Security Information and Event Management (SIEM) systems support centralized security monitoring across networks. They ingest and analyze data from hosts, routers, switches, firewalls and other components to identify and respond to security threats.
SIEM systems can ingest data directly from SAP application logs. However, direct integration is complex and laborious. It also requires high maintenance and may substantially increase costs if SIEM licensing is tied to log size or events per second.
This challenge can be overcome by integrating SAP logs with SIEM systems using SAP Solution Manager, a management server in SAP landscapes. Solution Manager filters, structures and enriches security event data in SAP logs to support fast, seamless integration with SIEM systems.
This webinar recording discusses the challenges of direct ingestion of SAP logs and the benefits of integration using Solution Manager. It also provides recommendations for configuring audit settings and policies for the following data sources in SAP:
Security Audit Log
Business Transaction Analysis
Read Access Log
Java Security Log
HANA Audit Log
The webinar is a digest of the whitepaper SIEM Integration for SAP.