Administration – Page 26

After Login Triggers in Oracle

Published 2023-12-27 by Kevin Feasel

David Fitzjarrell performs some auditing:

In a world of ever-increasing access account security has become a major concern. More often than not accounts used for automated processes gather more and more privileges, on the assumption that they are used only by managed, automated processes and execute vetted code, The argument is that these automated processes can’t go rogue and do damage with these elevated privileges, which is true, sort of. In and of itself the database does not police where these account connections originate, which can pose a significant security risk should this vetted code, or passwords for these privileged accounts, become known.

Oracle has, for decades, provided after logon triggers, which can be utilized to ‘police’ accounts by reporting where they originate and, if necessary, disallowing such logons. Of course it will be necessary to record such connection ‘violations’ in a table so that they may be investigated. A “complete” script to do this is shown below:

Click through for that script, as well as additional thoughts from David.

Comments closed

Password Handling in Powershell Automation Scripts

Published 2023-12-18 by Kevin Feasel

Ajay Dwivedi gives us a tip:

I have been writing automations using PowerShell for many years now. One common issue I notice with people’s code is the improper handling of passwords. In this blog, I share how to set up a Credential Manager on a SQLServer and use the same for handling passwords in automation.

To setup Credential Manager, we need to download and execute the following steps using scripts from my Github repo SQLMonitor.

One point I’d like to clarify in Ajay’s scripts is that the passwords in the database aren’t hashed. Hashing is a one-way operation, so you’d never be able to decrypt it with a passphrase. The password is encrypted and the passphrase isn’t a salt—salts are a way of making a hash unique from the plaintext to prevent multiple users with the same plaintext password from having the same salt. Encryption instead of hashing is the correct answer here because you need the plaintext of the password to perform the automated operation.

As for ENCRYPTBYPASSPHRASE(), it’s okay if you’re running SQL Server 2017 or later. For 2016 and earlier, it uses Triple DES with 128 bit key length and that’s no good.

I’d also look into the Powershell SecretStore module and possibly integrate into an existing key vault if you have one.

Comments closed

Backup and Recovery Options for Relational Databases

Published 2023-12-14 by Kevin Feasel

Adron Hall keeps a copy:

In the realm of data management, ensuring the safety and recoverability of data is paramount. Relational databases, being at the core of many business operations, require robust backup and recovery strategies. This article delves into the general concepts of backup and recovery in relational databases, followed by specific strategies for SQL Server, Oracle, MariaDB/MySQL, and PostgreSQL.

Click through for a high-level overview of general database backup concepts and a variety of options available in the major relational database platforms.

Comments closed

Last Modified Date of SQL Agent Jobs

Published 2023-12-13 by Kevin Feasel

Tom Collins answers a question:

Question: I have a SQL Agent job with a Last modified date of : 1/11/23. What activity causes the last modified date to occur ? And also is there a way to find out the change?

Read on for the answer to these two questions. Also check out Michael Bourgon’s comment for additional context around schedules.

Comments closed

Baselining a SQL Server Instance with SQLMonitor

Published 2023-12-12 by Kevin Feasel

Ajay Dwivedi has an update to SQLMonitor:

I have been using SQLMonitor extensively for monitoring & performance tuning of my SQLServers. To make it more and more useful, I have added more functionalities to the tool in version v1.6.0.

Click through for a list of enhancements and links where you can learn more about SQLMonitor.

Comments closed

Application Portability Challenges with Kubernetes

Published 2023-12-08 by Kevin Feasel

Kiana Harris lays out some challenges:

As organizations embrace containerization and Kubernetes for their applications, the need for seamless portability across the Kubernetes ecosystem coupled with cloud object storage and local persistence has become a pressing concern. In this blog post, we will dive into the core problem and dissect the complex challenges that customers face in achieving containerized app portability.

Read on for the list of challenges, followed by what you can do to address them. This is at a really high level but can provide food for thought.

Comments closed

Kubernetes Observability with an Open-Source Stack

Published 2023-12-08 by Kevin Feasel

Bang Nguyen wants to see what’s going on:

Observability of a system includes Logging, Tracing and Metric. Today, we will go to detail how to implement observability’s elements on a K8S environment use Promtail, Open Telemetry Collector, Loki, Tempo and Grafana bellow is the demonstration of system we will implement

Click through for a detailed guide showing how to do this.

Comments closed

Reviewing Table-Level Statistics in Postgres

Published 2023-12-08 by Kevin Feasel

Muhammad Ali explains what information you can find regarding tables in Postgres:

Database monitoring, performance tuning and query optimization are critical operations for maintaining an efficient database system. A key component in PostgreSQL for this purpose is the pg_stat_all_tables view.

pg_stat_all_tables offers real time statistics on table activities such as number of sequential and index scans performed on a table, updates, deletes, inserts, and more. It also offers information on dead tuples along with vacuum and analyze stats which enables DB admins to make data-driven decisions. Here’s a table detailing the columns in the pg_stat_all_tables:

Click through for that table about tables.

Comments closed

SQL Server on Azure Arc Performance Dashboards

Published 2023-12-05 by Kevin Feasel

Lance Wright shows off a dashboard:

At Ignite 2023, we announced the public preview of performance dashboards for SQL Server enabled by Azure Arc. With these performance dashbaord, DBAs and IT Admins now get performance monitoring right from within Azure. No need to setup and login to another tool or remotely connect to the SQL Server to run performance queries. Let Azure Arc do the heavy lifting so you can get to your performance metrics faster.

This is another tool in the toolbox of DBAs, IT admins, and cloud specialists looking to gain better visibility into their hybrid and multi-cloud workloads. If a SQL Server enabled by Azure Arc meets the requirements for data collection (see “How to enable performance dashboards”), Azure Arc will automatically collect the following types of data from the Dynamic Management Views (DMV) datasets oof the SQL Server:

Click through to see what it includes and how to enable it.

Comments closed

Enabling Microsoft Fabric

Published 2023-12-05 by Kevin Feasel

Tomaz Kastrun continues a series on Microsoft Fabric:

If you have used Power BI services in the past, you will be on board immediately. The outlook is the as it is with the Power BI. You will only need additional credentials to access the services. In general, you will need Azure subscription, Power BI service already enabled, and the ability for your organization to enable Fabric with Admin roles

Click through to see how to enable Microsoft Fabric in your environment.

Comments closed

Category: Administration