[doc issue] Audit Level 'Security' should be described in detail

[joegoerlich]

Issue description

The documentattion says audit level security writes 'audit entries, whenever an administrator changes one of the critical configuration settings, such as exposed back-end systems, allowed resources, and so on.'
It misses a description which ones are exactly classified as critical configuration settings.

Feedback Type (Optional)

clarity

Page Title on SAP Help Portal (prefilled)

Manage Audit Logs

Page URL on SAP Help Portal (prefilled)

https://help.sap.com/docs/connectivity/sap-btp-connectivity-cf/manage-audit-logs?locale=en-US

[Frank1Mueller]

Hi Joe,

thanks again for your feedback :)

We'll look into it as soon as possible and get back to you.

Best regards

Frank

[Frank1Mueller]

Hi Joe,

thanks again for your valuable feedback.

We added the following note to the documentation:

"Find the full list of configuration activities that are considered critical in the list below, which shows the corresponding categories of audit log entries."

Best regards

Frank

[joegoerlich]

Hello @Frank1Mueller

are all categories from the bullet point list considered to be the critical ones? I cannot find any limitations within those 38.

BR,
Joe

[Frank1Mueller]

Hi Joe,

yes, they are all considered critical, because they have a potential impact on security and/or performance.

Best regards
Frank

[joegoerlich]

So, while the Audit Log Level 'Security' enables logging for the events which are assigned to one of the listed categories and blocked requests, the Audit Log Level 'All' enables logging for all events—including the events which are not assigned to one of the listed categories. Is my understanding correct?

Thanks
Joe

[Frank1Mueller]

Yes, that's correct.