Skip to main content
Skip table of contents


Data Description

The SM04 event is used in SAP to view users logged in.

Potential Use Cases

This event could be used in the following scenarios:

  • Identify potential security threats from user log-in events.

  • Trend user log-ins over time.

Splunk Event

The event will look like this in Splunk:

SAP Navigation

Log into the managed system and execute the SM04 transaction code. The data that is displayed will match the data that is extracted and sent to Splunk.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.