Auditing Events - Melorhosts.com

Report
SAP BO Business Intelligence Platform 4.0
Auditing
Auditing in BI 4.0
Confidential
Lesson Objectives
After completing this lesson, you will be able to:

Describe what auditing is

Describe how to configure and troubleshoot auditing

Describe the purpose and benefits of auditing dashboard

Explain the meaning and structure of new auditing events

Describe the ADS schema

Describe how auditing events are stored in ADS
© 2011 SAP AG. All rights reserved.
Confidential
2
Agenda
1.
2.
3.
4.
What is Auditing?
Auditing Dashboard
Auditing Data Store
Consistent Auditing Events
© 2011 SAP AG. All rights reserved.
Confidential
3
What is Auditing?
Auditing subsystem keeps a record of events from SAP BusinessObjects Business
Intelligence (BI) platform servers and applications.
How, what and when?
Recorded in Auditing Data Store (ADS).
Once the data is in the ADS, you can report on operations performed in system.
© 2011 SAP AG. All rights reserved.
Confidential
4
Agenda
1.
2.
3.
4.
What is Auditing?
Auditing Dashboard
Auditing Data Store
Consistent Auditing Events
© 2011 SAP AG. All rights reserved.
Confidential
5
Auditing Install in 4.0
Special license keys not required in 4.0
For performance reasons it is recommended to have auditing DB
separate from Central Management Server (CMS) DB
After install, auditing is preconfigured, enabled and running
Option to not configure auditing disables auditing and hence no auditing
events are fired
Silent install provides no auditing command line parameter
© 2011 SAP AG. All rights reserved.
Confidential
6
Auditing Dashboard
© 2011 SAP AG. All rights reserved.
Confidential
7
Auditing Dashboard: Status Summary Section
Overview
The Auditing Status Summary section is a new feature
 Metrics to optimize auditing configuration
 Alerts of potential issues with auditing
 Warnings under the following circumstances:
– The connection to the Auditing Data Store (ADS) database is unavailable.
– There is no running or enabled Client Auditing Proxy Service (CAPS)
– An Auditee has events that could not be retrieved
© 2011 SAP AG. All rights reserved.
Confidential
8
Auditing Dashboard: Status Summary Section
Metrics
CMS collects events from all auditees once every 3 minutes.
CMS automatically adjusts polling cycle duration.
Manual configuration of polling cycle duration is not possible.
© 2011 SAP AG. All rights reserved.
Confidential
9
Auditing Dashboard: Status Summary Section
© 2011 SAP AG. All rights reserved.
Confidential
11
Auditing Dashboard: Configuring Auditing Events and
Event Details
“Auditing Level” slider in “Set Events” to chose the level of auditing
“Custom” level to select individual auditing events.
Changes to auditing events and event details apply to all servers and applications.
You can enable and disable some event details.





Query
Folder Group Details
Rights Details
User Group Details
Property Value Details
Note: For client auditing it may take up to two minutes after the changes have been
made before the system will start recording data for any new events. Make sure you
allow for this delay when implementing changes to the system.
© 2011 SAP AG. All rights reserved.
Confidential
12
Auditing Dashboard
© 2011 SAP AG. All rights reserved.
Confidential
13
Auditing Dashboard : Configuring ADS Database
If Auditing is enabled and ADS database not configured, audit events accumulate.
CMS must be restarted for changes in ADS database configuration to take place.
Multiple clusters can write events to the same ADS
Auto-delete: Delete events older than (days)
ADS Auto Reconnect – CMS automatically reconnects to ADS when connection is
lost.
© 2011 SAP AG. All rights reserved.
Confidential
14
Summary of Audit Configuration in CMC
All auditing configuration is done in CMC, no more in CCM.

You can configure:
•
In CMC > Servers > Nodes > Placeholders
•
•
The location of temporary auditing files
In CMC > Audit (Audit Dashboard)
•
Auditing levels and events details
•
Audit ADS database
© 2011 SAP AG. All rights reserved.

No user configurable settings for:
•
Auditing polling interval duration
•
Which events are retrieved
•
AuditInterval and AuditMaxEventsPerFile
command line CMS parameters no longer
supported.
Confidential
15
Agenda
1.
2.
3.
4.
What is Auditing?
Auditing Dashboard
Auditing Data Store
Consistent Auditing Events
© 2011 SAP AG. All rights reserved.
Confidential
17
Migration
New auditing events and Auditing Data Store (ADS) schema are not compatible
with SAP BusinessObjects Enterprise XI 3.1 auditing database.
No migration of auditing data between releases.
 Event structure and information collected has changed.
 Audit events have more information in 4.0.
 Consistency of event data.
No out of the box sample auditing universe and reports.
© 2011 SAP AG. All rights reserved.
Confidential
18
ADS: schema
© 2011 SAP AG. All rights reserved.
Confidential
19
ADS: ADS_EVENT
Key tables are ADS_EVENT and ADS_EVENT_DETAIL
ADS_EVENT contain all event properties for each event (one row per event), and includes:
 Event ID
 Origin:
– Cluster_ID
– Server_ID
 Action ID
– Service_Type_ID
 Object Properties (on which resource the
– Client_Type_ID
operation is performed)
 Time (when event took place):
-Object_ID
– Start_Time (in GMT)
-Object_Name
– Duration_ms
-Object_Type
– Time_Added_To_ADS
-Folder_Path
 User (who caused auditable operation)
-Folder ID
– User ID
– User Name
-Top_Folder_Name
– Session ID
-Top_Folder _ID
 Event type (which operation)
– Event_Type_ID
– Status ID
© 2011 SAP AG. All rights reserved.
Confidential
20
Agenda
1.
2.
3.
4.
What is Auditing?
Auditing Dashboard
Auditing Data Store
Consistent Auditing Events
© 2011 SAP AG. All rights reserved.
Confidential
21
Auditing Transversal Consistency
Auditing events are now transversally consistent.
There are two types of events:
 Common
 Specific
© 2011 SAP AG. All rights reserved.
Confidential
22
Auditing Common Events
Event
Name
ID
Minimal
Auditing
Level
Description
View
1,002
Default
User viewed a document / object
Refresh
1,003
Default
User refreshed an object
Prompt
1,004
Default
User selected value for a prompt
Create
1,005
Default
User created an object
Delete
1,006
Default
User deleted an object
Modify
1,007
Default
User modified property(ies) of an object
Save
1,008
Default
Saving a document / object locally, remotely or to CMS
repository. In the same of different format.
Search
1,009
Default
User searched for a document, text
Edit
1,010
Default
User edited a the content of an object
Run
1,011
Default
A job was run
Deliver
1,012
Default
An object was attempted to be delivered
Retrieve
1,013
Complete
Object is retrieved from CMS
Logon
1,014
Minimal
User logon
Logout
1,015
Minimal
User logout
Trigger
1,016
Complete
An event was triggered
© 2011 SAP AG. All rights reserved.
Confidential
23
Auditing Common Events (cont.)
 - Doesn’t apply. No auditing events is triggered by the component.
- Auditing event is triggered by the component.
 - The component relies on CMS event with the same name. No auditing event is triggered by the component.
 - The “Save” results in CMS firing Create or Modify events. No auditing event is triggered by the component.
S - The component relies on Search Service event. No auditing event is triggered by the component
- The event generated by Live Office Web Services provider on behalf of the client
 - The event generated by Query as a Web Service and Live Office Web Services provider on behalf of the client
© 2011 SAP AG. All rights reserved.
Confidential
24
BI Platform Specific Events
BI Platform
Event Name
ID
Minimal
Level
Description
Rights
Modification
10003
Minimal
Right on object were modified
Custom
Access Level
Modified
10004
Minimal
Custom Access Level was
modified
Auditing
Modification
10006
Minimal
Tracks changes in auditing
events state (enabled/disabled)
Components Generating Events
Event Name
© 2011 SAP AG. All rights reserved.
CMS
Event
Service
Rights Modification


Custom Access Level Modified


Auditing Modification


Confidential
25
SAP BusinessObjects Web Intelligence Specific Events
SAP BusinessObjects Web Intelligence (WEBI) Events:
Event
Name
ID
Minimal
Level
Description
Generated
by
Drill Out Of
Scope
10201
Complete
Drill Out Of Scope
WRC, WEBI
Server
Page
Retrieved
10202
Complete
WebI document page
retrieved
WEBI Server
Components Generating Events:
Event Name
© 2011 SAP AG. All rights reserved.
WEBI Rich
Client
WEBI
Processing
Service
Drill Out Of Scope


Page Retrieved


Confidential
26
SAP BusinessObjects Analysis Specific Events
SAP BusinessObjects Analysis Events:
Event Name
ID
Minimal
Level
Description
Generated
by
MDAS
Session
10300
Complete
MDAS Session operation
performed
MDAS
service
Cube
Connection
10301
Complete
Cube Connection operation
performed
MDAS
service
© 2011 SAP AG. All rights reserved.
Confidential
27
Auditing Events: Workflow Example 1
Example of sequence of events for viewing an SAP Crystal Reports report
(document A) on demand with prompts in BI Launchpad.
Component
Event
Note
BI Launchpad
View
Object ID = CUID of document A
CMS
Retrieve
Object ID = CUID of document A
CR Proc
Service
Prompt
Object ID = CUID of document A
Prompt Name = Country
Prompt Value = USA
CR Proc
Service
Refresh
Object ID = CUID of document A
Query = select * from ….
CR Cache
Service
View
Object ID = CUID of document A
© 2011 SAP AG. All rights reserved.
Confidential
29
Auditing Events: Workflow Example 2
Example of sequence of events for viewing an SAP BusinessObjects Web
Intelligence document (document A) in CMC with two prompts.
© 2011 SAP AG. All rights reserved.
Component
Event
Note
CMC
View
Object ID = CUID of document A
CMS
Retrieve
Object ID = CUID of document A
SAP
BusinessObjects
Web Intelligence
Proc Service
Prompt
Object ID = CUID of document A
Bunch = 1
Prompt Name = Region
Prompt Value = East
Prompt Value = West
Bunch = 2
Prompt Name = Country
Prompt Value = USA
Prompt Value = Canada
SAP
BusinessObjects
Web Intelligence
Proc Service
Refresh
Object ID = CUID of document A
Bunch = 1
Universe Name = Sales
Universe ID = CUID of Sales universe
Universe Object Name = Quarter
Universe Object Name = Customer
Bunch = 2
Universe Name = Orders
Universe ID = CUID of Orders universe
Universe Object Name = Amount
Query = SELECT * FROM …
SAP
BusinessObjects
Web Intelligence
Proc Service
View
Object ID = CUID of document A
Confidential
30
Lesson Summary
After completing this lesson, you are now able to:

Describe what auditing is

Describe how to configure and troubleshoot auditing

Describe the purpose and benefits of auditing dashboard

Explain the meaning and structure of new auditing events

Describe the ADS schema

Describe how auditing events are stored in ADS
© 2011 SAP AG. All rights reserved.
Confidential
34
Thank You
© 2011 SAP AG. All rights reserved
No part of this publication may be reproduced or transmitted in any form or for any purpose
without the express permission of SAP AG. The information contained herein may be
changed without prior notice.
Some software products marketed by SAP AG and its distributors contain proprietary
software components of other software vendors.
Microsoft, Windows, Excel, Outlook, and PowerPoint are registered trademarks of Microsoft
Corporation.
IBM, DB2, DB2 Universal Database, System i, System i5, System p, System p5, System x,
System z, System z10, System z9, z10, z9, iSeries, pSeries, xSeries, zSeries, eServer,
z/VM, z/OS, i5/OS, S/390, OS/390, OS/400, AS/400, S/390 Parallel Enterprise Server,
PowerVM, Power Architecture, POWER6+, POWER6, POWER5+, POWER5, POWER,
OpenPower, PowerPC, BatchPipes, BladeCenter, System Storage, GPFS, HACMP,
RETAIN, DB2 Connect, RACF, Redbooks, OS/2, Parallel Sysplex, MVS/ESA, AIX,
Intelligent Miner, WebSphere, Netfinity, Tivoli and Informix are trademarks or registered
trademarks of IBM Corporation.
Linux is the registered trademark of Linus Torvalds in the U.S. and other countries.
Adobe, the Adobe logo, Acrobat, PostScript, and Reader are either trademarks or
registered trademarks of Adobe Systems Incorporated in the United States and/or other
countries.
Oracle is a registered trademark of Oracle Corporation.
UNIX, X/Open, OSF/1, and Motif are registered trademarks of the Open Group.
Citrix, ICA, Program Neighborhood, MetaFrame, WinFrame, VideoFrame, and MultiWin are
trademarks or registered trademarks of Citrix Systems, Inc.
HTML, XML, XHTML and W3C are trademarks or registered trademarks of W3C®, World
Wide Web Consortium, Massachusetts Institute of Technology.
Java is a registered trademark of Sun Microsystems, Inc.
JavaScript is a registered trademark of Sun Microsystems, Inc., used under license for
technology invented and implemented by Netscape.
Business Objects and the Business Objects logo, BusinessObjects, Crystal Reports, Crystal
Decisions, Web Intelligence, Xcelsius, and other Business Objects products and services
mentioned herein as well as their respective logos are trademarks or registered trademarks
of Business Objects Software Ltd. Business Objects is an SAP company.
Sybase and Adaptive Server, iAnywhere, Sybase 365, SQL Anywhere, and other Sybase
products and services mentioned herein as well as their respective logos are trademarks or
registered trademarks of Sybase, Inc. Sybase is an SAP company.
All other product and service names mentioned are the trademarks of their respective
companies. Data contained in this document serves informational purposes only. National
product specifications may vary.
The information in this document is proprietary to SAP. No part of this document may be
reproduced, copied, or transmitted in any form or for any purpose without the express prior
written permission of SAP AG.
This document is a preliminary version and not subject to your license agreement or any
other agreement with SAP. This document contains only intended strategies, developments,
and functionalities of the SAP® product and is not intended to be binding upon SAP to any
particular course of business, product strategy, and/or development. Please note that this
document is subject to change and may be changed by SAP at any time without notice.
SAP assumes no responsibility for errors or omissions in this document. SAP does not
warrant the accuracy or completeness of the information, text, graphics, links, or other items
contained within this material. This document is provided without a warranty of any kind,
either express or implied, including but not limited to the implied warranties of
merchantability, fitness for a particular purpose, or non-infringement.
SAP shall have no liability for damages of any kind including without limitation direct,
special, indirect, or consequential damages that may result from the use of these materials.
This limitation shall not apply in cases of intent or gross negligence.
The statutory liability for personal injury and defective products is not affected. SAP has no
control over the information that you may access through the use of hot links contained in
these materials and does not endorse your use of third-party Web pages nor provide any
warranty whatsoever relating to third-party Web pages.
SAP, R/3, SAP NetWeaver, Duet, PartnerEdge, ByDesign, SAP BusinessObjects Explorer,
StreamWork, and other SAP products and services mentioned herein as well as their
respective logos are trademarks or registered trademarks of SAP AG in Germany and other
countries.
© 2011 SAP AG. All rights reserved.
Confidential
36

similar documents