SQL Monitor

Managing the SQL Server Estate

Back in 2012, I was transitioning into the role of ‘Director of Data Services’, at the Fortune 500 insurance organization where I worked. It wasn’t that easy. Previously, as a DBA, I’d spent time developing my own database monitoring and documentation solutions. Now, I needed to alter my perspective to take in the broad landscape Read more

SQL Monitor

Spotting Unauthorized Configuration Settings in SQL Server

An attacker of SQL Server likes to be able to change the SQL Server configuration settings. In an ideal world, you will have left everything open for the intruder, but generally, every DBA reduces the surface of attack as much as possible. Why would the attacker want to change these settings? You might think there’s Read more

SQL Source Control

Merging a Conflict with SQL Source Control and Beyond Compare

SQL Source Control (SoC) plugs directly into SQL Server Management Studio (SSMS) and is built with the singular purpose of providing an efficient interface between each developer’s local, working copy of the database, in SSMS, and the source control repository. It allows each developer to work freely, on their own sandbox database, committing tested changes Read more

SQL Prompt

Testing the Performance of Individual SQL Statements within a Batch using SQL Prompt

This article is all about using a SQL Prompt snippet to create and run a test harness on a batch of SQL code, to provide performance data. Behind the scenes, the snippet creates and starts an Extended Events event session, inserts and runs the text of the batch of SQL you’ve selected in SSMS, and Read more

SQL Monitor

How to Detect SQL Injection Attacks using Extended Events and SQL Monitor

Even if all precautions have been taken to prevent SQL Injection attacks, as laid out in the OWASP website, it is still wise to be able to detect if an attempted attack is taking place, and it is essential to know if such an attack is successful. There are several strategies for detecting SQL Injection Read more

SQL Monitor

The Changing Role of SQL Server Monitoring

As SQL Server estates continue to grow quickly, and change in nature, due to the ease with which new cloud-based, containerized or virtual machine-based SQL Servers can be provisioned, so too the role of the monitoring tool changes. In organizations that need to monitor a large population of SQL Servers, many of which are highly Read more

SQL Data Generator

Pseudonymizing a Database with Realistic Data for Development Work

For this demonstration, we will take AdventureWorks and produce a pseudonymized copy for development work. The aim is to surgically alter just the data that can identify individuals but leave everything else intact. I’ve shown how to do something similar before, for a subset of the data, in Pseudonymizing your data with SQL Data Generator. Read more

SQL Monitor

Avoid running out of Disk Space ever again using SQL Monitor

If your SQL Server runs out of disk space, and it is running a database for an enterprise’s trading application, then the company can’t take money until the DBA fixes the problem. Even the worry of that ever happening is enough to keep a DBA up at night. No wonder, then, that the recent State Read more

SQL Prompt

SQL Prompt Code Analysis: Avoid using the ISNUMERIC Function (E1029)

Avoid using the¬†IsNumeric() function, because it can often lead to data type conversion errors, when importing data. SQL Prompt Code Analysis rules include an Execution rule, E1029, which will alert you to use of this function, in your T-SQL. If you’re working on SQL Server 2012 or later, it’s much better to use the Try_Convert()or Read more

SQL Change Automation

Documenting your Database with SQL Change Automation

It would be wrong to portray SQL Change Automation (SCA) as being suitable only for epic project deployments, of the sort described in my previous article. It can do smaller tasks as well. To demonstrate, I’ll show how you can use SCA to check that the source code builds a database, and to provide a Read more