Disguise extract - JCL specification

The following figure is displayed when you press Enter on the DPR: Data Privacy Specification or DCF: Data Privacy Specification panel.

Disguise Extract - JCL Specification

Use this panel to enter information for constructing JCL to run the Disguise Extract.

Existing Extract File

This field will be prefilled with the name of the extract file you specified on the preceding screen. The extract file specified here is the input file for the disguise process.

Disguised Extract File

Specify a DSN to be used for the output from the disguise process. The disguise job you submit will copy the input extract file to this DSN, modifying all required fields based on the disguise criteria you have specified in your Disguise Control File. As a result, the output file will be an exact copy of the input file except that sensitive data fields will be disguised in the output file.

Disposition

If you want the disguise job to overwrite an existing output file, specify OLD. If you want the disguise job to create the output Disguised Extract File as a new data set, specify NEW. The following parameters related to disk space are required if you specify NEW.

Generic Unit

Specify your site’s name for the devices where you want to write the Disguised Extract file. Common names are “SYSDA”, “DASD”, “TAPE”.

Job Statement Information

These are the first four JCL statements that will be placed in the JCL created for disguise. These are the JCL statements that were setup in your user profile. You may change this JCL prior to submitting the disguise job.

Primary Commands

JCL

View/edit the JCL generated for the disguise job by entering JCL on the command line. You may modify this JCL if desired.

Press ENTER to submit the batch JCL to execute the disguise job without viewing/editing the JCL.

XVJPRINT Execution Log Output

Data Studio’s Data Privacyjobs now write execution information to XVJPRINT DD (instead of SYSPRINT DD). If XVJPRINT DD does not exist in your JCL, File-AID will dynamically allocate XVJPRINT.

If you want the execution log output sent to a file, point XVJPRINT DD at a file (instead of SYSOUT=*). This file must be allocated with RECFM=FBA, LRECL=133.

Optional Data Privacy Report Output Written to a File

If you want the Data Privacy Report information written to a fixed layout sequential file and/or to a CSV (Comma Separated Values) file, manually add the appropriate DD statement to the Data Studio’s Data Privacy job.

DPRSTAT1 DD (Fixed Layout Sequential File)

When you add a DPRSTAT1 DD to a Data Studio’s Data Privacyjob and it points at a file defined as RECFM=FB,LRECL=2737, at end of job, the file will have the report information for each column written out as a single record containing all the same report information but in a formatted fixed layout sequential file.

Example:

or for a new file:

Record Layout for Output File

To view the output file in formatted mode you can use File-AID/MVS Browse or Edit with the following COBOL record layout describing a record in the output file:

DPRSTAT2 DD (CSV)

When you add a DPRSTAT2 DD to a Data Studio’s Data Privacy job and it points at a CSV (Comma Separated Values) file defined as RECFM=VB,LRECL=2751, at end of job, the file will have the report information for each column written out as a single record containing all the same report information but they will be Comma Separated Value (CSV) records.

Example:

or for a new file:

Optional Source Data Identifiers (SDIs) Override During Execution

File-AID for IMS/ISPF now allows you to replace, during execution of a DPR project, Source Data Identifiers (SDIs) defined in the Data Studio’s Data Privacy project.

To override SDIs, manually add the following DD statement to the JCL:

//DPRSDI DD DISP=SHR,DSN=u.data.mysdis

where the existing data set u.data.mysdis contains the definitions of SDIs that will be used for this execution.

If the DPRSDI DD is defined in JCL, all SDIs defined in the project will be ignored and replaced with definitions provided in the override data set.

Override File Format

Replacement SDIs can be defined either in XML or in JSON format. The tags in XML and names in name/value pairs in JSON correspond to SDI properties that can be defined through the Workbench for Eclipse User Interface. For more information, see the Source Data Identifier Overrides topic in the BMC AMI DevX Workbench File-AID Data Privacy User Guide.

Override Data Privacy Environment Parameters

If you need to, you can override the Data Privacy Environment parameters listed in the following table (established with your site’s File-AID Data Privacy Environment parameters). For more information, see File-AID Data Privacy Environment.

Data Privacy Environment Parameter Overrides

To do so, insert any of these FAJPATH, FAJOPTS, FAIPADDR, and FAEXPATH DD statements as needed. For example:

It is also possible to specify more than one debug parameter inline. For example:

Override Execution Parameter in a Data Privacy Project

In order to override an execution parameter (public variable or translate table) in a Data Privacy Project, add a DPRPARMS DD statement to your JCL. This DD can point to a file or a PDS member containing the override values (maximum record length is 512 bytes). The override values can also be specified inline. Specify override values in the following way:

executionParm=overrideValue

The execution parameter must have been defined in the Workbench for Eclipse user interface for the project.

Example:

Your DPR project ‘project1’ includes:

• 2 translate tables, ‘Title table’ and ‘Titles for HR dept’ (Manage Translate Tables)
  • The source table for ‘Title table’ is file ‘ABC.TRANS’.
• 2 public variables, ‘scramvar’ and ‘altscram‘ (Process Variables Figure)
  • The initial value for ‘scramvar’ is string ‘123abc’.
• 2 execution parameters, ‘Parameter1’ identifies the translate table ‘Title table’ and ‘Param2Variable’ identifies variable ‘scramvar’ (Manage Execution Parameters).

At execution time, however, you want to override the defined execution parameters for translate table ‘Title table’ with the new translate table ‘ABC.NEWTRANS’ and the initial value of variable ‘altscram‘ with the new string ‘789xyz’. The new translate table must have the same characteristics as the original one.

To do so, insert the following DPRPARMS DD statement in the JCL (inline example):

Manage Translate Tables

Process Variables

Manage Execution Parameters

Execution Parameter List of Values

If the execution parameter variable type is either a String List or Numeric List, you can also override the list of values.

Specify a list of values in the following way:

executionParm=LIST(X)=overrideValueXoverrideValueXoverrideValue

The X variable inside the =LIST( )= parentheses defines the delimiter for the list of values. The delimiter can be any character. Connect each overridevalue with the defined delimiter.

For example, insert the following DPRPARMS DD statement in the JCL (inline example) to override the values of the String List named STATE (* is the defined delimiter):

Multiple Origins for a Data Privacy Rule

Normally, when a Data Privacy Rule is applied to a related field, one object¹ in the relationship thread is chosen as the “origin”. For every record in the origin, the Data Privacy Rule is applied to the related field and the BEFORE and AFTER values are saved. For every record in a “non-origin”, the Data Privacy Rule is not applied. Rather, the appropriate AFTER value is retrieved from where it was saved. This guarantees relationship integrity.

This methodology is efficient and sufficient in most scenarios, but there are some scenarios where no single origin contains all of the values required by the non-origins. When this occurs, it is possible to direct File-AID to use all objects that contain the necessary fields referenced by the Data Privacy Rule as origins. This directive is specified by adding to your JCL:

Special Instructions for Oracle Translate Table

If your Data Privacy job uses Data Translation with an Oracle Translate Table and your File-AID Data Privacy Environment parameters do not include the following JAVA options (for more information, see File-AID Data Privacy Environment), insert the following FAJOPTS DD statement after the FARULES DD statement:

If the JAVA options in the File-AID Data Privacy Environment parameters include other site specific JAVA options, also add them to the FAJOPTS DD statement before submitting the job.

Adding the above FAJOPTS DD statement will override the JAVA options in the File-AID Data Privacy Environment parameters and make it possible to run an Oracle translation while the log will be generated in EBCDIC.

An indicator that you need to make this JCL change is when the Data Privacy job ended with the following error:

However, this general message is not conclusive. Your error log file should have something like the following:

If you see the above, then you need to insert the FAJOPTS DD statement.

Redirect File-AID/Data Solutions Report (Data Disguise with DCF only)

When using a Disguise Control File (DCF) to disguise data, you can choose to redirect the disguise report output produced by File-AID/Data Solutionss to FADSPRNT DD by simply adding it to the JCL. The FADSPRNT DD can point at a file or at SYSOUT. When it points at a file and multiple objects are being disguised, use DISP=MOD.

Since the use of FADSPRNT splits theFile-AID/Data Solutions report output away from the File-AID for IMS/ISPF report output, FADSPRNT and SYSPRINT must be looked at together to get a complete picture of the job.