Clarification and preparation of measures for the use of the Security Audit Log
SAP technological consulting
Database layer: All of a company's data is stored in the database, which is located on a database server. Application programs pull the data they need from the database. This data can consist of data tables, applications or system control tables. In addition, the database also takes new information from users and backs it up.
Finally, the presentation layer contains software components for the graphical presentation of the application. It thus forms the interface to the users (GUI).
Linux
The support packages were successfully fed into a system (test or development system). You performed the modification synchronisation. Procedure Load the support packages into the next system (quality or production system). You must distinguish between the following cases: Their systems have a common transport directory: Release Level 3.x: If the *.ATT files are not present, run RSEPSDOL in the source system and then RSEPSUPL in the target system. If the *.ATT files are present, run only RSEPSUPL in the target system. Release level 4.x: Select SPAM Support Package Upload in the target system. Your systems do not have a common transport directory: Release Level 3.x: Run RSEPSDOL in the source system to create the *.ATT files if they do not already exist. With ftp, transfer all files with the *.PAT extension in binary mode and all files with the *.ATT extension in ASCII mode from the /usr/sap/trans/EPS/in directory (UNIX and AS/400) or :\usr\sap\trans\EPS\in (Windows NT) of the source system to the target system transport directory. Run RSEPSUPL in the target system. Release level 4.x: With ftp in binary mode, transfer all files with the *.PAT extension from the source system's /usr/sap/trans/EPS/in (UNIX and AS/400) or :\usr\sap\trans\EPS\in (Windows NT) directory to the target system's transport directory. Select SPAM Support Package Upload in the target system. Play the Support Packages as usual. Import the Modification Balance Transport. Steps of the SPAM The SAP Patch Manager informs you about the step in progress in the status bar. If you want to know what steps are being performed for which scenario, run RSSPAM10.
In addition to scanning and identifying the respective security vulnerabilities of a program, it is also possible to stop tasks that are to be transported to other SAP systems with security vulnerabilities in the further transport process This applies, for example, to the CHARM process based on SAP Solution Manager. This forces a programmer to securely check the programs he or she is responsible for according to the same security criteria. If a program then still has security problems, it can either be released via the dual control principle or returned for further processing. Do you know of any other solutions for improving ABAP code security or have you already gained experience with the products mentioned above? I look forward to your comments!
Tools such as "Shortcut for SAP Systems" complement missing functions in the SAP basis area.
After that, these roles should be exported from the system (for example, to an Excel file) and then submitted to the supervisor so that he can decide whether the role assignment is appropriate or not.
Note that the use of the security check feature for custom code separation is licensed and incurs additional costs.