Integrated Risk Management
Through the application of technology and automation, we'll help you manage your risks efficiently and effectively across the entire enterprise.
Identity and Access Managaement
We'll help you ensure everybody within your organisation has access to the right systems and data, for the right reasons, and at the right time.
Cyber & Application Security
Our experts will uncover security weaknesses within your security design and business-critical applications. Helping you protect your organisation from both internal and external threats.
About us
A group of passionate individuals with a shared purpose to help the world's leading companies embrace best practices for GRC and risk management.
Partners
Turnkey's strategic partner network consists of selected organisations that complement our capabilities.
Corporate Social Responsibility
We are committed to being agents for change through our Climate Action Plan, championing diversity in our workplaces, and more.
Get in touch
We have operations in all corners of the globe, so see which office is nearest to you and connect with them.
Careers
We have operations in all corners of the globe, so see which office is nearest to you and connect with them.
Webinars & eBooks
All of Turnkey's webinars, guides and other insights available in one place.
Blogs
Read the latest insights from our experts on GRC and risk management, covering the latest industry topics.
Press Coverage
See all the publications where Turnkey, our experts and our successes have been noted.
Key events
See the key industry conferences on GRC, SAP security and risk management which we are attending.
Case Studies
Client satisfaction is of the utmost importance to us, and we strive to constantly deliver above expectations, going the extra mile at every opportunity.
FAQs
We've put together a comprehensive list of frequently asked questions - along with our responses - to the most common GRC and SAP security issues.
30 October 2012

Emergency Access Logs - What Is Logged And What Isn't?

The SAP GRC Emergency Access Management (EAM) log level has been the subject of a lot of questions and debate. In this post I have summarised the current available logs together with their purpose and a description of what is captured.

There are five key logs available in EAM:

Transaction Log - This is the equivalent of the STAD data and a log entry will appear whenever a transaction is called by the Firefighter ID. 

Change Log - This is based upon the data held in tables CDHDR and CDPOS for business change documents. All changes logged by those tables will be captured alongside the nature of the change. This includes the field and values updated. However, this does not include a number of system administration functions if not covered by the business change header tables. Therefore, it is not guaranteed to capture each and every change made in the system. 

OS Command Log - This captures operating system commands executed from within SAP systems (via transaction SM49).

System Log - This reads from the SAP Application to show debug and replace entries from transaction SM21.

Audit Log - This reads entries from the SM20 system audit log assuming that this is configured correctly in SM19.

The present solution does not read the DB Table log but there is a planned enhancement to include this.