Exploring the SAP Audit Log Service

ajmaradiaga · ‎06-27-2022

A new SAP Tech Bytes series is starting today. In this blog post, I will share what is covered in the video that was release today (2022-06-27) and the videos that will be released in the next couple of weeks.

The SAP Audit Log service is a platform service which stores all the audit logs written on your behalf by other platform services that you use. It allows you to retrieve the audit logs for your subaccount via the Audit Log Retrieval API or view them using the Audit Log Viewer. The SAP Audit Log service only stores audit log entries written by SAP BTP services, when taking action over your account data. As a developer, the custom applications/services (non-SAP), that you deploy to SAP BTP, do not have write access to the Audit Log Service.

SAP Tech Bytes - Exploring the SAP Audit Log service

In these new SAP Tech Byte series, I will be exploring the SAP Audit Log service, which is a free service part of the SAP Business Technology Platform. I will start by giving an overview of the service and interacting with it via the API. In the second part, I will proceed to use SAP Cloud Integration to extract the data from the API. In the last part of the series, I will show you how we can store the log entries in SAP HANA Cloud or in an Object Store with SAP Cloud Integration. The architecture diagram below captures what the whole series will cover.

Services used in the SAP Tech Bytes - Exploring the SAP Audit Log service

In case you wonder how I created the architecture diagram above... Hint: No diagram tools used, just code. ~~I will be sharing the details in a future blog post. Stay tuned 📻~~. Check out this blog post - https://blogs.sap.com/2022/06/29/creating-architecture-diagrams-with-code/.

In this first part of the series, I cover the following:

0:00 Intro

1:11 SAP Audit Log Service overview

4:41 Audit Log Viewer

7:15 What's required to interact with the Audit Log service API

9:35 Create an instance of the Audit Log Management service

13:00 Create service key for the instantiated service

14:20 Call the Audit Log Retrieval API from Postman

14:48 Get an access token (authentication)

17:05 Retrieving Audit Log records

19:13 Pagination - handle query parameter

I hope you find these new SAP Tech Bytes series useful. If you want to be notified of future SAP Tech Bytes videos or just videos focused on SAP Developers, make sure to subscribe to the SAP Developers YouTube channel.

Marçal_Oliveras · ‎11-28-2022

Hi ajmaradiaga , I have a few questions I hope you can help:

Unfortunately the "log viewer" app is not available when using Google Cloud subaccounts. Do you know if it will be made available?
Does the Audit Log store logs for the Launchpad Service?
When enabling the log API service it in BTP, it asks for the runtime environment. I thought I had to select Cloud Foundry but it doesn't allow me. I had to select "Others". What does others exactly mean?

Kind regards,

M. Oliveras

ajmaradiaga · ‎11-29-2022

Hi omarshal,

Not sure when it will be available in all Google Cloud subaccounts. At the moment, it is only available in US Central (cf-us30).

Audit log store logs for Launchpad service: Yes, see the Data Protection and Privacy section of SAP Launchpad in the SAP Help documentation.

steven_foo · ‎03-28-2023

HI, Thank you for provide your video recording about how to setup the retrieval of the audit log.

We follow your steps until GET part where we encounter the following error in Postman.

Similar to 403 Forbidden, but specifically for use when authentication is possible but has failed or net yet been provided. The response must include a WWW-Authenticate header field containing a challenge applicable to the requested resource.

We test the POST without issue, and we copy the access_token value and paste into the environment. What is missing?

Appreciate your feedback.

nageshcaparthy · ‎03-29-2023

Hi Antonio,

Thank you for the blog and the details.

I have activated the service and have the following error with no details. Not quite sure how to fix this without any error details:

Regards,

Nagesh

nageshcaparthy · ‎04-04-2023

It's working now, I added the two roles:

- auditlog-management!b*
- auditlog-viewer!t*

Regards,

Nagesh

omata_sap · ‎04-07-2023

Hi Antonio, I am a new user of Audit Log Viewer.

I would like to ask about the values that can be retrieved in Audit Log Viewer.
I think the org_id or tenant ID displayed in BTP Cockpit and the value that can be retrieved in Audit Log Viewer are different.
How can these values be converted to actual values that can be retrieved in Audit Log Viewer?

Regards,.

JaySchwendemann · ‎08-02-2023

Theres also a "chance" that you are authenticating with a corporate IdP where the role was setup to use SAP's built in IdP (SAP ID Service). See https://me.sap.com/notes/3287339

JaySchwendemann · ‎08-02-2023

Hi All / Antonio,

when I look at the services of an BTP subaccount I see Audit Log Service API as being deprecated. (it was automatically assinged to the subaccount).

Is Audit Log Management Service the replacement or is it something else? Does the deprecation affect the API access you laid out in your blog?

Many thanks and cheers

Jens

dheerajahuja000 · ‎11-03-2023

Hi Steven,

Were you able to resolve this issue?

Exploring the SAP Audit Log Service

Get Your SAP HANA Idea Incubator Badge Today!

SCN Mission - SAP HANA Quiz Challenge is now retired

Share your #HANAStory and Win