03-05-2018 08:30 AM
1. I have a code which saves logs everyday with dates to a specified folder. I need to encrypt my logs
2. Also please advise on how to apply password to the multiple output files that I am generating.
3. Is it possible to write a code that deletes the logs for some specified period automatically?
03-05-2018 08:41 AM
1) and 2) simply depend on the decision which external encryption tool you will use. SAS itself can only encrypt passwords or SAS data (datasets, catalogs).
3) yes, how you do it depends on the naming structure of the log files.
03-05-2018 08:43 AM
1. If encryption for data at rest in the logs is all that is required then a simple disk encyption setup requiring a passphrase to boot the system should be sufficient. Let us know what specific threats you are attempting to protect the data from and we might have better advice.
2. What are the output files you are creating? If they are SAS datasets see SAS Data File Encryption section of the SAS® 9.4 Language Reference manual.
3. A simple find(1) one-liner on UNIX should take care of this.
# Find all files older than 7 days in /data/sas/mylogs with a .log extension and delete them.
find /data/sas/mylogs-type f -mtime +7 -name '*.log' -delete
03-05-2018 10:03 AM
1) to what end? A log is there to help the user understand what has happened/gone wrong. Why turn off the traffic lights at a major junction?
2) depends on file type. Encrypted seems a bit over the top. Are you sending file to a given person/entity - then use SFTP, or web portal let that handle the encryption/security. You could password protect Excel files or PDF's, but that is pretty lame these days and how many files have been lost due to passwords being lost over time.
3) yes, most o/s's have system functions or scheduled batch files which can run periodically and do tasks. Check with your IT, they likely have something already in place.
03-06-2018 12:59 AM
1. My logs will be saved as example : SriLanka_06032018 (todays date) every day. I was requested to auto encrypt them as these are placed in sharepoint.
2. My output files are in xlsx and I need to set a password for them as they are again posted to share point.
3. I can only try to delete the logs from sas as we do not run these on servers no UNIX or LINUX platforms.
03-06-2018 01:52 AM
So you need to encrypt your logs because you put them in an unsafe place? Wouldn't it be a really brilliant idea to not put them there in the first place, or put them in a place where access is restricted to the right people? Even the Microcrap should be able to handle that.
You will need to use an external tool to encrypt/password protect external (text) files. XCMD has to be enabled. SAS can't automatically encrypt log files while they are written.
Next I'd change the naming convention for log files so that the dates are written ISO-style (YYYY-MM-DD). That makes handling them with wildcards that much easier.
To create a dataset with filenames for a given month, see this example:
%let year=2018; %let month=3; data mylogfiles (keep=logfilename); length logfilename $50; do logdate = mdy(&month,1,&year) to intnx('month',mdy(&month,1,&year),0,'e'); logfilename = 'SriLanka_' !! put(logdate,ddmmyyn8.); output; end; run;
This dataset can be used to run external commands with call system(), or call a macro (that uses filename pipe for the external commands) with call execute(). The same dataset can also be used to use the SAS file functions (eg fdelete()).
03-06-2018 04:07 AM
1) Sharepoint should be access controlled, it should be linked to ActiveDirectory. Plus you can put restrictions and such like in the build of the SP for this. However it still does not make any sense to me to hide something which is only there to help people, if its not to be viewed and used, don't put it on there?
2) Excel files are a really poor format. Password protecting is a bit ridiculous to be honest. Again as above, Sharepoint is access controlled and provides functionality, so why do you need to do this anyway, all you are doing is creating files which one day you will not be able to open.
3) Whatever you operating system or setup you are using will have an OS, be it linux or windows or something else. These all have functions to delete files e.g
x 'del "c:\temp\*.log"';