Scribd
Upload
145 views2 pages

Enabling Security Audit Alert in CCMS

This document provides steps to enable security audit alerts in CCMS to monitor security-related issues. It describes copying the Security monitoring template to a custom node, activating security audit in SM19 by selecting alert classes like logons and RFC calls, choosing the event severity for alerts, and activating the configuration. It also lists SM18 for deleting old logs and SM20 for analyzing the audit log.

Uploaded by

satya1207
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
145 views2 pages

Enabling Security Audit Alert in CCMS

This document provides steps to enable security audit alerts in CCMS to monitor security-related issues. It describes copying the Security monitoring template to a custom node, activating security audit in SM19 by selecting alert classes like logons and RFC calls, choosing the event severity for alerts, and activating the configuration. It also lists SM18 for deleting old logs and SM20 for analyzing the audit log.

Uploaded by

satya1207
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
You are on page 1/ 2

Enabling Security audit alert in CCMS

In this blog I'll show how to configure security audit alerts in CCMS, with security audit alerts you can keep close eye on security related issues of your system. Following is step by step approach to enable security audit alerts in CCMS

Goto RZ20->SAP CCMS Monitoring Templates and copy Security template to your custom monitoring node (if you configured any), refer to above mention blog for reference. To enable alerts in CCMS you need to activate security audit in your system. Goto SM19 -> dynamic configuration. Select Audit Class for alerts like "Dialog logon", "RFC/CPIC logon", "RFC call" etc. Chose Events when you want alert: o All: on all events o Severe and Critical: only for important and critical events. o Only Critical: you want alert only for critical events.

Click on "Detail configuration" to see detail of important, critical and non-critical events.

Activate configuration (don't forget to click on "Filter Active" checkbox).

Goto CCMS and security template and refresh it now.

Other important transactions related to Security Audit:

- SM18 - delete old audit logs - SM20 - analysis of audit log.

You might also like