Feed aggregator

I attended two events this week that used the term “analytics” to describe a performance tuning feature that displays metrics in various useful ways.

On Tuesday, I attended a Delphix 4.0 Webinar where Delphix’s CTO Adam Leventhal described the new Delphix Analytics including the very interesting Latency Heat Map.  The latency heat map looked like a customer usable front end to the sort of performance information that Delphix support had collected when I worked with them on some network issues.  In this case the word analytics seems to mean the ability to look at the performance information in an easy to understand visual way that you can customize to see various perspectives. such as NFS latency, disk latency, etc.

Yesterday, Oracle gave us a four-hour on site OEM 12c seminar which included “ASH analytics”.  It was similar to the Delphix analytics in that you could see performance information visually and choose among various dimensions – machine, wait, session id, etc.

Perhaps Delphix and Oracle drew from business reporting – cubes, dimensions, drilling down – and applied the approach to performance information.  I have not used either example to solve a real problem so I can not vouch for the usefulness of either, but I thought it was an interesting coincidence that I ran into two such similar features in the same week.

- Bobby

1. Go to /agent_inst/sysman/config
2. Open emd.properties file and
3. Change this line EMAGENT_PERL_TRACE_LEVEL=INFO to EMAGENT_PERL_TRACE_LEVEL=DEBUG
4. Restart agent
5. Run discovery again and send us /agent_inst/sysman/log/emagent_perl.trc file.

Just one of those little snippets to cover something new and remind of something old. A single session can now have three (or more) temporary tablespaces in use at the same time for different reasons.

• In 12c you can set parameter temp_undo_enabled to true, at which point the undo relating to global temporary tables (GTTs) will be written into the database default temporary tablespace, which means it won’t generate redo. As an interesting side effect this also means that you can do DML on temporary objects in a physical standby database. Currently the undo segment shows as type “UNDEFINED” in v$sort_usage. A detail to watch out for, though – it looks as if each session may get its own temporary undo segment – so be careful about specifying the extent size and tempfile size for the database default temporary tablespace.
• In 11g you can specify a tablespace (though not a tablespace group) in the ‘create global temporary table’ statement, which means you keep activity about GTTs separated from the I/O resulting from sorts and hash joins etc. spilling to disc; in fact you could specify a different temporary tablespace for every GTT if you wanted to – and I could imagine a case for having a couple of different temporary tablespaces to accommodate GTTs with very different usage characteristics. (Unfortunately you still can’t specify a tablespace in the dbms_lob.create_temporary() function).  If you don’t specify a tablespace for a GTT it will go into the default temporary tablespace of the user who is using it (not the database default, and not the default for the definer of the GTT). If you create indexes on a GTT they will automatically go into the same tablespace as the table.
• Finally, of course, there’s the default temporary tablespace for the user and this is where GTTs will go if they don’t have a tablespace specified, and where all the scratch data (sorts, hash tables, factored subqueries et. al.) will go.

This combination means, of course, that you could manage to do a single “insert as select” writing a GTT to one temporary tablespace, with its undo going to a second temporary tablespace, and the spill from a sort or hash join in the select going to a third. The flexibility probably won’t make much difference to performance (for most people), but it’s possible that it will make it easier to monitor where the work is coming from if you’r ever in the position where your single temporary tablespace is subject to a lot of I/O.

In the past I’ve advised DBAs to set up a small number of tablespaces (or tablespace groups) so that they can allocate different classes of users – typically grouped by business function – to different temporary tablespaces. The ability to allocate GTTs to temporary tablespaces allows a further degree of refinement to this strategy.

export ORACLE_BASE=/u01/app/oracle
export FMW_HOME=$ORACLE_BASE/Middleware/11.1.1
export ORACLE_COMMOD=$FMW_HOME/oracle_common/modules
export XDK_HOME=$ORACLE_COMMOD/oracle.xdk_11.1.0
export NLSRTL_HOME=$ORACLE_COMMOD/oracle.nlsrtl_11.1.0
export CLASS_PATH=$XDK_HOME/xquery.jar:$XDK_HOME/xmlparserv2.jar:$NLSRTL_HOME/orai18n-collation.jar
java -cp $CLASS_PATH oracle.xquery.XQLPlus $*

This Log Buffer Editions encompasses the wide arena of Oracle, SQL Server, and MySQL databases and what bloggers are saying about them.

Oracle:

David Peake recently announced an updated APEX 5.x Statement of Direction.

Finished reading 12c Concepts manual.

What MLB Season Scheduling Means to Your Supply Chain.

SQL for date ranges, gaps and overlaps.

Mandated Third Party Static Analysis: Bad Public Policy, Bad Security.

SQL Server:

If you need to architect a multi-tenant Analysis Services project, what are your options?

With the right tools, it is possible to rapidly deploy upgraded databases.

Using the Statistical Program R for Running Statistics .

Why I Developed SQL Code Guard: A Fairy Tale from a DBA.

Adding SQL Server AlwaysOn to existing Failover Clusters.

MySQL:

Ghosts of MySQL past, part 8.1: Five Years.

Insert benchmark for InnoDB, MongoDB and TokuMX and flash storage.

Database benchmarks are hard but not useless.

MySQL Workbench 6.1: Performance Schema Reports.

How to use the ClusterControl REST API to automate your Database Cluster.

As the first post in Integrigy’s blog series on OBIEE security, it makes sense to first look at WebLogic. As a Fusion Middleware 11g product, OBIEE 11g uses Oracle WebLogic for centralized common services, including a common security model. WebLogic itself is a scalable, enterprise-ready Java Platform, Enterprise Edition (Java EE) application server. The WebLogic Server infrastructure is based on a Service Oriented Architecture (SOA) which allows it to be the foundation for many different types of applications.  Oracle Corporation describes the WebLogic Server security architecture as “providing a comprehensive, flexible security infrastructure designed to address the security challenges of making applications available on the Web.”

Our webinar on 19-March will review OBIEE security, please register through the link below if you are interested.

When considering WebLogic security, the following points should be kept in mind:

Before installing WebLogic, have an expert review network services to ensure that a malicious attacker cannot access the operating system or system-level commands. Use a DMZ if exposing OBIEE functionality on the Internet. Also use SSL to protect client communications and configure all Fusion Middleware Applications to use SSL.  The OHS web services commonly use 4443 (not 7777) on the firewall and 9704 internally for OBIEE reporting services.

Many OBIEE implementations take advantage of mobile access outside the firewall (e.g. iPad or tablets). The OBIEE mobile interface uses the same authentication within WebLogic. No additional authentication configurations are required.

WebLogic should be installed and started by a single operating user purposely created to support WebLogic. If possible avoid choosing an obvious name for this user. Do not use demo or sample user accounts and passwords.

As a security best practice, WebLogic must not be run as a privileged user or as root. For UNIX installations this requires additional steps to be taken because with UNIX, only processes that run under a privileged user account (usually root) can bind to ports lower than 1024.  Because WebLogic, as an Application Server is a long running process that needs to communicate on lower ports such as 80 or 443, there are two commonly used options:

• Start WebLogic under the privileged user account, bind to the privileged ports, and then change its user ID to a non-privileged account
• Start WebLogic using a non-privileged account and configure the firewall to use Network Address Translation (NAT) software to map protected ports to unprotected ones

Only install WebLogic on a host that can prevent unauthorized access to protected resources. For example, on a Windows computer, use only NTFS. Access to the WebLogic configuration files must be carefully restricted to the WebLogic administrators, ideally on an as needed basis only. No other operating system user should have read, write, or execute access to WebLogic Server product files or domain files.

The file permissions for the following directories are critical for securing WebLogic. These directories should be appropriately restricted:

• Middleware Home directory
• WebLogic Server product installation directory
• WebLogic domain directories
• Persistence Store

If you have questions, please contact us at info@integrigy.com

 -Michael Miller, CISSP-ISSMP

• Register for March 19th Webinar: OBIEE Security Examined
• Collaborate 2014 session OAUG – #14366 OBIEE Security Examined, Friday, April 11, 12:15pm

Did you ever encounter unexplained Oracle lock issues? They may be coming from unindexed foreign keys (which is worse in 11g). It's not easy to monitor. Of course you can check Oracle locks from V$LOCKED_OBJECT, but that is a solution only for locks that remain. Some Oracle locks are there only for a short duration. How do you check which lock is acquired by a statement?

Event 10704 is the solution. I'll show some examples in order to explain which lines from the trace are interresting, and how to interpret them.

This asset is available as a pdf here.

Here’s an example of where the optimizer really should ignore a hint.

I’m testing an implementation of deliberately unusable index partitions – i.e. some empty index partitions, some usable.

This is 11.2.0.3 so whilst there are enhancements in 12c, they’re no use here.

SQL> create table t1
  2  (col1 number)
  3  partition by list(col1)
  4  (partition p0 values(0),
  5   partition pdef values(default));

Table created.

SQL> create index i1 on t1 (col1) local unusable;

Index created.

SQL> alter index i1 rebuild partition pdef;

Index altered.

SQL> select * from t1;

no rows selected

SQL> select * from t1 partition (p0);

no rows selected

SQL> select /*+ index(t1 i1) */ * from t1 partition (p0);

no rows selected

SQL> select * from t1 where col1 = 0;

no rows selected

SQL> select /*+ index(t1 i1) */ * from t1 where col1 = 0;
select /*+ index(t1 i1) */ * from t1 where col1 = 0
*
ERROR at line 1:
ORA-01502: index 'I1' or partition of such index is in unusable state

SQL>

Our Japanese team enjoyed the infographic we created so much that they had it translated for their customers. 

The Importance of Providing the Best Online Multichannel User Experience

PDF version available for download here. 

English version here

Oracle SQL Developer provides access to data and code from other database systems than Oracle

If you run Sybase procedures (or Microsoft SQL Server I suppose), you cannot use the BEGIN / DECLARE / EXEC in anonymous blocks

begin
  print 'HELLO'
end

Error starting at line : 1 in command -
begin
  print 'HELLO'
end
Error report -
Incorrect syntax near the keyword 'begin'.

exec p

Error starting at line : 1 in command -
exec p
Error report -
Incorrect syntax near the keyword 'BEGIN'.

Ô rage ô désespoir!

But actually there is a way to twist the syntax so that it does not look like an oracle exec !

But in fact you create a procedure with CREATE PROCEDURE and end the procedure with a slash. Within the procedure you can use all the keywords you want. To call a procedure, do not use the exec keyword

set echo on

drop procedure p1
/

drop procedure p2
/

create procedure p1 as
return 123
/

create procedure p2 as
declare @x int, @y varchar(255)
exec @x = p1
set @y = convert(varchar(255), @x)
print @y
/

p2

> drop procedure p1
procedure P1 dropped.
> drop procedure p2
procedure P2 dropped.
> create procedure p1 as
return 123
PROCEDURE P1 compiled
> create procedure p2 as
declare @x int, @y varchar(255)
exec @x = p1
set @y = convert(varchar(255), @x)
print @y
PROCEDURE P2 compiled
> p2
123

Okay, it looks a bit like a sqlplus mutant, but it does the trick sometimes when you need to only call a procedure and get it’s return code.

The sames applies for other rdbms, here db2

set echo on 

drop procedure p
/

CREATE PROCEDURE P
LANGUAGE SQL 
P1: BEGIN 
  DECLARE X int; 
END P1 
/

call p

> drop procedure p
procedure P dropped.
> CREATE PROCEDURE P
LANGUAGE SQL 
P1: BEGIN 
  DECLARE X int; 
END P1 
PROCEDURE P compiled
> call p
call p

I wrote a post several weeks ago about UF Online, partially based on a phone interview with the executive director Betty Phillips.

Several weeks ago the University of Florida Online program opened for the Spring 2014 semester, accepting 600 transfer students, and the new program will accept Freshmen starting August 2014. This announcement comes just 2 years after the Florida legislature commissioned a study from the Parthenon Group on how to best leverage online programs in the state, and this program is probably one of the highest profile new online programs in the US within the past few years (along with California’s online initiative, Open SUNY, SJSU / Udacity and GaTech / Udacity). [snip]

What UF Online is, however, is an exclusively-online baccalaureate program leading to a UF degree for lower costs than the traditional on-campus experience. This is about expanding capacity and access to a research university, and the program aims to meet the same academic standards as the traditional UF experience . . .

Well it seems like the situation in Florida changes rapidly in multiple directions. Just two and half months after she officially took the new position, Betty Phillips has abruptly resigned. By all appearances, this move was unexpected as the University of Florida appears to have been caught flat-footed. The Gainesville Sun reports:

But less than three months after she officially began as director of UF Online on Jan. 1, Phillips — the wife of former UF Senior Vice President and COO Win Phillips — is no longer in charge of that program.

In an administrative memo sent out to faculty after 9 p.m. Tuesday, UF Provost Joe Glover didn’t even mention Betty Capaldi Phillips by name.

“Due to changes in personnel, effective immediately, Associate Provost Andy McCollough will become responsible for the administration of UF Online. Consequently, issues related to this program should be directed to his attention,” Glover’s memo said.

The memo was not posted on the Administrative Memo web page until late Wednesday afternoon.

The article describes that Phillips plans to return to ASU in a teaching role, focusing on research into personalized learning. I’m not sure if personal or HR issues were involved, but the article described other details:

Phillips had given up her job as provost and executive vice president of ASU — a position she held since 2006. She took a substantial pay cut to return to UF — from the $425,000 she earned as provost at ASU to $285,000 salary to run the online program here.

Meanwhile, her husband, Win Phillips, stepped down as COO in December and took a position with Innovation Square, UF’s technology startup incubator downtown.

When I did my interview, I had asked about the UF Online staff now that the program has started (they accepted 583 transfer students in January). Phillips’ replied that there was only two people, including herself. This resignation is much more significant than a single leader of a functioning program office departing – this is a complete change of the program office.

I’ll share more information as it becomes available.

Update (3/14): Carl Straumsheim has an article at IHE today that includes interviews with Andy McCollough from UF and Todd Hitchcock from Pearson. It’s well worth reading.

Until Florida can fill the position, W. Andrew McCollough, associate provost for teaching and technology, will lead UF Online. He said Phillips has chosen to return to ASU as a faculty member.

“She, in discussing the matter with me, had evinced after she had gotten herself immersed in the management of and the directing of UF Online that her first love at this point was functioning as a faculty member and doing research on online learning,” McCollough said. “It became evident to her that she would have difficulties fitting that preference into her waking hours here at the university.” [snip]

“The work doesn’t stop because the person in the director’s seat changes,” McCollough said. “The truth of the matter is in the work that is being done by faculty and instructional designers and videographers and web developers and marketing. The people that are doing the real work continue to do the real work.”

I personally think the explanations are part of the story – something doesn’t add up here.

The post Major Change at UF Online: Exec director abruptly resigns appeared first on e-Literate.

One thing that bugs me is browser security.  When I access Oracle Enterprise Manager 12c (OEM12c) through a browser and get the certificate error (Image 1), it just pushes my buttons.   Why not ship a valid certificate with OEM12c?  In reality, the problem is not with OEM12c; it is actually with the browser you choose to use.  In my case, I use Google Chrome a lot with OEM12c.  So how can I get rid of this security certificate warning?

Image 1:

To get rid of this warning message, the security certificate needs to be installed in the browser.  Where can I get the security certificate? 

Within Google Chrome, if I right click on the lock (Image 2).

Image 2:

I’m presented with a menu (Image 3).  From this menu, I can see that the connection has not been verified.

Image 3:

If I click on the “Certificate Information” link, I’m taken to an information dialog about the certificate (Image 4).  The information provided, clearly states that the certificate could not be verified to a trusted certification authority.

Image 4:

Obviously,  I need to add the certificate as a trusted authority.  In order to do this, I need to first save the certificate to my hard drive.  This is done from the Details tab (Image 5), you will see a Copy to File option.

Image 5:

When clicking on the Copy to File option, it takes me to the Certificate Export wizards (Image 6). Using this wizard, I need to export the certificate to my desktop.

Image 6:

I typically export the certificate in a X.509 format (Base –64) (Image 7). 

Image 7:

Lastly, I save the certificate to my desktop (Image 8):

Image 8:

Finally, close the certificate wizard (Image 9).

Image 9:

Now that I have the certificate saved to my desktop, I can import the certificate into the browser as a trusted authority.  In order to do this Google Chrome, I need to go to the Settings page in Chrome (Image 10).

Image 10:

Once on the Settings page, I open the Show Advanced Settings (Image 11) and look for HTTPS/SSL  (Image 12) to manage certificates.

Image 11:

Image 12:

Clicking the Manage Certificates button will open the Certificates dialog (Image 13). I then need to go to the Trusted Root Certification Authorities tab.  On this table I see an import button that I can use to import the certificate I saved to my desktop.

Image 13:

Using the import wizard (not pictured), I can import the certificate as a trusted certificate.  As part of the import, I receive a Security Warning, clicking Yes will install the certificate (Image 14).

Image 14:

Now that the certificate is installed, the next time I attempt to access fred.acme.com to work with OEM12c, I go directly to the login page (Image 15).

Image 15:

If you want to know how to install the certificate for Internet Explorer or Firefox, the steps can be found here.

Enjoy!

twitter: @dbasolved

blog: http://dbasolved.com