BookmarkSubscribeRSS Feed
🔒 This topic is solved and locked. Need further help from the community? Please sign in and ask a new question.
Reddy_GS
Calcite | Level 5

Hi team,

i would like to know how to monitor SAS metadata user activity on Unix and in sas management console.

my requirement is.

1. How many users are currently connected to metadata server through unix

2. How many users are connected for last one week. Date wise user login activities.

Appreciate for your valuable time

1 ACCEPTED SOLUTION

Accepted Solutions
JuanS_OCS
Amethyst | Level 16

Hi,

maybe this can help you:

on my "SAS" beginnings, I had same requirement and I always parsed the log files into a SAS dataset and then I manipulated them to be able to create reports from that information. Big task, but useful. So I think that option is still pretty valid!

Nowadays, you have more options to get the information you need.

- From SAS 9.3 and if you are the SAS admin, with the SAS MC you can just "Connect" to your "SASMeta - Metadata Server" and see that information from the Clients tab. Very useful and easy.

- You had also the APM and ACM solutions, some Stored Processes that can give you some good reports about your environment and the use of the environment, if you have the correct licenses.

- Now, from SAS 9.4 you have the SAS Environment Manager, a cool tool for monitoring and control your environment, that can also parse logs by itself if you configure everything correct... and since the second maintenance of SAS 9.4 was released, TS1M2, you have also available APM and ACM too! Only be aware that even if the code is included in your Integration Technologies license, some code of APM and ACM still will require some extra licenses.

View solution in original post

12 REPLIES 12
jakarman
Barite | Level 11

same as https://communities.sas.com/message/235733#235733 (APM environment manager only for SAS)

SAS cannot overrule an exeternal RDBMS like Oracle or overrule the OS system Unix.

I know some sales stories are giving that impression but those stories are a technical hoax.

You need to cooperate understanding the ICT http://blogs.sas.com/content/corneroffice/2014/06/25/4-tips-for-modern-cios/

By the way the SMC is an interface to ACCESS the SAS metadatabase therer are many more options (interfaces) to update that metadatabase aside of the SMC.

A good overview what is happening and what is stored where is needed before you want to set controls on them.

---->-- ja karman --<-----
ronan
Lapis Lazuli | Level 10

1. On Unix command line, you can code a SAS script printing its output to the terminal which uses Proc IOMOPERATE (beginning in SAS 9.3) like this :


/* assign terminal fileref*/

filename term terminal;

/* re-direct log */

proc printto log=term;

/* list active user names, IP adress + session opening time */

proc iomoperate;

/* connection parameters*/

connect host='metadata host'

port=8561

user="account"

password="password"

               ;

/* listing commands*/

       list clients;

   quit;

Cf. IOMOPERATE :: SAS(R) 9.4 Intelligence Platform: Application Server Administration Guide

2. You can also put up a specific logger interfaced with a 3rd party system monitoring tool (eg IBM Tivoli) using Log4SAS API :

Using Third-Party Products to Monitor SAS Servers :: SAS(R) 9.4 Intelligence Platform: System Admini...

3. As regards the SMC metadata monitoring features, go to Server Manager :

SASMeta / SASMeta Logical Metadata Server / SASMeta - Metadata Server - Right click : Connect  then  Clients Tab

4. to carry out your audit periodic reporting, it depends on your SAS version : 9.4 allow you to enable audit storing the connection events in  a persistence database called "SAS Web Infrastructure Platform database"

Configuring Auditing for SAS Web Applications :: SAS(R) 9.4 Intelligence Platform: Middle-Tier Admin...

SAS provides a toolbox called APM (starting in 9.2) standing for Audit, Performance and Measurement which should give you what you need (never tested)

SAS 9.4 Audit, Performance and Measurement package

This APM toolbox is now fully integrated with the SAS MidTier Administration client SAS Web Environment Manager :

http://blogs.sas.com/content/sgf/2014/10/22/sas-environment-manager-new-options-for-monitoring-your-...

Check it out !

Ronan

PS: Auditing or Monitoring capabilities generally require account with Unrestricted privileges

Kurt_Bremser
Super User

You can read the MetadataServer log; it contains records like "New client connection accepted from server port 8561 for user userid." If you filter for those you even get the timestamps for each access.

Reddy_GS
Calcite | Level 5

Hi ,

this question was not regarding connectiong to RDBMS its all about user logon details.

my question is: I have 200 users out of I would like to know how many user currently login to metadata server i.e. currently active users and how do I find users login activity for last week or date wise login details

SASKiwi
PROC Star

If you are lucky enough to be on SAS 9.4 Environment Manager may provide most of what you want with with little effort, assuming that SAS logging and EMgr was set up during your install.

If you are using 9.3 or earlier you will have no choice but to build your own solution using the SAS 9.x APM package or Proc IOMOPERATE as suggested by Ronan.

Kurt_Bremser
Super User

I was not talking about any RDBMS, either. You get all accesses logged in the metadata server log.

You can read the log like this:

filename oscmd pipe "cat logfilename|grep 'accepted from server port' ";

data metadata (keep=userid timestamp);

infile oscmd truncover;

input

  timestampx $23.

  @25 logline $200.

;

length userid $20;

format timestamp datetime23.3;

timestamp = input(substr(timestampx,1,10),yymmdd10.)*86400 + input(substr(timestampx,12,8),time8.) + input(substr(timestampx,21),3.)/1000;

userid = scan(scan(logline,2,':'),1);

run;

Set logfilename to where your metadataserver log is stored.

If you also scan (with the grep) for the lines containing "closed" messages, you can then infer which connections are currently active.

JuanS_OCS
Amethyst | Level 16

Hi,

maybe this can help you:

on my "SAS" beginnings, I had same requirement and I always parsed the log files into a SAS dataset and then I manipulated them to be able to create reports from that information. Big task, but useful. So I think that option is still pretty valid!

Nowadays, you have more options to get the information you need.

- From SAS 9.3 and if you are the SAS admin, with the SAS MC you can just "Connect" to your "SASMeta - Metadata Server" and see that information from the Clients tab. Very useful and easy.

- You had also the APM and ACM solutions, some Stored Processes that can give you some good reports about your environment and the use of the environment, if you have the correct licenses.

- Now, from SAS 9.4 you have the SAS Environment Manager, a cool tool for monitoring and control your environment, that can also parse logs by itself if you configure everything correct... and since the second maintenance of SAS 9.4 was released, TS1M2, you have also available APM and ACM too! Only be aware that even if the code is included in your Integration Technologies license, some code of APM and ACM still will require some extra licenses.

BStone
Obsidian | Level 7

Agree with JuanS@OCS's answer.

APM and environment manager is the way to go if you want to do monitoring and auditing. APM is flexible as you write your own programs and reports which are specific to your oganization's needs.

Though it's useful to create your own programs by read logs and doing reporting on it, make sure it's documented and watch out for performance issues.

jakarman
Barite | Level 11

Bstone, I like the list of all the activities you made at https://communities.sas.com/message/236354#236354

I am also advicing APM (9.3) and the eventmanager (9.4)  for logging and monitoring, as Juan's post. It is better than a application developer building-reinventing the wheel- it on his own.

But....

I posted the link to Keith Collins CIO at SAS for a reason.

The list you posted is having common requirements as of business policies, often set by regulations. I found a nice link: ISO/IEC 27002 code of practice

To be cited:

Section 12:  Operations management

12.1  Operational procedures and responsibilities
IT operating responsibilities and procedures should be documented. Changes to IT facilities and systems should be controlled. Capacity and performance should be managed.  Development, test and operational systems should be separated.

12.2  Protection from malware
Malware controls are required, including user awareness.

12.3  Backup
Appropriate backups should be taken and retained in accordance with a backup policy.

12.4  Logging and monitoring
System user and administrator/operator activities, exceptions, faults and information security events should be logged and protected.  Clocks should be synchronized.

12.5  Control of operational software
Software installation on operational systems should be controlled.

12.6  Technical vulnerability management
Technical vulnerabilities should be patched, and there should be rules in place governing software installation by users.

12.7  Information systems audit considerations
IT audits should be planned and controlled to minimize adverse effects on production systems, or inappropriate data access.

It is more detailed than your list, the full document is even more specific. The bad is: SAS institute is seeming not to be aware of this and is ignoring or not understanding or ?? the impact of this.

They are doing enhancements on idea-s and some requests, but I you want to follow this kind of guidelines SAS is an obstruction to those. This also applies for the logging and monitoring.  

---->-- ja karman --<-----
JuanS_OCS
Amethyst | Level 16

Jaap, this last comment of yours is an interesting one (to me, at least!), and from other comments of yours in other topics,

As I am interested on that topic from the technical/functional architecture point of view, and probable other collegas too, maybe it would be a good idea to open a separate topic for it and discuss the ICT best practices/ISO/etc that are currently suitable in SAS.

jakarman
Barite | Level 11

Juan, at your service https://communities.sas.com/thread/62744

---->-- ja karman --<-----
Reddy_GS
Calcite | Level 5

Thank you very much. Appreaicate for your valuable time

suga badge.PNGThe SAS Users Group for Administrators (SUGA) is open to all SAS administrators and architects who install, update, manage or maintain a SAS deployment. 

Join SUGA 

CLI in SAS Viya

Learn how to install the SAS Viya CLI and a few commands you may find useful in this video by SAS’ Darrell Barton.

Find more tutorials on the SAS Users YouTube channel.

Discussion stats
  • 12 replies
  • 10397 views
  • 10 likes
  • 7 in conversation