SAP HANA audit policy tells the actions to be audited and also the condition under which the action must be performed to be relevant for auditing. Audit Policy defines what activities have been performed in HANA system and who has performed those activities at what time.
SAP HANA database auditing feature allows monitoring action performed in HANA system. SAP HANA audit policy must be activated on HANA system to use it. When an action is performed, the policy triggers an audit event to write to audit trail. You can also delete audit entries in Audit trail.
In a distributed environment, where you have multiple database, Audit policy can be enabled on each individual system. For the system database, audit policy is defined in nameserver.ini file and for tenant database, it is defined in global.ini file.
Activating an Audit Policy
To define Audit policy in HANA system, you should have system privilege − Audit Admin.
Go to Security option in HANA system → Auditing
Under Global Settings → set Auditing status as enabled.
You can also choose Audit trail targets. The following audit trail targets are possible −
- Syslog (default) − Logging system of Linux Operating System.
- Database Table − Internal database table, user who has Audit admin or Audit operator system privilege he can only run select operation on this table.
- CSV text − This type of audit trail is only used for test purpose in a non-production environment.
You can also create a new Audit policy in the Audit Policies area → choose Create New Policy. Enter Policy name and actions to be audited.
Save the new policy using the Deploy button. A new policy is enabled automatically, when an action condition is met, an audit entry is created in Audit trail table. You can disable a policy by changing status to disable or you can also delete the policy.
