Skip to content

Setting Emergency Access Utilization Options

If your organization uses Emergency Access Management, you must have SAP Security Audit Logs installed in your SAP system and edit the system utilization data when registering the system. This will pull the usage data needed to review emergency access usage.

To enable Security Audit Logs for EAM Utilization reporting:

  1. In the Utilization Options section of the SAP system registration page, select the Expand icon .

    Screen capture showing the utilization options section expanded

  2. Select a STAD option.

    • If you are running SAP 4.x version, select STAD – use SAPWL_WORKLOAD_GET_STATISTIC
    • If you are running SAP ECC version 5.0 or later, select STAD – use SWNC_COLLECTOR_GET_AGGREGATES

  3. Follow the directions from SailPoint Support to determine which of the following SAP Security Audit Log (SAL) options to use to enable SAL as the data source for EAM Utilization:

    • Use RSAU_READ_LOG

    • Use SM20 - Variable Data Column

    • Use SM20 - Transaction Code Column

    • Use SM20 - Transaction Code Column - Older 4.x

  4. In the Application Server Connections section, select + Connection and enter the Host IP address, Instance Number, and Instance Name of the additional SAP application servers.

    Repeat for each application server you have.

    Important

    You must add every application server connection to ensure that all EAM activity is tracked. Security Audit Log will not work without these connections.

    Finding your instance name

    You can find the name of your instance by going to TCode ST03N in your Workload Monitor and looking in the ABAP Instance Name column.

  5. Select Save to register your SAP system with these utilization settings.