I am using execute command activity in a job sequence to run a shell script.First argument is project id and the second parameter is password.
In datastage I am using parameter called DBPasswd and type is encrypted and i am passign that parameter to the command line.
In the job activity execute command page page i have like below.
Comand : /home/username/oraproc.ksh
Parameters:dst #DBPasswd#
But in the job log it showing the script along with project id and decrypted password like below.
ExecuteUnixCommand..JobControl (@Execute_Command_0): Executed: //home/username/oraproc.ksh dst Test454
Reply=0
It is showing the password in the log
Is it defualt behavour of datastage or it is a security issue in datastage.
Execute command activity
Moderators: chulett, rschirm, roy
-
- Participant
- Posts: 54607
- Joined: Wed Oct 23, 2002 10:52 pm
- Location: Sydney, Australia
- Contact:
It is the default behaviour of DataStage to log the actual command executed by an Execute Command activity.
If you want to change this behaviour, encapsulate your command in a routine and invoke that through a Routine activity.
If you want to change this behaviour, encapsulate your command in a routine and invoke that through a Routine activity.
IBM Software Services Group
Any contribution to this forum is my own opinion and does not necessarily reflect any position that IBM may hold.
Any contribution to this forum is my own opinion and does not necessarily reflect any position that IBM may hold.
Re: Execute command activity
Hi, you can prefix the command parameters with the string /NOLOG/ to prevent the parameters being displayed in the job log. This feature is useful where your parameters include passwords or other confidential information.
Best regards,
Omar Elkalla
Senior Business Intelligence Developer
ITWorx
omar.elkalla@itworx.com
www.itworx.com
Omar Elkalla
Senior Business Intelligence Developer
ITWorx
omar.elkalla@itworx.com
www.itworx.com