×
 
 
  •  
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')

Important

   

This documentation space contains information about PATROL Agents when deployed in a TrueSight Operations Management environment. If you are a BMC Helix Operations Management user, see PATROL Agent 22.1 for BMC Helix Operations Management. Open link

BMC PATROL Agent 22.1 ... PATROL Script Language overview and functions PSL Built-in Functions List of functions and their descriptions

sec_store_set()

Store and encrypt a text string in the PATROL Agent.

Syntax

sec_store_set(key,value,[application_classes])

Parameter

Parameter

Definition

key

text used by sec_store_get() to identify value

value

text that you want to put in the secure area of the PATROL Agent Often this function stores a password. In that case, the key is a user ID and value is a password.

application class

application class or classes that can retrieve value. When multiple application classes are given, the application class names should be separated by semi-colons

Default 
Application class that called the sec_store_set() function.

Description

The sec_store_set() function enters value into the Secure Key Store (SKS) archive. For more information about the SKS archive, see the PATROL Security User Guide

Use this function to store and encrypt any text string. This function works with sec_store_get(), which you can use to retrieve a value stored by sec_store_set(). The sec_store_set() function returns 1 when successful and 0 when unsuccessful. 

For a complete list of error messages, see the following table. 

errno Value

Description of Failure

139

E_PSL_SKS_BAD_ACCOUNT 
The user account that executed this function does not have permission to access the SKS archive.

140

E_PSL_SKS_INSTANCE_ERR 
PATROL could not find the application instance that executed this function.

141

E_PSL_SKS_SET_ERR 
PATROL could not set this value in the SKS archive.

142

E_PSL_SKS_GET_ERR 
PATROL could not get this value from the SKS archive.

The application_class parameter is a semi-colon separated list of one or more application classes. To retrieve value, an application class must be on this list. If you do not specify an application_class, sec_store_set() uses the default for this parameter, which is the application class that called sec_store_set(). 

You can use this function to write a PSL script that performs an action that requires a password. For example, the script can use a password to open a database. In this scenario, key is a user ID and value is a password. The sec_store_set() function stores the password in the secure area of the PATROL Agent, and your script uses sec_store_get() to retrieve the password. 

Giving a script password access to a protected resource presents a trade-off between security and usability. Requiring a person to enter a password is generally more secure than delegating this task to a script. The higher level of security, however, comes at a price to the person who has to remember the password or keep it in a safe place. While it is not the safest option, allowing a script to enter a password provides a much higher level of security than not using a password at all. Use this method of password management when you need to provide mid-level security.

Example

This script demonstrates the sec_store_set() function.

sec_store_set("ORACLE/INSTANCE1/JSMITH", "paddy3","PATROL_NT;NT_SYSTEMS");


Was this page helpful? Yes No Submitting... Thank you
Last modified by Rashmi Gokhale on Jan 17, 2018

Comments

Log in or register to comment.

sec_store_get()
set()
© Copyright 2014 - 2023 BMC Software, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2023 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.