The main system log of the SAP system can be accessed by running the transaction SM21 (Tools -> Administration -> Monitoring -> System Log). Displays messages from the current SAP-instance. Log entries are read from the file, which is specified in the parameter rslg / local / file. By default, / usr / sap / <sid> / <Instance_name> / log / SLOG <instance_number>. Parameter rslg / max_diskspace / local sets the log file size. By default, 500000. After filling – old records are removed. The size of a single record of 192 bytes. You can collect log entries from all application servers on the central court. To do this, put a number of parameters. Details on the SAP Help Portal.
Transaction ST22 – view the ABAP-dump system. “Go to -> Reorganize” set term storage dumps. The size of the shelf life of the dump depends on the frequency analysis of your systems. Typically, seven days is sufficient. Dumps are stored in the table SNAP.
You can enable the Security Audit Log system. From this log, you can see user logon results, user lock, launched transactions, reports, changes of user accounts. Temporarily included in the transaction SM19. Constantly setting rsau / enable = 1. Parametrrsau / local / file specifies the directory where the logs are stored. By default, / usr / sap / <sid> / <Instance_name> / log / audit_ <instance_number>. After setting rsau / max_diskspace / localzadaetsya size of the audit file for a day. View Log via transaction SM20. Removal of old logs – transaction SM18.
It is also possible to activate the changes in audit tables. The profile register parameter rec / client = XXX (client number). You can specify multiple client, separated by commas. For the relevant tables in SE11 in the technical settings include “change log”. View audit – SCU3 transaction. The audit log is stored in DBTABLOG table.
Please remember that any logging, especially additional, in varying degrees, reduces system performance.
It should be noted that the technical parameter tables, whether it has logged the changes can be seen in Table DD09L (PROTOKOLL field). There you can see that this option is included in many tables (I have from 71,986 to 28,408 inclusive – most of the included SAP and included some old attendant system). SAP included in the tuning parameter tables. And therefore prepare that when the rec / client audit in the production system, your logs will grow strongly.
How to change rslg/max_diskspace/local parameter is described in SAP Note 862 – Reduce size of system log file
The number of bytes is specified in ‘rslg/max_diskspace/local’. Usually this variable is not contained in any profile because defaults are used.
The default value is 500000, only for Release 3.0fcs (and 3.0a?) the value is 16384000.
To avoid misunderstandings about when the “turning point” occurs in the cyclical write process, the profile value is copied to the shared memory segment ‘SCSA’. Only this value is valid.
For releases 0.4 up to and including 2.2:
+ Stop the R/3 application server.
+ Delete SCSA (with ‘cleanipc’ or ‘ipcrm’)
+ Start the R/3 application server.
From Release 3.0
+ sapmscsa -o pf=<application_server_profile>
+ Stop and start the R/3 application server
(There is a new technique that causes the SCSA to be refreshed with the next restart).
Reduce size of operating system file
If the profile value was increased or the operating system file is not as large as specified by the new value, there is nothing you need to do.
Otherwise reduce the size of the file manually. Since the R/3 System keeps the file open, this is only possible between the stop and start of the application server. Various possibilities are available, for example, under UNIX:
mv $F $F.old
dd if=$F.old of=$F bs=100 count=5000
rm $F.old ;: “spГ¤ter”
If necessary you can also delete the file. However, in this case you also need to delete the file /usr/sap/C11/D00/data/rslgssta.
If the current write pointer was at the back of the file, system log entries that are not old will also be lost after this operation.