Professional Documents
Culture Documents
Contents
Defining SAP Transactions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Configuring SAP Transactions for use in SecureSphere. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Configure Data Enrichment Policy for SAP Transaction Detection. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Configure an Audit Policy for Auditing SAP Transactions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Viewing SAP Transactions in Audit. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
SecureSphere administrators cannot make changes to this list, but they can add SAP transactions to the User Defined
Privileged Operations Group and include these transactions in auditing and reporting.
Because SecureSphere uses the privileged operations mechanism to identify SAP transactions, you must create a data
enrichment policy to extract the SAP transactions from the SQL which is then recognized by SecureSphere as a
privileged operation.
The following table lists the main tasks that need to be conducted to configure SAP Transactions for use in
SecureSphere:
Configuring Data Enrichment Define a Data Enrichment policy to Configure Data Enrichment Policy
1
Policies extract SAP Literals from SQL for SAP Transaction Detection
5. Expand the Additional Conditions option, in the when Literal # field, type 2. In the second field after is, type
TRAN.
6. In the Apply to tab, select the database service on which the SAP application is running, for example Oracle.
7. Click Save.
Once you have completed configuring the data enrichment policy to extract the required fields, you need to
configure an Audit policy to audit this traffic as described in Configure an Audit Policy for Auditing SAP
Transactions.
Once you have created a data enrichment policy to extract the literals needed to audit SAP transactions, you need to
configure an audit policy.
Once you have configured a data enrichment policy to extract SAP data and an audit policy to audit this data, you can
view SAP transactions in the audit window.
4. Select a row in the resulting data, then click Retrieve Event Data.
5. To save this view for easy access, click Save as Report .