List users who opened my dataset

Reply
Contributor
Posts: 39

List users who opened my dataset

Hi,

I need to generate list of users who are all using my datasets, Iam using SAS EG 4.3 installed under UNIX OS.

if any body opened dataset created by me, i need to include the user. I came to know using audit, we could do this.

But i dont want to create audit on all my datasets, Is there any way to generate list of users who opened my dataset.

Please assist me in this.

Thank you.

Super User
Posts: 7,866

Re: List users who opened my dataset

With AIX, auditing can be done on a per-file basis. Which UNIX do you work on?

---------------------------------------------------------------------------------------------
Maxims of Maximally Efficient SAS Programmers
Contributor
Posts: 39

Re: List users who opened my dataset

Posted in reply to KurtBremser

Thank you Kurt,

Which Unix? i didn't get you.

I believe auditing per-file basis may be difficult to create, your comment please?

is there any function, onopen(), where we do have in other programming languages.

PROC Star
Posts: 1,325

Re: List users who opened my dataset

THink you might have to define what you mean by "open".  Do you mean read?

All of the following could read a SAS data set file:

  a user uses EG and double-clicks a dataset defined in the metadata to view records, that could be opening.

  a programmer runs a reporting procedure (PROC PRINT) on a dataset

  a user runs a web report

  a programmer runs a data step

Are you in a BI server world with data sources defined in metadata? 

It's possible you could turn on some sort of enhanced logging, e.g. http://support.sas.com/rnd/emi/APM_main/index.html

Contributor
Posts: 39

Re: List users who opened my dataset

in all Above cases User id should be tracked.

For your question Are you in BI server world with data sources defined in metadata?

Yes, all data sources defined in Metadata.    

PROC Star
Posts: 1,325

Re: List users who opened my dataset

Since all data sources are defined in metadata (and all clients will be accessing them through metadata, I assume?) then I would definitely check out the APM link (and related user group papers).

Looks like the usage reports are pretty nifty, can report on usage of data steps, procedures, cubes, stored processes, etc etc.

Haven't played with it myself.

Of course if there are OS options as well, they are certainly worth pursuing.

Super User
Posts: 7,866

Re: List users who opened my dataset

You said "I am using SAS EG 4.3 installed under UNIX OS". Since EG is a windows-only program, you most probably meant that SAS itself is installed on a UNIX server. I was referring to the brand of UNIX on the server (Linux, HP-UX, AIX, Solaris).

I only have sysadmin experience with AIX (IBM's UNIX), where auditing of events on a per-object (file) basis is possible.

---------------------------------------------------------------------------------------------
Maxims of Maximally Efficient SAS Programmers
Contributor
Posts: 39

Re: List users who opened my dataset

Posted in reply to KurtBremser

@

Super User
Posts: 7,866

Re: List users who opened my dataset

Since I'm not familiar with auditing in Linux, I suggest you contact your sysadmin to set this up.

AFAIK, there is no way in SAS to record read accesses to SAS data sets.

---------------------------------------------------------------------------------------------
Maxims of Maximally Efficient SAS Programmers
Trusted Advisor
Posts: 3,215

Re: List users who opened my dataset

As the is an auditing question on files you should ask yourself or being asked

-1 What ways are there to access sensitive data?

    SAS (Eguide AMO Web SAS-code),  SFTP Putty TSM LSF

-2 What are the involved identities accessing the data with that related tool

-3 Who is capable on bypassing normal security controls and is that monitored?

Having the data sandboxed at OS-level (well secured) on OS-level will help to pinpoint auditing only those account can access data

As you are the data-creator you can decide to create that data monitored (sudo) with a high-priviledged account.

The remaining possible access to those files are the isolated account granted to have that right.

When the only possible access by those users is SAS BI/DI server you can use SAS-logging as been mentioned.

When other options are available you are condemnd to use the OS options.

Linux is just a Unix type like IOS or Android. Major streams are Rhel-6 and Suse-10 (HP-UX AIX and many more).

Every type is different at some points, but a lot is equal. Google for that eg Redhat:

https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/pdf/Security_Guide/Red...  chapter 7,  file auditing.

Although SAS could play a big role in analyzing those logs, there is competitor in the market. Splunk is selling their tools for iso27002 compliancy and they are getting accepted by auditors (security world) with the goal analyzing those logs.
 

---->-- ja karman --<-----
Ask a Question
Discussion stats
  • 9 replies
  • 347 views
  • 0 likes
  • 4 in conversation