Log level and authority for error log

Start a new search

Message type: E = Error

Message class: /IWBEP/COS_SUTIL - SAP Gateway Support Utilities

Message number: 001

Message text: Log level and authority for error log



What causes this issue?

The system issues an error message and will not allow you to continue with this transaction until the error is resolved.



System Response



How to fix this error?

Available Levels
Due to SAP security standards there are two levels available for the
error log.
<ZH>Secure Level</>
This is the default level. This level is necessary to do a first problem
analysis and has the following properties:
Error returned by provider application will not be logged at all.
In case of technical problems one or more error log entries might be
written but they do not contain any information about service name, HTTP
request or response payload.
<ZH>Full Level</>
No limitation. This level is necessary to analyze the application error
or to do further analysis of technical problems if information about the
currently used service request is needed.
Authorization Object
The authorization object S_ADMI_FCD with parameter PADM is needed to
configure the log level and display sensitive details of error log
entries.
How to Configure the Error Log Level
Run transaction <DS:TRAN./IWBEP/ERROR_LOG>/iwbep/error_log</>.
Choose <LS>Error Log-> Global Configuration</>.
A pop-up will appear for changing the log level
This setting is effective for all users of the current SAP client and is
valid until the next change.
Even if secure level is configured for the current client, you can
change the log level for a specific user to do further error analysis as
follows:
Run transaction <DS:TRAN./IWBEP/TRACES>/iwbep/traces</>.
Choose <ls>Add user</>.
Enter the user name.
Change the log level from secure to full.
This user setting is valid for 2 hours.
If the log level for the current client is already set to full, any
level change for a specific user does not make sense and will not be
supported.
Display Error Log Entries
If a log entry was written with secure level, sensitive data will be
shown as <ex>***Hide_due_to_secure_log_level***</>.
If a log entry was written with full level but authorization object
S_ADMI_FCD with parameter PADM is not assigned to the current user,
sensitive data will be shown as <ex>***No_authority_to_see_detail***</>.
Replay Functionality
Replay a service request requires the whole request payload. A replay is
therefore only available for log entries written with log level full.
Moreover, authorization object S_ADMI_FCD with parameter PADM must be
assigned to the current user to replay a service request from within the
error log.


Procedure for System Administrators


Error message extract from SAP system. Copyright SAP SE.


Related Error Messages

/IWBEP/CM_V4_ST022 Template name generation failed for complex type

/IWBEP/CM_V4_ST021 EDM access to structured type '&1' failed

/IWBEP/COS_SUTIL002 Unspecified error occurred. See Error Context and Call Stack for details.

/IWBEP/COS_SUTIL003 Parallelization Information in Performance Trace