Viya administrators can now get personal with users' Caslibs


Administrators like to be able to keep track of resource usage and who is using what in a system. When an administrator has this capability, they can look out for issues of high resource usage that may have an impact on overall system performance. In Viya, data is accessed in caslibs. In this post, I will show you how an administrator can track and control resource usage of personal caslibs.

A Caslib is an in-memory space to hold tables, access control lists, and data source information. In GEL enablement classes as we have discussed CAS and caslibs, one of the big asks we have had was related to personal caslibs and how can an administrator keep track of the resources that they use. Until recently we didn’t have a great answer, the good news is now we do.

Personal caslibs are, by default, the active caslib when a user starts a CAS session. This gives each user a default location to access and load data (sort of like a home directory). As the name suggests, they are personal and only the user who starts the session can access the data. In early releases, administrators saw this as a big problem because personal caslibs were basically invisible to them. There was no way to monitor what was going on with a personal caslib, leaving the system open to issues where one user could consume a lot of resources and have an adverse impact.

Introduced in Viya 3.4, the accessControl.accessPersonalCaslibs action brings all existing personal Caslibs into a session where an administrator has assumed the data or superuser role.

Running the accessControl.accessPersonalCaslibs action has the following effects. The administrator can:

  • See all personal caslibs that existed at the time the action was run
  • View promoted tables characteristics within the personal caslibs
  • Drop promoted tables within other users’ personal caslibs.

This elevation of access remains in effect for the duration of the session. The action does not give an administrator full access to personal caslibs, an administrator can never fetch data from other users’ personal caslibs, drop any personal caslib, set access controls on any personal caslib, or set access controls on any table in any personal caslib. What it does is give the administrator a view into personal caslibs to be able to monitor and troubleshooting their resource usage.

Let’s look at how it works. Logged into Viya as Viya administrator (by default also a CAS administrator), I can use the table.caslibinfo action to see all the caslibs that the administrator has permission to view. In the output below, I see my own personal caslib, and all the other caslibs that the administrator has permissions (set by the CAS authorization system) to view.

cas mysess;
proc cas;
cas mysess terminate;

In the code below, the super user role is assumed for this session (SAS Administrators by default can also assume the super user role in CAS). With the role assumed, the administrator can execute the accessControl.accessPersonalCaslibs action and the subsequent table.caslibinfo action returns all caslibs including any personal caslibs that existed when the session started.

cas adminsession;
proc cas;
/* need to be a super user or data administrator */
accessControl.assumeRole / adminRole="superuser";
table.caslibinfo ;
cas adminsession terminate;

That helps, but what about the details? How can the administrator see how many resources the tables in a personal CASLIB are using? To get the details, we can access an individual CASLIB and its tables, and for each table, execute the table.tabledetails action. The program below will loop all the personal caslibs and, for each of the caslibs, it will loop the in-memory tables and execute the table.tabledetails action. The output of tabledetails gives an idea of how many resources (memory, disk etc.) a table is using.

cas adminsession;
proc cas;
/* need to be a super user */
accessControl.assumeRole / adminRole=”superuser”;
accessControl.accessPersonalCaslibs;table.caslibinfo result=fileresult;
/* loop caslibs */
do cvalue over casliblist;
if ‘CASUSER’ then
do; /* only look at caslibs that contain CASUSER */
table.tableinfo result=tabresult /;
if x>1 then
do; /* there are tables available */
do tvalue over tablelist; /* loop all tables in the caslib */
table.tabledetails /;
table.tableinfo /;
end; /* loop all tables in the caslib */
end; /* there are tables available */
end; /* only look at caslibs that contain CASUSER */
end; /* loop caslibs */
accessControl.dropRole / adminRole=”superuser”;
cas adminsession terminate;

Two fields that can give an administrator an idea of how big a table is are:

  • Data size: the size of the SAS Dataset in memory
  • Memory Mapped: the part of the data that has been “memory mapped” and is backed up in the CAS Disk Cache memory-mapped files.

The table below show the output for one users personal caslib.

If one table in particular is causing problems, it is possible for the administrator to drop the table from memory.

cas adminsession;
proc cas;
accessControl.assumeRole / adminRole=”superuser”;
sessionProp.setSessOpt / caslib=”CASUSER(gatedemo499)”;
table.droptable / name=”TRAIN”;
cas adminsession terminate;

Visibility into personal caslibs will be a big help to Viya administrators monitoring CAS resource usage. Check out the following for more details:


About Author

Gerry Nelson

Principal Technical Consultant

Gerry Nelson is an Advisory Technical Architect in the Global Enablement and Learning (GEL) Team within SAS R&D Division. His primary focus is on administration of SAS VIya environments, particularly automation, modernization, migration, and upgrading.


  1. Hi Gerry!

    Sorry, but I don't know how to contact you ... I'm writing to you here.
    I saw your precious abstract and video:
    'SAS Viya Managing User-defined Formats'
    and about this,
    when I load the formats from my 9.4, V.A. makes me this mistake:
    ERROR: Scope=Global was specified.
    Format library VAFROMSAS_GLOBAL_TEMP is not found in Global scope.
    What does it mean?


  2. Manisha Pratapwar on

    I am getting below error message while trying to run the detail code. Kindly advice.

    NOTE: Active Session now ADMINSESSION.
    WARNING: Variable '”superuser”' is uninitialized. It has been set to missing.
    ERROR: An attempt was made to convert parameter 'adminRole' from double to enum, but the conversion failed.
    ERROR: The action stopped due to errors.
    ERROR: You must be an administrator to obtain access to personal caslibs.
    ERROR: The action stopped due to errors.
    WARNING: Variable '‘CASUSER’' is uninitialized. It has been set to missing.
    ERROR: An attempt was made to convert parameter 'adminRole' from double to enum, but the conversion failed.
    ERROR: The action stopped due to errors.

    • Gerry Nelson

      It might be something happening with cut and paste, maybe some special characters from the blog text. The error suggests that that the string "superuser" is not quoted.

      It should be like this:

      accessControl.assumeRole / adminRole="superuser";

      IF the quotes are not there you can add them. If they are try typing over them again in the editor.

      I hope that helps.

Leave A Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Back to Top