SAP系统中，用户登陆IP，主机名，使用事物代码的审计日志记录增强



首先，这个功能有非常强大，强大到影响SAP系统每一次执行事物代码，所有一旦出现问题，可能造成全部用户的事务代码不能登陆，包括开发人员和BASIS。所以使用该功能前必须谨慎考虑。

一、改动系统标准对象：AUTH_CHECK_TCODE

在AUTH_CHECK_TCODE对象中加入自己的代码，就可以把用户的行为记录下来。


* authority_check_tcode berücksichtigt wie der Kernel die per SE97

* pflegbaren Einträge in der Tabelle tcdcouples.

 

* Berechtigungsprüfung

  CALL 'AUTH_CHECK_TCODE'

       ID 'TCODE' FIELD tcode.                            "#EC CI_CCALL

 

  IF sy-subrc = 0.

*{   INSERT         DEVK900175                                        1

CALL FUNCTION 'Z_SAVE_LOGONINFO'

  EXPORTING

    TCODE         = tcode.

*}   INSERT

*   auth_check_tcode enthält die Prüfungen von tcode_executable,

*   daher im OK-Fall keine Aufruf nötig.

  ELSE.

    PERFORM tcode_executable USING tcode.

*   Keine Berechtigung für Transaktion &

    MESSAGE i077(s#) WITH tcode RAISING not_authorized.

  ENDIF.

二、这里，加入了一个FUNCTION 'Z_SAVE_LOGONINFO'，这个FUN中我们会把用户操作信息保存到自己的表。

FUNCTION Z_SAVE_LOGONINFO.

*"----------------------------------------------------------------------

*"*"Local interface:

*"  IMPORTING

*"     VALUE(TCODE) LIKE  TSTC-TCODE

*"----------------------------------------------------------------------

data hostadr like uinfo-hostadr.

data hostaddr(8).

data term like uinfo-term.

data xhcount type i.

data: iptxt(15),itimes type i,itimes1 type i,hx(2).

data: result type i,resulttxt(3).

tables zlogoninfo.

call function 'TH_USER_INFO'

     importing

       hostaddr = hostadr  "like UINFO-HOSTADR

*(hex)

          terminal = term. "like UINFO-TERM

select max( xh ) into xhcount from zlogoninfo.

xhcount = xhcount + 1.

zlogoninfo-xh = xhcount.

zlogoninfo-mandt     = sy-mandt.

zlogoninfo-bname     = sy-uname.

hostaddr = hostadr.

do 4 times.

  hx = hostaddr+itimes1(2).

  itimes = 0.

  result = 0.

  do 2 times.

    case hx+itimes(1).

      when 'A'.

        if itimes = 0.

          result = result + 10 * 16.

        else.

          result = result + 10.

        endif.

      when 'B'.

        if itimes = 0.

          result = result + 11 * 16.

        else.

          result = result + 11.

        endif.

      when 'C'.

        if itimes = 0.

          result = result + 12 * 16.

        else.

          result = result + 12.

        endif.

      when 'D'.

        if itimes = 0.

          result = result + 13 * 16.

        else.

          result = result + 13.

        endif.

      when 'E'.

        if itimes = 0.

          result = result + 14 * 16.

        else.

          result = result + 14.

        endif.

      when 'F'.

        if itimes = 0.

          result = result + 15 * 16.

        else.

          result = result + 15.

        endif.

      when others.

        if itimes = 0.

          result = result + hx+itimes(1) * 16.

        else.

          result = result + hx+itimes(1).

        endif.

    endcase.

    itimes = itimes + 1.

  enddo.

  resulttxt = result.

  if iptxt <> ''.

    concatenate iptxt '.' resulttxt into iptxt.

  else.

    iptxt = resulttxt.

  endif.

  itimes1 = itimes1 + 2.

enddo.

zlogoninfo-ip = iptxt.

zlogoninfo-terminal = term.

zlogoninfo-logon_date = sy-datum.

zlogoninfo-logon_time = sy-uzeit.

zlogoninfo-UCOMM = sy-UCOMM.

zlogoninfo-tcode = TCODE.

insert into zlogoninfo client specified values

zlogoninfo.

commit work.

 

*}   INSERT

 

 

 

ENDFUNCTION.




三、自定义表的情况：
















里面数据情况：