Merge pull request #179848 from batamig/sap-updates

sap experimental logs

Author: PMEds28

articles/sentinel/sap-solution-log-reference.md

@@ -12,18 +12,15 @@ ms.date: 11/09/2021
 
 [!INCLUDE [Banner for top of topics](./includes/banner.md)]
 
-This article describes the SAP logs available from the Microsoft Sentinel SAP data connector, including the table names in Microsoft Sentinel, the log purposes, and detailed log schemas. Schema field descriptions are based on the field descriptions in the relevant [SAP documentation](https://help.sap.com/).
-
-This article is intended for advanced SAP users.
-
-> [!NOTE]
-> When using the XBP 3.0 interface, the Microsoft Sentinel SAP solution uses *Not Released* services. These services do not affect backend system or connector behavior.
->
-> To "release" these services, implement the [SAP Note 2910263 - Unreleased XBP functions](https://launchpad.support.sap.com/#/notes/2910263).
-
 > [!IMPORTANT]
 > The Microsoft Sentinel SAP solution is currently in PREVIEW. The [Azure Preview Supplemental Terms](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) include additional legal terms that apply to Azure features that are in beta, preview, or otherwise not yet released into general availability.
 >
+> Some logs, noted below, are not sent to Microsoft Sentinel by default, but you can manually add them as needed. For more information, see [Define the SAP logs that are sent to Microsoft Sentinel](sap-solution-deploy-alternate.md#define-the-sap-logs-that-are-sent-to-microsoft-sentinel).
+>
+
+This article describes the SAP logs available from the Microsoft Sentinel SAP data connector, including the table names in Microsoft Sentinel, the log purposes, and detailed log schemas. Schema field descriptions are based on the field descriptions in the relevant [SAP documentation](https://help.sap.com/).
+
+This article is intended for advanced SAP users.
 
 ## ABAP Application log
 
@@ -35,7 +32,6 @@ This article is intended for advanced SAP users.
 
     Available by using RFC with a custom service based on standard services of XBP interface. This log is generated per client.
 
-
 ### ABAPAppLog_CL log schema
 
 | Field                 | Description                    |
@@ -159,6 +155,8 @@ This article is intended for advanced SAP users.
 
 ## ABAP DB table data log
 
+To have this log sent to Microsoft Sentinel, you must [add it manually to the **systemconfig.ini** file](sap-solution-deploy-alternate.md#define-the-sap-logs-that-are-sent-to-microsoft-sentinel).
+
 - **Name in Microsoft Sentinel**: `ABAPTableDataLog_CL`
 
 - **Related SAP documentation**: [SAP Help Portal](https://help.sap.com/viewer/56bf1265a92e4b4d9a72448c579887af/7.5.7/en-US/c769bcd2f36611d3a6510000e835363f.html)
@@ -191,6 +189,9 @@ This article is intended for advanced SAP users.
 
 ## ABAP Gateway log
 
+To have this log sent to Microsoft Sentinel, you must [add it manually to the **systemconfig.ini** file](sap-solution-deploy-alternate.md#define-the-sap-logs-that-are-sent-to-microsoft-sentinel).
+
+
 - **Name in Microsoft Sentinel**: `ABAPOS_GW_CL`
 
 - **Related SAP documentation**: [SAP Help Portal](https://help.sap.com/viewer/62b4de4187cb43668d15dac48fc00732/7.5.7/en-US/48b2a710ca1c3079e10000000a42189b.html)
@@ -211,6 +212,9 @@ This article is intended for advanced SAP users.
 
 ## ABAP ICM log
 
+To have this log sent to Microsoft Sentinel, you must [add it manually to the **systemconfig.ini** file](sap-solution-deploy-alternate.md#define-the-sap-logs-that-are-sent-to-microsoft-sentinel).
+
+
 - **Name in Microsoft Sentinel**: `ABAPOS_ICM_CL`
 
 - **Related SAP documentation**: [SAP Help Portal](https://help.sap.com/viewer/683d6a1797a34730a6e005d1e8de6f22/7.52.4/en-US/a10ec40d01e740b58d0a5231736c434e.html)
@@ -437,6 +441,9 @@ This article is intended for advanced SAP users.
 
 ## ABAP SysLog
 
+To have this log sent to Microsoft Sentinel, you must [add it manually to the **systemconfig.ini** file](sap-solution-deploy-alternate.md#define-the-sap-logs-that-are-sent-to-microsoft-sentinel).
+
+
 - **Name in Microsoft Sentinel**: `ABAPOS_Syslog_CL`
 
 - **Related SAP documentation**: [SAP Help Portal](https://help.sap.com/viewer/56bf1265a92e4b4d9a72448c579887af/7.5.7/en-US/c769bcbaf36611d3a6510000e835363f.html)
@@ -521,6 +528,9 @@ This article is intended for advanced SAP users.
 
 ## ABAP WorkProcess log
 
+To have this log sent to Microsoft Sentinel, you must [add it manually to the **systemconfig.ini** file](sap-solution-deploy-alternate.md#define-the-sap-logs-that-are-sent-to-microsoft-sentinel).
+
+
 - **Name in Microsoft Sentinel**: `ABAPOS_WP_CL`
 
 - **Related SAP documentation**: [SAP Help Portal](https://help.sap.com/viewer/d0739d980ecf42ae9f3b4c19e21a4b6e/7.3.15/en-US/46fb763b6d4c5515e10000000a1553f6.html)
@@ -546,6 +556,9 @@ This article is intended for advanced SAP users.
 
 ## HANA DB Audit Trail
 
+To have this log sent to Microsoft Sentinel, you must [add it manually to the **systemconfig.ini** file](sap-solution-deploy-alternate.md#define-the-sap-logs-that-are-sent-to-microsoft-sentinel).
+
+
 - **Name in Microsoft Sentinel**: `Syslog`
 
 - **Related SAP documentation**: [General](https://help.sap.com/viewer/6b94445c94ae495c83a19646e7c3fd56/2.0.03/en-US/48fd6586304c4f859bf92d64d0cd8b08.html) |  [Audit Trail](https://help.sap.com/viewer/b3ee5778bc2e4a089d3299b82ec762a7/2.0.03/en-US/0a57444d217649bf94a19c0b68b470cc.html)
@@ -570,6 +583,9 @@ This article is intended for advanced SAP users.
 
 ## JAVA files
 
+To have this log sent to Microsoft Sentinel, you must [add it manually to the **systemconfig.ini** file](sap-solution-deploy-alternate.md#define-the-sap-logs-that-are-sent-to-microsoft-sentinel).
+
+
 - **Name in Microsoft Sentinel**: `JavaFilesLogsCL`
 
 - **Related SAP documentation**: [General](https://help.sap.com/viewer/2f8b1599655d4544a3d9c6d1a9b6546b/7.5.9/en-US/485059dfe31672d4e10000000a42189c.html) | [Java Security Audit Log](https://help.sap.com/viewer/1531c8a1792f45ab95a4c49ba16dc50b/7.5.9/en-US/4b6013583840584ae10000000a42189c.html)