Problems displaying this newsletter? View online.
SQL Server Central
Featured Contents
Question of the Day
The Voice of the DBA
 

Daily Coping Tip

Be kind to the planet. Use less energy today

I also have a thread at SQLServerCentral dealing with coping mechanisms and resources. Feel free to participate.

For many of you out there working in a new way, I'm including a thought of the day on how to cope in this challenging time from The Action for Happiness Coping Calendar. My items will be on my blog, feel free to share yours.

A Need for Monitoring without Administration

There was a report recently that a number of US government agencies were hacked through a network management system. Apparently Solarwinds had their code hacked, and this resulted in a backdoor being distributed to customers via software updates.

There is a lot that went wrong here, and this ought to make many system management software vendors very nervous. Attacks on your software developers, designed to put backdoors into code repositories is a while second (or third) order attack. I would certainly be nervous to be a software developer right now, and be extra cautious about any sort of potential phishing email sent to me. Yes, that's a thing.

The bigger issue, to me, is that monitoring most systems ought to be possible without requiring escalated privileges. While there are some ways to get metrics without requiring administrative rights, most OSes and most software expects to have complete rights to all resources.

That's a hole in design. There are plenty of cases where we want monitoring data (and alerts/notifications) distributed to other automated systems or to interested individuals, but we don't want to expand the number of administrators. Every additional individual or system that can potentially change something as an administrator is another potential attack vector.

We have built our core operating systems with the idea that someone needs complete control of the system to work with it. For some things, that's true, but for resource usage, especially in the way that many of us need to watch at scale, I'm not sure that this needs to be the case. My view is that Windows, MacOS, and Linux ought to undertake fundamental design reviews to determine if they can further shrink the scope of privileges for monitoring systems.

In the meantime, granting privileged access to an automated system for monitoring ought to be done very carefully, even more carefully than for human sysadmins. This account will run by itself, and someone might not notice if it is compromised. Set strong, very long passwords, change them periodically, and audit the account to be sure it is only accessing what you think it should access.

Steve Jones - SSC Editor

Join the debate, and respond to today's editorial on the forums

 
 Featured Contents
Stairway to U-SQL

Stairway to U-SQL Level 18: Populating a Data Lake with PowerShell

Mike McQuillan from SQLServerCentral.com

Learn how PowerShell can be used to manage files and folders in your Data Lake.

DBA in training: Know your server’s limits

Additional Articles from SimpleTalk

Comparing current performance to baselines helps DBAs know when there’s a problem. In this article, Pamela Mooney describes how to measure the physical resources drive space, latency, memory, and CPU.

Maintaining a Database Build Script with SQL Compare

Additional Articles from Redgate

Phil Factor explores a lesser-known capability of SQL Compare, which is to help you maintain a 'traditional', well-documented, single file build script, for creating the current version of the database during development.

From the SQL Server Central Blogs - Storage savings with Table Compression

Brahmanand Shukla from SQL Server Carpenter

In one of my recent assignments, my client asked me for a solution, to reduce the disk space requirement, of the staging database of an ETL workload. It made...

From the SQL Server Central Blogs - Firewall Ports You Need to Open for Availability Groups

SQLRNNR from SQL RNNR

This article has demonstrated a meaningful and efficient method to test and validate the necessary firewall ports for Availability Groups (AG) and WFC.
The post Firewall Ports You Need to...

 

 Question of the Day

Today's question (by Steve Jones - SSC Editor):

 

Merging Dictionaries

I am using Python 3.7 and I have this code: 
a = {'DEN' : 'Denver Broncos', 'KC': 'Kansas City Chiefs'}
b = {'LV' : 'Las Vegas Raiders', 'LAC': 'Los Angeles Chargers'}
I want to merge these two dictionaries together. Which code does this?

Think you know the answer? Click here, and find out if you are right.

 

 

 Yesterday's Question of the Day (by Steve Jones - SSC Editor)

Default Datetime2 Precision

What is the default precision for datetime2 if I do not specify it, as shown here:

DECLARE @dt datetime2;

Answer: 7

Explanation: The default precision is 7, which is the most precise value that can be stored. Ref: datetime2 - https://docs.microsoft.com/en-us/sql/t-sql/data-types/datetime2-transact-sql?view=sql-server-ver15

Discuss this question and answer on the forums

 

 

 

Database Pros Who Need Your Help

Here's a few of the new posts today on the forums. To see more, visit the forums.

SQL Server 2017 - Development
Creating and joining multiple queries (more than 2) - Hi, I know how to create and join 2 queries but on occasion Ive needed to join more than 2 and Im unsure how to achieve this? The method I use for joining to is as per the example below - can you just extend this as required? Select * from ( SELECT Stuff.Example1 Stuff.Example2 […]
SQL Server 2016 - Administration
How to upgrade to 2016 AlwaysON from SQL Server 2012 ?. - Hello, I'm looking for the best way to go from existing 2012 Enterprise AlwaysON Cluster to SQL 2016 Enterprise AlwaysON . Existing setup: 2 nodes with OS 2012R2 and SQL Server 2012 Enterprise on latest service pack. Goal for new setup: Purchased 2 new servers that I want to be the final 2 new servers. […]
Help with Actual execution Plan - Please advise on the attached execution plan. If they open as XML then please rename them as .sqlplan. I did save them as .sqlplan for now. You might need winzip to extract since I was unable to attach direct files. Thank you!  
SQL Server 2016 - Development and T-SQL
Query Code returning incorrect results - Hello Community, I have the following logic: Find customers who didn't place orders from 2019-02-01 to 2019-03-01. Output customer's first name. I am working with the following dataset: CREATE TABLE #tmpTable ( id int, first_name varchar(50), last_name varchar(50), city varchar(50), address varchar(50), phone_number varchar(50), id int, cust_id int, order_date date, order_quantity int, order_details varchar(50), order_cost […]
ORDER BY using successful thousand comma separator - This query requires ActualTotal to be ordered with largest value top however as you can see from the screengrab, this hasn't worked completely. Is there a way to achieve this? Here is my current code: SELECT m.name, FORMAT(x.ComTotal,'N0') AS Total_2020, FORMAT(y.Totals,'N0') AS Some_2020, FORMAT(x.ComToTal + y.Totals,'N0') AS ActualTotal FROM Mees m LEFT JOIN View_2020_Listx_Jan2020 x […]
Odd query question i did some basic digging but didn't find anything relevant. - SQL Server 2016 cursor and query: select * from table1 where col1 = '1' and col2 = '00001' and col3='I' and col4 = 'JULY--2015' this is a dynamically created query and for the most part the col1, col2 and col3 stay the same only the col4 changes in this test case. while all the other […]
SQL query for First swipe in and Last Swipe Out for each day for each pay period - Hi, "EMPLOYEE" table has EmpName,EMPID . "SWIPE" table has SwipeTime_UTC,Swipe_location,EmpID  . Note:Swipein and swipeout locations are different. SwipeTime_UTC is UTC time format. Looking for SQL query to generate  the first swipe in and last swipe out for each employee on each day for given pay period.(Display time should be in EST). Any suggestions pls. Thanks.
Administration - SQL Server 2014
Slow database performance - Hi All, We are seeing serious I/O contentions issues on one of our database called "MarketingDB". Looking for some suggestions on how we can improve I/O demands for this database. Enabled Instant file initialization for data files to get some performance gain. All data files are in one drive and log file is in a […]
Development - SQL Server 2014
Need to insert differences between Staging and Working tables into the Working T - Hi, Still kind of a newbie to SQL Server. Anyway I have two tables: tblStaging and tblWorking. The staging table is updated every 15 minutes and I need to look at what's different in the Staging table and insert the differences into the Working table. I have a combination of two fields that guarantee uniqueness. […]
SQL 2012 - General
How to get duplicate on PartId and Company Id both and have different Status ? - How to get duplicate on Part Id and Company Id both and have different Status ? I work on SQL server 2012 I have issue I can't get duplicate on company id and part id and on same time have different status as partid 1211 and companyid 3030 repeated two times meaning two rows but […]
There is insufficient system memory in resource pool - Not a DBA here. Now that that is out of the way... I am troubleshooting an issue where our SQL service is stopping. We are on SQL 2012 Express x64 11.0.2100.60 running on Windows Server 2008 R2 Standard x64. The Windows application event logs show: -Event ID 701: There is insufficient system memory in resource […]
SQL Server 2012 - T-SQL
Last Column value at the maximum value of Cond Column - Good morning,   I'm trying to get the Temp value at the maximum value of the Cond column. The red line in the first query is what I'm expecting, the second one its the result I'm getting at the moment.   Current query: SELECT TOP (1) DateTime, CASE WHEN TagName = 'WFI_LP01_Cond.PV' THEN value END […]
SQL Server 2019 - Development
CONCAT and CASE WHEN combined - Hi everyone, I'm trying to create a query that concatenates the directions field that were involved in each transaction_id. I've tried to do it by creating a flag table with multiple case whens, and then querying on it, but as you can see in the image below, I'm having trouble to get a multiple 1's […]
Reporting Services
Execute Stored Procedure (with no Fields) - Hi Guys, I'm searching for a while now, but can't find a solution. We have a ssrs project where we are using Reports for Dashboarding. To do Right Management, we have a function for each table, these functions has a so called "Token" wich represents a specific user. As these Tokens have a timeout, there […]
General
How often have you needed to start a sequence of numbers at other than 1 or 0? - Itzik Ben-Gan (definitely one very smart guy in the world of SQL Server and T-SQL) published an interesting challenge back on the 9th of December, 2020.  You can find that challenge at the following link... https://sqlperformance.com/2020/12/t-sql-queries/number-series-challenge To summarize... Itzik posted the basis of his world-famous "GetNums" function, which generates a sequence of numbers.  The version […]
 

 

RSS FeedTwitter

This email has been sent to {email}. To be removed from this list, please click here. If you have any problems leaving the list, please contact the webmaster@sqlservercentral.com. This newsletter was sent to you because you signed up at SQLServerCentral.com.
©2019 Redgate Software Ltd, Newnham House, Cambridge Business Park, Cambridge, CB4 0WZ, United Kingdom. All rights reserved.
webmaster@sqlservercentral.com

 

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -