(DI-2311) Collector for User Authorization Security
The technical name of the Collector for User Authorization Security is /DVD/MON_SEC_CL_COL_USR_AUTH.
The collector aims to track and analyze user authorizations, roles, and profiles, focusing on critical security aspects such as identifying users with high privileges, debugging permissions, and potential vulnerabilities in SQL execution. Its main goal is to enhance security by providing insights, KPIs, and reports related to user access and authorization within the SAP environment.
Default KPI delivered with this collector
The following default KPIs are delivered with this collector:
KPI name | Description | Unit | Detail table |
---|---|---|---|
SEC_USR_AUTH_SAP_ALL | Number of users with SAP ALL authorizations | Count | Yes |
SEC_USR_AUTH_S_DBCON_A36 | Number of users with S_DBCON (ACTVT=36) authorization | Count | Yes |
SEC_USR_AUTH_S_DEVELOP | Number of users with S_DEVELOP authorization | Count | Yes |
Parameters
The following parameter is used for this collector:
Parameter name | Description | Default value |
---|---|---|
SUPPRESS_PRODUCTION_SYSTEM | Parameter if the production monitoring should be suppressed | X |
Detail table
The collector provides a detail table User master authorizations. The technical name of the detail table is /DVD/MON_SEC_S_USR_AUTH_DET.
The detail table associated with the collector serves to report and list dialog users with elevated authorizations, specifically those with permissions SAP_ALL, debugging access (S_DEVELOP) and authorizations for DB02 query executions (S_DBCON;ACTVT=36). This table offers an organized overview of users holding potentially risky authorizations, aiding administrators in identifying and managing security vulnerabilities. It contains the following fields:
Technical name | Description |
---|---|
TIMESTAMP | When the records are saved into the Detail table |
SID | System ID |
AUTH_NAME | Security: User authorization name |
AUTH_TEXT | Security: User authorization text |
USER_NAME | User Name |