• State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 25 subscribers
  • Views 1214 views
  • Users 0 members are here
Options
Related
This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

finding SQL with a string

nicolasdiogo

hello

sorry for the title of this question - please suggest an update.

We have a situation that requires an audit, and since DPA has been collecting details on the SQL Scripts run on the server.

I would like to find out if it would be possible to find a query that contains a given string? (eg: an object name {table, view, procedure, function})

It would be great if DPA could assist us in this kind of scenario.

Thanks a lot,

Nicolas

  • 0

    There are a couple of ways to do that.  Is your repository running Oracle or something else?  You can use the repo query tool (options .. support .. database query tool)  to determine which id you are interested based on the name of the database you want to search.  You then search const_xx on the st field for the string you want to find...

    select id,name from cond where name like '%MY_DB_NAME_HERE%';

    select st from const_ID_FROM_ABOVE_QUERY where upper(st) like '%STRING_YOU_WISH_TO_SEARCH%';

    If you have Oracle for the repository, you can do all of the regular expression matching as well.  Other engines may have that ability, but I don't know about it.

  • 0 in reply to deedsd

    Thanks very much for that.

    i have found the queries. and one that i was particularly interested on.

    what is the way to link the query with the username used for running this query?

    thanks,

  • 0 in reply to nicolasdiogo

    I don't know how to map it back to a username.  I don't have the DPA ERD emoticons_cry.png.

    I usually hit conss_xx for the datestamps for the particular SQL hash you can pull from above, and then use the GUI to figure out which users were running the statement.  Solarwinds Support might be willing to help you get the data from the repo tables, I would suggest you open a case on it.

  • 0 in reply to deedsd

    If you have the SQL hash value stored in DPA, you can get the user running it using the following:

    select st, h from const_ID_FROM_ABOVE_QUERY where upper(st) like '%STRING_YOU_WISH_TO_SEARCH%';

    -- using the h for the hash from that query:

    select name from conu_xx, consw_xx where consw_xx.izho = <hash value from above> and conu_xx.id = consw_xx.xcuw;

    Sorry for the cryptic naming...  I like deedsd answer also.

    CAVEAT:  DPA was not meant to be used as an auditing tool.  We poll once every second and can miss executions of SQL statements.  We are focused on performance/tuning.

  • 0 in reply to deedsd

    Deedsd Can you Please Help Me?

    select id,name from cond where name like '%SolarWindsOrion%';

    select st from const_ID_FROM_ABOVE_QUERY where upper(st) like '%AIR-CAP3501I-E-K9%';

    Error Message;

    Msg 208, Level 16, State 1, Line 1

    Invalid object name 'cond'.

    With my very limited knowledge of SQL, I am trying to find out what Tables with the SolarWinds SQL Database have the Wi-Fi Access Point Model Number AIR-CAP3501I-E-K9 for another Inventory Report.

    Can you please advise how I may resolve the Error Message Invalid object name 'cond'?

    Thank you in advance for your support.

SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 195,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.

SolarWinds Customer Success Center Certification Media Vault Link Accounts
About THWACK Blogs For Government Edit Settings Free Tools & Trials
Legal Documents Terms of Use Privacy California Privacy Rights Security Information
©2024 SolarWinds Worldwide, LLC. All Rights Reserved.