To enable the security audit log, you need to define the events that the security audit log should record in filters. You can specify the following information in the filters:
• SAP System client
• Audit class (for example, dialog logon attempts or changes to user master records)
• Weight of event (for example, critical or important)
You can define filters that you save in static profiles in the database or you can define them dynamically for one or more application servers.
Select the tab strip for the filter you want to define. Enter the Client and User names in the corresponding fields. Select the corresponding Audit classes for the events you want to audit. Audit events are divided into three categories, critical, important, and non-critical. Select the corresponding categories to audit.
• Only critical
• Important and critical
To activate the filter, select the Filter active indicator. You can view the security audit log from transaction code SM20.