Solutions:
A) Turn on the audit log every time the SAP started
1) Execute tcode: SM19 -> Click Edit -> Click save to enable the audit log
2) Test the SM20 to determine activities been capture
B) Set the profile parameter: rsau/enable = 1
1) Execute tcode: SM19 - > Click Environment -> Click Profile Parameter -> Check the value of "rsau/enable" parameter whether been set to 1 (0 = audit is not activated, 1 = audit is activated)
3) Test the SM20 after SAP service restart to determine activities been capture
References: SAP security log