I had more database and I tried to make backup for them but they weren't worked well
I want the best way to make backup daily
Serverfault and you need really to provide more information, such as what your restore SLA's are, what logging mode the database is running in, as well as whether you are permitted to change this.
Also try and define in what way the current strategy has not met your criteria, so people can understand your needs.
Try making jobs for SQL Server Agent.
Related
I want to practice some SQL locally on specific tables that I have.
What I need is simply to take a table, upload it to a software I can run SQL on and work with it. nothing more. no servers, no other users.
I tried a few different products but just can't find one that allows this option without creating a server and setting up connections.
Please help :)
Thanks!
I think something like SQLite would work well for your purpose. SQLite is serverless
You can then use a shell or DOS prompt to create a db for it, create your table(s) for the db, and then upload your data to the table(s).
https://www.sqlite.org/quickstart.html
sql fiddle, maybe this is what are you looking for.
I have a client who has been promised that he will get a regular copy of the database behind the application we are hosting for him.
The copy is in fact a backup (DB_EXPORT.BAK) that he downloads through SFTP.
(I know, I did not make that promise). I do not want to give him the whole with all the proprietary stored procedures, functions, users and other stuff. I want to give him a slimmed down version of that database with most tables, only selected sp's, some functions, no users and so on.
As I see there are two ways to do this:
a SSIS job that copies certain stuff (using Import/Export Wizard)
replication (snapshot or transactional)
The thing is: the original (DB1) AND the copy (DB_EXPORT) will be hosted on the same server. So using replication feels a bit awkward (publishing to yourself?) but it does give an easy interface for configuring which articles to replicate. Using a SSIS package feels more logical but is actually hard to change.
What can you say about this? Is there a better way for doing this? I am looking for a way that will allow people who just about understand SQL server wil be able to understand.
Thanks for thinking with me!
Not sure if this is the best answer, but I would go with snapshot replication per our discussion, and your avoidance of TSQL scripting.
Replication is relatively simple to setup, but can be a nightmare to troubleshoot (esp. transactional). Often times, its easier to completely delete the publication/subscription and rebuild.
On that note, you can fully script replication configurations -- if someone else has to maintain this, it may be as simple as you scripting out the replication removal (pub and sub removal), and scripting out the replication build-out. All they'd have to do is run the drop/build scripts and it's done.
You can also alter the scheduled job to run the backup immediately following the snapshot generation.
I am looking for a functionality where I can take a snapshot or archive the specific set of data in database and whenever requried I need to go back to the archived state, how can I achieve this ? for more clarity on the need, below is the detail example.
I have a production server and test server, I have made some settings/configuration to my application in test server and updated the production server. Before updating the production server, I should archive/snapshot the data that is being updated, so that if something goes wrong in updating I should be able to go back to the previous state of data in production server.
Thanks in Advance.
Sometimes solutions are complex and difficult, but this one is very simple. Just make a backup of the database and if something goes wrong, you can restore the backup.
You can definitely write tools around this process to make it fairly automated.
I think the question says it all,
the following update query has been executed - by mistake - in SQL Server management studio
update kms_students set student_campus='4' where student_campus='KL'
The effected rows are more than 1000, and i can't identify it since that table is already have the student_campus='4' for many previous rows.
Is it possible to roll back?
I believe ApexSQL should do the trick.
ApexSQL works by analyzing the physical transaction log which basically has all the necessary info to restore specific transactions and data, but MS doesn't provide an out-of-box tool to manage it, other than restoring a backup and then manually restoring the transaction log up to a particular date using RESTORE LOGS
Backup. Most Hosting companies keep one, try calling everyone asap.
Your own backups. Even if they're old they will be helpful.
Keep lots of Backups and NEVER try out queries on production environment. NEVER.(Bet you learned that, right?)
To make it a bit easier, you can try putting the backup DB online and execute some PHP/Python/whatever so as to compare each record from the Backup and change the current database fom '4' to 'KL' where needed.
May not be perfect, but can help you avoid a few days of work.
Is there any way to confirm that a particular breach of security was done through SQL injection?
There is no easy way here, but if you have the enabled the SQL server you use to log every single sql statement, here is what I would do.
Normally, when I SQL inject somewhere, i use one of these as my always true statement for passing throgh the Where clause, after ending the former string.
1=1
0=0
both being used as :
blahblahblah' or 1=1 --
You would not use this clauses in everyday code. So if you spot one of these in your history, well, it is a high candidate. Test the sql history to find :
(space)(number)(optional spaces)(equal)(optional spaces)(same number)(space)
Keep in mind that is heuristical, and will not always work, but could be the only way to give a hint after it had happened . Also, if you are in doubt about SQL injection, you should check the code for string concatenation and use of parameters.
after the attack has already happened? no. there isn't.
you'll have to check all your sql serevr access point for potential risk.
tere are some tools you can use. Check here under SQL Injection tools section.
SQL injection can happen any time you pass a query back to the database.
SQL Injection
Use mod_security to log POST requests and install an Intrusion Detection System to log/stop suspicious activity from now on. Logging every SQL request is an overhead if you are just looking for the breach points.
There are open source alternatives for IDS these days. I use PHPIDS for all my PHP applications.
Only one reliable way is probably analysing the SQL log files. Those should be done by a DBA who can spot things quickly as the size of logs would be huge.
It is better to prevent those.
There are some tools for that but the best one is the brain of the developer.
Stick with one simple rule - always use parameters when generating SQL query.
Just do the code review and if you find string cocatenations - that is first and highly possible place for SQL Injection.
You can log all http requests and check the requested pages for GET/POST sql injection tryouts.