SAP ABAP Data Element SCEN_SAL_MODE (Recording Mode in Security Audit Log)
Hierarchy
SAP_BASIS (Software Component) SAP Basis Component
   BC-SEC (Application Component) Security
     SECU_ABAP (Package) Security and Protection of ABAP Programs
Basic Data
Data Element SCEN_SAL_MODE
Short Description Recording Mode in Security Audit Log  
Data Type
Category of Dictionary Type D   Domain
Type of Object Referenced     No Information
Domain / Name of Reference Type SCEN_SAL_MODE    
Data Type CHAR   Character String 
Length 1    
Decimal Places 0    
Output Length 1    
Value Table      
Further Characteristics
Search Help: Name    
Search Help: Parameters    
Parameter ID   
Default Component name    
Change document    
No Input History    
Basic direction is set to LTR    
No BIDI Filtering    
Field Label
  Length  Field Label  
Short 10 SAL 
Medium 15 SAL Status 
Long 31 Security Audit Log Recording 
Heading 31 Security Audit Log Recording 
Documentation

Definition

In active switchable authorization scenarios, you have the option to log authorization checks in the Security Audit Log (SAL). You can choose between the following options:

  • N    No recording in the Security Audit Log (default setting)
  • E    Record authorization errors in the Security Audit Log (for critical processes)
  • A    Record all checks in the Security Audit Log (exceptional setting for troubleshoorting)

The following SAL messages are used for the logging:

  • DUO Authorization check for object &A in scenario &B was successful.
  • DUP Authorization check for object &A in scenario &B failed

If an active scenario is changed, the event DUQ is triggered, regardless of this parameter.

Use

Dependencies

The SAL messages are only written if the Security Audit Log is active and the current filter settings contain the messages listed above. You can check this with transaction SM19.

Example

History
Last changed by/on SAP  20141013 
SAP Release Created in 740