Lab 1: Auditing Dashboard
Scenario
 View auditing health status
 View and change auditing configuration
Objectives
In this lab, you will:
 Learn how to use Auditing Dashboard
 Learn how to detect problems and troubleshoot auditing
 Learn to identify incorrectly configured client auditing
 Properly configure client auditing
 Learn to identify servers with auditing events in the queue
 Configure the location of auditing temporary files
 Configure ADS
 Configure older events auto-deletion
 Change auditing level
 Enable and disable auditing events
 Enable and disable auditing event details
Before you start this lab, please make sure to view the available auditing presentations and
documents. It is important to fully understand the information described in the presentations and
auditing documents BEFORE you start this workshop.
Perform the following steps as described in order:
Auditing Dashboard
1. Login to the CMC as your train-XX user.
© SAP AG 2011 SAP BusinessObjects / Page 1
2. Navigate to the Auditing tab. This takes you to the Auditing Dashboard, which is the central
location to configure auditing for the entire system. It is also a central place to see the status of
auditing.
Checking auditing status
Scenario
 View auditing health status
Objectives
 Learn how to use the Status Summary section of Auditing Dashboard
 Learn how to detect problems and troubleshoot auditing
1. Notice the Status Summary area of the Auditing Dashboard. Ensure that no warnings are
displayed.
© SAP AG 2011 SAP BusinessObjects / Page 2
© SAP AG 2011 SAP BusinessObjects / Page 3
2. Ensure that the ADS Last Updated On field shows a recent timestamp (for example not older
than 10 minutes ago). This field indicates when the last polling interval started. Events newer
than this time are not loaded in ADS yet. If the timestamp is older than 2 hours then the field
appears on a yellow background.
If this state persists and you consider the delay too long, either update your deployment to allow
the ADS database to receive data at a higher rate (faster network connections or more powerful
database hardware for example), or decrease the number of auditing events your system
tracks.
Note: You can get the exact date/time up to which all events are loaded into ADS. Use values
stored in ADS as follows:
ADS_Auditee (for values specific to auditee): Retrieved_Events_Completed_By and
Potentially Incomplete Data columns.
ADS_Cluster (for cluster level values): Retrieved_Events_Completed_By and Potentially
Incomplete Data columns.
Please see the Auditing documentation for more information.
3. Click the Refresh button. Repeat once every 30 seconds until you notice a change in the
timestamp.
4. Notice the Auditing Thread Utilization (%) field. It shows the percentage of the polling cycle
the auditor CMS spends collecting data from auditees. The remainder is time spent resting
between polls.
If the utilization reaches 100%, the figure is displayed in yellow. This means that the auditor is
still collecting data from the auditees when the next poll is due to begin. This may cause delays
in the events reaching the ADS.
If the utilization reaches 100% frequently or persistently, it is recommended to either update
your deployment to allow the ADS database to receive data at a higher rate (faster network
connections or more powerful database hardware for example), or decrease the number of
auditing events your system tracks.
5. Notice the Last Polling Cycle Duration (seconds) field. This shows the duration of the last
polling cycle in seconds. This indicates the maximum delay for event data to reach the ADS
during the previous polling cycle. If the value is under 20 minutes then it appears on a green
background, between 20 and 120 minutes on a yellow background, and over 2 hours on a red
background.
© SAP AG 2011 SAP BusinessObjects / Page 4
6. Ensure that a CMS server name follows the CMS Auditor field in the Status Summary area.
This indicates that CMS successfully connects to ADS. If this field is empty it indicates that the
CMS auditor is not properly configured and it will not collect auditing events. Usually if the CMS
Auditor field is empty it indicates an issue with ADS database configuration.
Later in this lab you will learn about ADS configuration. For now remember that if this field is
empty it means there are no auditors in the cluster and no auditing events are collected from
auditees. If you need auditing then this situation must be fixed.
7. Ensure that in the Status area, ADS Database Connection Name points to your local auditing
DB.
Client auditing troubleshooting and configuration
Scenario
 Properly configure client auditing
 View client auditing health status
Objectives
In this section, you will:
 Learn to identify incorrectly configured client auditing
 Properly configure client auditing
1. To enable client auditing (events sent by clients) you must have at least one Adaptive
Processing Server (“APS”) with Client Auditing Proxy Service (“CAPS”).
General recommendation (not to be executed in this lab): For high availability and load
balancing it is highly recommended to have at least 2 APS servers with CAPS services, with
each APS to be hosted on a different machine to minimize the effect of hardware failure. It is
critical to have at least one CAPS always available, otherwise client events will be lost. Also
make sure that each APS request port is open in the firewall between clients and APS to allow
client events to be delivered to CAPS. Also the CMSs ports must be open in the firewall
between CMSs and clients.
The preinstalled APS hosts CAPS. Instead of using a pre-installed APS with CAPS, it is
recommended to create a new APS dedicated only to Client Auditing Proxy Service (CAPS).
This will significantly improve performance and high availability.
2. From the CMC Server Management page stop the Adaptive Processing Server.
© SAP AG 2011 SAP BusinessObjects / Page 5
3. Navigate to the CMC Auditing dashboard. Notice the following warning:
Warning: Client
auditing is unavailable. This indicates that events from clients currently cannot be received
(such as InfoView, CMC, Web Intelligence Rich Client and so on) and will be lost.
4. Start the Adaptive Processing Server.
5. After the server starts, navigate to the Auditing Dashboard.
Notice that the “Client auditing is unavailable” message no longer appears.
6. Return to the Server Management page.
7. Right-click the Adaptive Processing Server and select Metrics.
Notice that in the Client Auditing Proxy Service Metrics section there is a new metric labelled
Number of Audit Events Received Since Server Startup. It shows how many client events
were routed through this Client Auditing Proxy Service. On a busy system and on a long running
server this number would not be 0.
8. Right-click the Central Management Server and select Metrics.
Notice the Current Number of Auditing Events in the Queue metric. This shows the number
of events in the server queue. Other servers supporting auditing have similar metrics. Do not
stop servers until this metric reaches 0, otherwise you will get some events stuck in the server
queue. They will not reach ADS until after the server is started again. In this case the following
warning will be displayed on auditing dashboard: “ Warning: Auditing data remaining in
server buffers”.
ADS configuration and troubleshooting
Scenario
 View auditing database connection health status
 View and change auditing configuration
© SAP AG 2011 SAP BusinessObjects / Page 6
Objectives
 Detect problems with ADS connection
 Configure ADS
1. Navigate to the Auditing tab of the CMC.
2. Check the database currently used for the ADS. In the Status Summary area notice the ADS
Database Connection Name and ADS Database User Name. If these values are empty then
CMS cannot connect to ADS.
Ensure that the DB used is the one you expect to be used:
ADS Database Connection Name: “BusinessObjects Audit Server 140”
ADS Database User Name: “XXXX” (the password you enter during installation)
3. Notice the Configuration area as shown on screenshot.
© SAP AG 2011 SAP BusinessObjects / Page 7
4. Modify the Connection Name to an invalid DB name to see what happens if you point to nonexisting ADS, then click Save.
Note: you do not change the ADS DB password, but if you accidently change it, reset it to the
“XXXX” (the password you enter during installation).
Notice the following warning:
5. Go to the CMC Server tab and select Servers List.
Notice that the Central Management Server has a Stale flag, meaning that it requires restart.
6. Restart the Central Management Server. If you have multiple CMSs, make sure that all CMSs
are restarted. Wait for the server to restart.
7. Go to the Auditing tab.
In Status Summary area notice a warning that no CMS is configured as an auditor.
Also in Status Summary area notice that the ADS Database Connection Name and ADS
Database User Name are empty. This indicates that CMS cannot connect to ADS.
Note: you may experience the same warning / situation when ADS DB user’s password has
changed but wasn’t updated in CMC.
8. Set the ADS Database Connection back to a valid value: BusinessObjects Audit Server 140
9. Click Save.
10. Restart the CMS.
11. After the CMS has restarted, return to the Auditing tab and check the database currently used
for ADS. Ensure that in the Status Summary area the ADS used is the one you expect to be
used:
ADS Database Connection Name: BusinessObjects Audit Server 140
ADS Database User Name: “XXXX” (the password you enter during installation)
© SAP AG 2011 SAP BusinessObjects / Page 8
Auto delete configuration
Scenario
You want to limit the number of events in ADS by changing auditing events auto-delete
interval.
Objectives :
 Learn how configure older events auto-deletion
1. Notice the Delete Event Older than (days) property.
This property controls how long the events are kept in the ADS.
CMS will periodically (once each 24 hours) delete events older that the values specified in this
property. This deletion is performed at the time determined by the CMS (not configurable, like
garbage collection in Java) and may take some time if large amount of data needs to be
deleted. By default the Delete Event Older than (days) setting is for approximately100 years.
The maximum acceptable value is equivalent to about 300 years.
Temp files location configuration
Scenario
 Change the location where temporary auditing files are saved.
© SAP AG 2011 SAP BusinessObjects / Page 9
Objectives
 Learn how to configure the location of auditing temporary files
To change the location where the auditee writes temporary auditing files, perform the following
workflow on each node.
Note that if at the time of the change the old location had any temporary auditing files then the
system moves them to the new folder automatically.
1. Navigate to the Servers tab in the CMC.
2. In left pane select Nodes. Right-click the node in the right pane.
3. From the menu select Placeholders.
© SAP AG 2011 SAP BusinessObjects / Page 10
4. Notice the %DefaultAuditingDir% placeholder. This placeholder controls the location where
temporary auditing events are stored.
5. Change the %DefaultAuditingDir% placeholder to C:/Program Files (x86)/SAP
BusinessObjects/SAP BusinessObjects Enterprise XI 4.0/TempAuditing/. The CMS will
create this folder. No server restart is required. If at the time of the change the old location had
any temporary auditing files then the system automatically moves them to the new folder.
6. Click Save & Close.
7. In Windows Explorer (file manager) navigate to C:/Program Files (x86)/SAP
BusinessObjects/SAP BusinessObjects Enterprise XI 4.0/TempAuditing/.
8. Logout of the CMC and login again to cause events to be triggered.
9. Immediately go to the Windows Explorer window and click refresh to refresh the content of the
C:/Program Files (x86)/SAP BusinessObjects/SAP BusinessObjects Enterprise XI
4.0/TempAuditing/ folder. Notice that a new auditing temp file is created.
If you do not see the file it may be because CMS just picked it up after you’ve triggered the
event (by logging into CMC) and before you managed to refresh Windows Explorer. In this case
repeat two previous steps.
Note: Always make sure that the Default Auditing Directory folder is located on a local high
speed drive. Never configure the folder to be located on a RAM disk (volatile memory) because
events could be lost if the machine crashes or reboots.
Changing the auditing level
Scenario
You want to:
 Enable or disable auditing level, events, and event details.
© SAP AG 2011 SAP BusinessObjects / Page 11
Objectives
 Change auditing level
 Enable and disable auditing events
 Enable and disable auditing event details
1. Login to the CMC as Administrator and navigate to the Auditing tab.
2. Change the auditing level to Custom. In the Set Events area change the auditing level to
Custom by moving the slider to Custom and clicking Save. With the Custom setting you can
enable and disable individual events.
3. In the Common Events area enable the Trigger event and disable the Logout event. Click
Save.
4.
In the Set Event Details area, enable all event details. Click Save.
End of lab
Version
2.2
Author
Radim Bacinschi/Graham Sturmy
Date
July 13, 2017
© SAP AG 2011 SAP BusinessObjects / Page 12