The iT-CUBE agileSI DSM for JSA can accept security-based and audit SAP events from agileSI installations that are integrated with your SAP system.
JSA uses the event data that is defined as security risks in your SAP environment to generate offenses and correlate event data for your security team. SAP security events are written in Log Event Extended Format (LEEF) to a log file produced by agileSI. JSA retrieves the new events by using the SMB Tail protocol. To retrieve events from agileSI, you must create a log source by using the SMB Tail protocol and provide JSA credentials to log in and poll the LEEF formatted agileSI event file. JSA is updated with new events each time the SMB Tail protocol polls the event file for new SAP events.