Static vs. dynamic filter configuration in AIS

Expert Muhammed Farooq Ali explains the difference between these types of filters in SAP Basis.

Farooq Ali, Al Jazeera Media Network

Published: 19 Mar 2007

Could you please tell me the differences between static and dynamic filter configuration in AIS?

If you use static filters, all of the application servers use identical filters for determining which events should be recorded in the audit log. You have to define filters only once for all application servers. You can also define several different profiles that you can alternatively activate.

Result The filters you define are saved in the audit profile. If you activate the profile and restart the application...

Step 2 of 2:

You forgot to provide an Email Address.

This email address doesn’t appear to be valid.

This email address is already registered. Please login.

You have exceeded the maximum character limit.

Please provide a Corporate Email Address.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

server, actions that match any of the active filter events are then recorded in the security audit log. Before you can set Static Filters, you must first set the following profile parameters: rsau/enable rsau/local/file rsau/max_diskspace/local rsau/selection_slots

Dynamic filters enable you to respond to real-time events in your system environment, setting traps that can assist you in addressing a security problem. With this option, you can dynamically change the filters used for selecting events to audit. The system distributes these changes to all active application servers.

Result
The audit filters are dynamically created on all active application servers. If you activate the profile(s), any actions that match any of these filters are recorded in the security audit log. Changes to the filter definitions are effective immediately and exist until the application server is shut down. Before you can set dynamic filters, you must first set the following profile parameters:
rsau/local/file
rsau/max_diskspace/local
rsau/selection_slots

How to set up Palo Alto security profiles

What to expect in the Salesforce Administrator certification exam

Simplifying CRM with the release management process

Built-in tools for monitoring and optimizing OLAP cubes

Dig Deeper on SAP Basis

How to set up Palo Alto security profiles

What to expect in the Salesforce Administrator certification exam

Simplifying CRM with the release management process

Built-in tools for monitoring and optimizing OLAP cubes

Related Q&A from Farooq Ali

How to reset the SAP transport buffer after abnormal patch termination

Tips for setting up a default SAP BI client after implementation

Checking HTTP ports in an SAP system