive audit files. Archived files can be moved to NFS mount location or to a UNC path. If you want to read individual files, then you can use report RSAU_SELECT_EVENTS (a single file can be read at time).

Additional Information

  • 539404 - FAQ: Answers to questions about the Security Audit Log
  • 1810913 - Performance improvement when reading the Security Audit Log
  • 2191612 - FAQ | Use of Security Audit Log as of NetWeaver 7.50

Stay tuned for my next blog on SAL.

Labels in this area
Popular Blog Posts