Register Login

Audit Trail SAP HANA Security

Updated May 18, 2018

Get Detailed Information On Those who Accessed SAP HANA database

Auditing helps getting detailed information regarding who did what on SAP HANA database. It helps to check and record particular actions performed in the SAP HANA database. Moreover, auditing can help in providing greater security by:

  • Showing efforts to breach safety
  • Finding security holes if a lot of privileges were granted to certain user
  • Allowing the system owner to meet security standards
  • Protecting the system owner against allegations of security desecrations and data exploitation

Listed below are the things that are usually audited:

  • Access to or changing of sensitive information
  • Creation or deletion of database objects
  • Changes to user authorization
  • Changes to system configuration
  • Authentication of users

SAP HANA database auditing lets observing action executed in HANA system. To use it on HANA system SAP HANA audit policy should be started. When an act is executed, the policy activates an audit event to mark to audit trail. Audit records in Audit trail can also be deleted, if desired.

Select Audit trail targets:

Syslog (default), CSV text and Database Table are the audit trail targets. One can also make a novel Audit policy in the Audit Policies part by selecting ‘create new policy’, and by entering the name of the policy and activities that need to be audited. It is important to keep in mind that the actions that take place when the database engine is not online, none of the actions can be detected or audited. Therefore, to audit any given events ensure that the database engine is online.

By SQL statement an action relates to the implementation of an action in the database. For example, when tracking user provisioning in the system, one can create an audit policy that audits the execution of the SQL statements. However, there are some actions which can shield the implementation of numerous SQL statements. An audit policy can tell any amount of actions to be audited, but not all actions can be joined. Actions can be grouped as:

  • Data definition actions (DDL)
  • Data manipulation actions (DML)
  • All auditable actions

Audit trail targets that are supported for production systems include:

  • Internal database table
  • Logging system of the Linux operating system (syslog)

To audit database activity, auditing must first be facilitated in the system, and if needed configure audit trails. However, audit policies can also be deactivated and reactivated later, or deleted altogether. Thus, it can be concluded by stating that auditing helps getting detailed information on those who accessed SAP HANA database.