/
SBDLOG - SAP Secure-by-default Logs
Document toolboxDocument toolbox

SBDLOG - SAP Secure-by-default Logs

Owned by Narender Baderia
Feb 28, 2024
1 min read

Data Description

The SBDLOG event is used to monitor usage statistics for RFC functions and SICF services.

Potential Use Cases

This event could be used in the following scenarios:

  • To find usage statistics SAP RFC functions and SICF services

  • Alert on specific RFC/SICF service usage

  • Determine RFC/SICF services usage over time

  • The information can be used to disable unused services and reduce attack

SAP Navigation

Log into the managed SAP system(only S/4HANA 2022+) and execute the transaction SBDLOG to display RFC functions and SICF usage statistics. The event makes these RFC and SICF services usage statistics available in Splunk for further analysis, set alerts, determine & disable unused RFC/SICF services.

image-20240228-052319.png
image-20240228-052404.png