Daily Coping 4 May 2022

Posted on May 4, 2022 by way0utwest

I started to add a daily coping tip to the SQLServerCentral newsletter and to the Community Circle, which is helping me deal with the issues in the world. I’m adding my responses for each day here. All my coping tips are under this tag.

Today’s tip is to meet a friend outside for a walk and a chat.

I have low social needs, but I do have a few. I like getting together with people periodically, and it’s one reason I love my job. I get to travel and see people in my industry all over the world.

I don’t do this enough in Denver, but I decided to give this a try recently and meet a friend. We get together for lunch sometimes, but this time I asked to get together and walk around a bit instead of a meal.

Looking forward to the time outside.

Posted in Blog | Tagged , , | Comments Off on Daily Coping 4 May 2022

Comparing Daily Estimates to Actuals–#SQLNewBlogger

Posted on May 4, 2022 by way0utwest

Another post for me that is simple and hopefully serves as an example for people trying to get blogging as #SQLNewBloggers.

In a previous post I wrote about using a few tables to capture information about my solar system. With a way to capture the data for each day, I now want to report on this. This post will look at the first part of my reporting, which is the daily reporting.

Scenario

On a daily basis, I want to know if the system is producing more or less than the estimate for that month. If you remember from the previous post, there is a single row in a table for each month and then a row in a different table for each day.

My estimates look like this:

2022-04-25 16_30_53-SQLQuery3.sql - ARISTOTLE_SQL2017.way0utwest (ARISTOTLE_Steve (63))_ - Microsoft

Each day looks like:

2022-04-25 16_31_19-SQLQuery3.sql - ARISTOTLE_SQL2017.way0utwest (ARISTOTLE_Steve (63))_ - Microsoft

What I want is a comparison of the actual output against the estimate for each day that I have data. I don’t want to see a number of zeros unless the system produced no power. What I really want is the estimate expanded to cover each of the days of the month for which I have actual data. I want to see this:

2022-04-25 16_36_50-SQLQuery3.sql - ARISTOTLE_SQL2017.way0utwest (ARISTOTLE_Steve (63))_ - Microsoft

A Simple Join

This is very simple query to write. It’s really a join between the two tables, based on the month. If I join on month, then the data from the estimate is returned for each row of actual data where the month’s match.

I can then assemble the date in the results using DATEFROMPARTS(). When I do that, I have this code:

SELECT
   DATEFROMPARTS (spa.trackingyear, spa.trackingmonth, spa.trackingday) AS ProductionDate

, spa.actual_daily AS Actual

, spe.estimate_daily AS Estimate

FROM
   dbo.SolarPowerActual AS spa
   INNER JOIN dbo.SolarPowerEstimate AS spe
     ON spe.trackingmonth = spa.trackingmonth
     ORDER BY ProductionDate

This gives me the results I need, and it works well. Since I have numeric values for the months in both tables, this is a very quick join, especially when those columns are indexed. In this case, most of the time the index won’t matter as we really are pulling most of the data from one table and the tables are so narrow that the index might not ever help.

I’ll compile this code into a view, which I can use for more detailed analysis.

SQL New Blogger

I was building this system to track some data, and decided to split up each section into a separate post. If you look at the first post and this one, you will see they are both short and could be combined, but I wanted to separate them into different topics, as well as schedule them separately.

A good technique you can use on your blog to separate out topics and ensure a more consistent pipeline of content as you publish information about you knowledge.

Posted in Blog | Tagged , , , | Comments Off on Comparing Daily Estimates to Actuals–#SQLNewBlogger

Project Zero for Better Security

Posted on May 4, 2022 by way0utwest

Google started Project Zero to study zero-day vulnerabilities in systems. They want to improve security and safety, at least from a software and hardware standpoint. Its mission is to make it more difficult to find and exploit issues in software. They published an update recently that showed vendors patching their software quicker, at least according to data from the last few years.

The metrics show a change in patching from an average of 80 days a few years ago to 52 days in 2021. There were also patches that missed the 90-day deadline, though only one missed the 90-day time and also a 14-day grace period. They are also trying to help with the understanding of how well vendors are adapting to new challenges. I hope this pressures and inspires smaller vendors and even individual organizations to take security more seriously.

I think that security is becoming *slightly* more important to vendors, especially as competition grows in any particular space. Vendors aren’t necessarily looking to spend time and energy where they don’t see a problem impacting revenue, but they do worry about customers abandoning their software, and a security issue is one reason for customers to look elsewhere. In the 2020s, there are plenty of customers that would consider changing software over security issues that don’t get fixed.

I saw another note that showed more and more hackers are exploiting zero-day vulnerabilities. Even if you think you have strong security, who knows when someone will misconfigure a firewall and expose your system. It’s worth staying up to date, at least within the last patch for your critical systems. I certainly consider a database a critical system, and I’d include helper databases like Redis and Elasticsearch as critical systems.

It’s easy to delay patching when nothing seems to be broken. However, patches are like oil changes. When the system lets you know that maintenance is overdue, it’s usually a catastrophic event.

I like the disclosure and openness of groups like Project Zero and hope they start to pressure more software developers (and project managers) to promote secure coding along with quick patches for vulnerabilities.

Steve Jones

Listen to the podcast at Libsyn, Stitcher, Spotify, or iTunes.

Posted in Editorial | Tagged | Comments Off on Project Zero for Better Security

Daily Coping 3 May 2022

Posted on May 3, 2022 by way0utwest

I started to add a daily coping tip to the SQLServerCentral newsletter and to the Community Circle, which is helping me deal with the issues in the world. I’m adding my responses for each day here. All my coping tips are under this tag.

Today’s tip is to find a fun exercise to do while waiting for tea or coffee.

The last few months I’ve been making instant coffee many mornings. I know, I know, many of you think this is not something that’s worth drinking, but I like the taste of coffee and prefer something hot. I also am usually limiting myself to 1 cup of decaf, so I don’t want to brew a pot.

While I wait for the kettle to heat up, I decided to try something different. Rather than red on my phone or play a short game, I decided to do some active stretching. The kids I coach often do these to get moving before practice or play.

While waiting, I did some leg kicks, not too high, but a walking kick as I moved across the family room. Then going back with some butt kicks, though walking for me rather than jogging. Some high knees, some stretching side to side.

Basically a slow version of what a high school volleyball player does. A couple minutes, just enough time for water to boil.

Posted in Blog | Tagged , , | Comments Off on Daily Coping 3 May 2022