Inside look at Cenoti and Splunk Enterprise Security
Get complete Splunk visibility with Cenoti™. Illuminate your SAP data.
Managing SAP is complex. Correlating and identifying security and privacy is now made simpler with our pre-built alerting framework delivered directly out of your SAP systems into your Splunk workspace.
World-class tools combined to drive business insight and allow your teams to easily manage and surface key alerts to act on. Get real-time visualization and insights across all your connected data sources using pre-delivered dashboards.
Traditionally, SAP security relies on teams of specialist engineers. However, their complexity and criticality to business operations often exceed the capacity of smaller technology teams.
Cenoti links SAP systems to Splunk, so you can manage your entire enterprise security monitoring via a single Splunk dashboard.
The following connectors are delivered 'out of the box' with Cenoti. Our framework makes it simple to filter, extend or build additional connectors:
Name | Technical Name | Description |
User authorization log (buffered data) | AUTHLOG_BUF | Buffered user authorization checks similar to what is shown in transaction SU53. |
User authorization log (persistent data) | AUTHLOG_LT | Long-term, persistent user authorization checks. |
Security audit log | SECAUDLOG | This collector lets you track the information in the security audit logs, that is normally accessible via transaction SM20. |
User password status | USERPWD | The USERPWD collector lets you collect the data of the RSUSR200 report. |
Name | Technical Name | Description |
ABAP Short Dump Analysis | ABAP_DUMP | ABAP runtime errors as tagged fields or in a full report, similar to that shown by transaction ST22. |
SAP Application log monitor | APPLOG | Retrieves messages stored in the system's Application Log. The collected data is similar to that shown by transaction SLG1. |
BW Process Chains monitor | BW_PC | Collects BW Process Chain meta-data and logs. |
SAP transaction descriptions | CODE_TXT | Provides the text descriptions for SAP transaction codes (in all supported languages). |
Enqueue (lock) monitoring | ENQLOCK | Provides a snapshot of current locks and their age. |
IDOC data collector for control and segments | IDOC_D | The collector lets you collect IDoc status (changes of an IDoc over its lifecycle), control, and segment data, consisting of the data and structures that makes up each IDoc (as found in the control headers), allowing you to see which fields and types of data are sent/received with each IDoc. |
Generic OData entities for extract from Fiori and other services | ODATA_ENTITY | Serves as generic OData Service clients to collect data from third-party systems via OData API calls. |
Name | Technical Name | Description |
Managers and employees details with associated org information | MGR_EMP | Retrieves HR information for employees and lists managers along with the personnel numbers of the employees that report to them. You can use it to set up an org structure for your company. |
Read access logging (RAL) for sensitive access | RAL | Retrieves logged user activity that was recorded by the Read Access Log mechanism. |
SuccessFactors employee data (via Odata API) | SF_EMPLOYEE | Collects data from SuccessFactors entities via the OData API. |
Name | Technical Name | Description |
SAP database table snapshots | ANYTAB | This collects data from any SAP table using a snapshot at the time of collection. Its selection options are similar to those in SE16. |
Database system health and related information | DB_INFO | Data about your SAP system's databases, including a basic overview, the database's top tables and SQL statements, and information about database locks. |
Table logging collector | TABLOG | This collector reads table log entries (for tables that have logging activated). |
© 2024 EPI-USE Labs
Trafford House, 11th Floor, Chester Road, Stretford, Manchester, United Kingdom, M32 0RS •Other Office Locations