{"id":1656,"date":"2024-09-01T13:23:46","date_gmt":"2024-09-01T07:53:46","guid":{"rendered":"https:\/\/adilfahim.com\/myblog\/?p=1656"},"modified":"2024-09-01T13:23:46","modified_gmt":"2024-09-01T07:53:46","slug":"sap-hana-sql","status":"publish","type":"post","link":"https:\/\/adilfahim.com\/myblog\/sap-hana-sql\/","title":{"rendered":"SAP HANA SQL Commands for Auditing\/SOX"},"content":{"rendered":"

By using SAP HANA SQL Commands, we can perform following job<\/h2>\n

Finding index and primary keys of tables<\/b><\/p>\n

SELECT IFNULL(CONSTRAINT,’NUNIQUE’),
\nINDEX_NAME,COLUMN_NAME
\nFROM INDEX_COLUMNS WHERE SCHEMA_NAME = ‘%s’
\nAND TABLE_NAME = ‘%s’
\nORDER BY INDEX_OID,POSITION<\/p>\n

Show details of users that have been logged-in<\/b><\/p>\n

select * from “SYS”.”USERS” where “LAST_SUCCESSFUL_CONNECT” is not null order by 9 desc;<\/p>\n

To get all Libraries<\/b><\/p>\n

select to_char(definition) from public.libraries where schema_name=’EXT’;<\/p>\n

Check invalid custom DB views<\/b><\/p>\n

select * from “SYS”.”VIEWS” where schema_name not like ‘SAP%’ and is_valid = ‘FALSE’;<\/p>\n

Check inactive custom DB objects<\/b><\/p>\n

select * from “_SYS_REPO”.”INACTIVE_OBJECT” where “PACKAGE_ID” not like ‘sap%’;<\/p>\n

Check which SAP language settings are being used by current user<\/b><\/p>\n

select session_context(‘LOCALE_SAP’), session_context(‘LOCALE’) from dummy;<\/p>\n

Search executed SAP HANA SQL statements –<\/h2>\n

To find out who deleted a table<\/b><\/p>\n

select * from “SYS”.”M_EXECUTED_STATEMENTS” where “STATEMENT_STRING” LIKE ‘DROP TABLE%’;<\/p>\n

Show custom settings within global.ini and indexserver.ini<\/b><\/p>\n

select * from “SYS”.”M_INIFILE_CONTENTS” where (“LAYER_NAME” = ‘SYSTEM’ or “HOST” <> “)
\nand (“FILE_NAME” = ‘global.ini’ or “FILE_NAME” = ‘indexserver.ini’);<\/p>\n

Show assigned user roles<\/b><\/p>\n

select * from “SYS”.”GRANTED_ROLES” where “GRANTEE_TYPE” = ‘USER’;<\/p>\n

Show assigned repository privileges<\/b><\/p>\n

select * from “SYS”.”GRANTED_PRIVILEGES” where object_type = ‘REPO’;<\/p>\n

Show objects owned by non-system users<\/b><\/p>\n

select * from “SYS”.”OWNERSHIP” where owner_name not like ‘SAP%’ and owner_name not like ‘%SYS%’
\norder by 1,2;<\/p>\n

Show Corresponding Tables referring to which Schema<\/b><\/p>\n

SELECT BASE_SCHEMA_NAME, BASE_OBJECT_NAME,DEPENDENT_SCHEMA_NAME,
\nDEPENDENT_OBJECT_NAME,DEPENDENT_OBJECT_TYPE
\nFROM “SYS”.”OBJECT_DEPENDENCIES”
\nWHERE BASE_SCHEMA_NAME = ‘TCMP’ \/* <== Schema Name *\/\nAND BASE_OBJECT_NAME = 'CS_SALESORDER' \/* <== Table Name *\/\n\nAnalyze expensive statement trace<\/b><\/p>\n

select
\nto_varchar(“STATEMENT_START_TIME”,’DD.MM.YYYY’) “EXEC_DATE”,
\nto_varchar(“STATEMENT_START_TIME”,’HH24:MI:SS’) “EXEC_TIME”,
\nto_int(“DURATION_MICROSEC”\/1000000) “DURATION_S”,
\nto_decimal(“MEMORY_SIZE”\/1073741824,10,1) “MEM_GB”,
\n“RECORDS”,
\n“DB_USER”,
\n“APP_USER”,
\n“APPLICATION_NAME”,
\n“STATEMENT_STRING”,
\nlength(“STATEMENT_STRING”) “SQL_LENGTH”,
\nOCCURRENCES_REGEXPR(‘JOIN’ FLAG ‘i’ IN “STATEMENT_STRING”) “JOIN”,
\nOCCURRENCES_REGEXPR(‘CASE’ FLAG ‘i’ IN “STATEMENT_STRING”) “DISTINCT”,
\n“ERROR_TEXT”,
\n“PARAMETERS”
\nfrom “SYS”.”M_EXPENSIVE_STATEMENTS”
\nwhere “OPERATION” in
\n(‘INSERT’,’SELECT’,’AGGREGATED_EXECUTION’) \u2013exclude background activity
\nand “RECORDS” > 0
\nand to_varchar(“STATEMENT_START_TIME”, ‘YYYYMMDD’) = current_date
\nand to_int(to_varchar(“STATEMENT_START_TIME”,’HH24\u2032))
\nbetween 8 and 17 \u2013business hours
\norder by 3 desc;<\/p>\n

Benefits of HANA Auditing<\/a><\/p>\n

Most Common Functions used in Implementation<\/b><\/p>\n

SELECT SESSION_USER “session user” FROM DUMMY;<\/p>\n

SELECT TO_DATE(‘2010-01-12’, ‘YYYY-MM-DD’) “to date” FROM DUMMY;<\/p>\n

SELECT TRIM (‘a’ FROM ‘aaa123456789aa’) “trim both” FROM DUMMY;<\/p>\n

SELECT CURRENT_DATE “current date” FROM DUMMY;<\/p>\n

SELECT
\nDAYS_BETWEEN (TO_DATE (‘2009-12-05’, ‘YYYY-MM-DD’),
\nTO_DATE(‘2010-01-05’, ‘YYYY-MM-DD’)) “days between”
\nFROM DUMMY;<\/p>\n

SELECT UPPER (‘Ant’) “uppercase” FROM DUMMY;<\/p>\n

SELECT CONCAT (‘C’, ‘at’) “concat” FROM DUMMY;<\/p>\n

SELECT FLOOR (14.5) “floor” FROM DUMMY;<\/p>\n

SELECT TO_DECIMAL(7654321.888888, 10, 3) “to decimal” FROM DUMMY;<\/p>\n

SELECT REPLACE (‘DOWNGRADE DOWNWARD’,’DOWN’, ‘UP’) “replace” FROM DUMMY;<\/p>\n

SELECT RTRIM (‘endabAabbabab’,’ab’) “rtrim” FROM DUMMY;<\/p>\n

SELECT RIGHT(‘HI0123456789’, 20) “right” FROM DUMMY;<\/p>\n

SELECT WEEK (‘2017-01-02’) FROM DUMMY;<\/p>\n

SELECT LENGTH (‘length in char’) “length” FROM DUMMY;<\/p>\n

SELECT SUBSTRING (‘1234567890’,4,2) “substring” FROM DUMMY;<\/p>\n

SELECT WEEKDAY (TO_DATE (‘2010-12-31’, ‘YYYY-MM-DD’)) “week day” FROM DUMMY;<\/p>\n

SELECT TO_VARCHAR (TO_DATE(‘2009-12-31’), ‘YYYY\/MM\/DD’) “to varchar” FROM DUMMY;<\/p>\n

SELECT
\nYEARS_BETWEEN(TO_DATE(‘2001-01-01’),
\nTO_DATE(‘2003-03-14’)) “years_between”
\nFROM DUMMY;<\/p>\n

SELECT YEAR (TO_DATE (‘2011-05-30’, ‘YYYY-MM-DD’)) “year” FROM DUMMY;<\/p>\n

SELECT MONTH (‘2011-05-30’) “month” FROM DUMMY;<\/p>\n

SELECT NOW () “now” FROM DUMMY;<\/p>\n

SELECT LAST_DAY (TO_DATE(‘2010-01-04’, ‘YYYY-MM-DD’)) “last day” FROM DUMMY;<\/p>\n

SELECT DAYOFYEAR (‘2021-05-30’) “dayofyear” FROM DUMMY;<\/p>\n

SAP HANA SQL Commands for SOX\/AUDIT Requirements<\/h2>\n

(Make sure auditing is enabled)<\/p>\n

select * from audit_log where user_name=’USER’ and client_host LIKE ‘HOST%’ and (timestamp)>’2022-07-31 00:00:00′ order by 1;<\/p>\n

select * from “SYS”.”M_CONNECTIONS” where client_host NOT LIKE ‘HOST%’ and USER_NAME LIKE ‘USER%’ and AUTHENTICATION_METHOD NOT LIKE ‘INTERNAL’;<\/p>\n

select * from all_audit_log where user_name=’USER’ and EVENT_ACTION NOT LIKE ‘CONN%” and (timestamp)’2022-03-29 07:00:00′ order by 1;<\/p>\n

select * from “PUBLIC”.”EFFECTIVE_ROLES” where USER_NAME=’USER’;<\/p>\n

select * from audit_log where AUDIT_POLICY_NAME=’Grant’;<\/p>\n

select * from audit_log where AUDIT_POLICY_NAME=’USER’ and EVENT_ACTION like ‘DROP%’ and GRANTEE=’USER’;<\/p>\n

Read here Auditing in SAP HANA Cloud<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

By using SAP HANA SQL Commands, we can perform following job Finding index and primary keys of tables SELECT IFNULL(CONSTRAINT,’NUNIQUE’), INDEX_NAME,COLUMN_NAME FROM INDEX_COLUMNS WHERE SCHEMA_NAME = ‘%s’ AND TABLE_NAME = ‘%s’ ORDER BY INDEX_OID,POSITION Show details of users that have been logged-in select * from “SYS”.”USERS” where “LAST_SUCCESSFUL_CONNECT” is not null order by 9 desc; […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[8],"tags":[1137,1140,1138,1139],"class_list":["post-1656","post","type-post","status-publish","format-standard","hentry","category-sap-updates","tag-sap-hana-auditing","tag-sap-hana-security","tag-sap-hana-sox","tag-sap-hana-sql-commands"],"_links":{"self":[{"href":"https:\/\/adilfahim.com\/myblog\/wp-json\/wp\/v2\/posts\/1656","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/adilfahim.com\/myblog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/adilfahim.com\/myblog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/adilfahim.com\/myblog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/adilfahim.com\/myblog\/wp-json\/wp\/v2\/comments?post=1656"}],"version-history":[{"count":1,"href":"https:\/\/adilfahim.com\/myblog\/wp-json\/wp\/v2\/posts\/1656\/revisions"}],"predecessor-version":[{"id":1657,"href":"https:\/\/adilfahim.com\/myblog\/wp-json\/wp\/v2\/posts\/1656\/revisions\/1657"}],"wp:attachment":[{"href":"https:\/\/adilfahim.com\/myblog\/wp-json\/wp\/v2\/media?parent=1656"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/adilfahim.com\/myblog\/wp-json\/wp\/v2\/categories?post=1656"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/adilfahim.com\/myblog\/wp-json\/wp\/v2\/tags?post=1656"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}