MSSQLTips: Tip #51 – Alerts and Notifications for SQL Server Login, Database User and Role Membership Changes

Featured

SQL Server security monitoring is a critical part of the Database Administrator’s job. Some security related alerts could be setup very easy, but others require third-party tools or extra steps to setup. For example, SQL Server Audit can be used to monitor logins or users modification, but it requires audit log review. We would like to get real-time alerts every time a login or a user is created or added to a server or a database role, how can this be done?

In this tip we will provide steps and scripts for setting up WMI alerts and jobs responding to these alerts to monitor the creation and removal of users and logins as well as server and database roles membership changes.

Please read the latest MSSQLTips post: “Alerts and Notifications for SQL Server Login, Database User and Role Membership Changes“.

Check out all of my tips here: http://www.mssqltips.com/sqlserverauthor/94/svetlana-golovko/.

Share

MSSQLTips: Tip #50 – Different ways to sort multi-server SQL Server query results using Central Management Server

Featured

Central Management Server (CMS) is a SQL Server feature that allows you to manage multiple SQL Servers at the same time. You can run T-SQL scripts or execute Policy-Based Management policies on multiple servers. You can also group SQL Servers and run the scripts on a specific group of SQL Servers.

How else can CMS be used? How can we overcome some of the limitations when we run queries against CMS Server Groups?

In this tip we will show you a couple of CMS tricks. In our examples below we will show how you can sort the CMS query results for different scenarios. We will also provide a couple of examples of alternative uses of CMS.

Please read the latest MSSQLTips post: “Different ways to sort multi-server SQL Server query results using Central Management Server“.

Check out all of my tips here: http://www.mssqltips.com/sqlserverauthor/94/svetlana-golovko/.

Share

MSSQLTips: Tip #49 – SQL Servers Assessment for the Meltdown and Spectre Vulnerabilities

Featured

2018 started out with bad news for most IT professionals. A new “speculative execution side-channel attacks” vulnerability affected many modern processors and operating systems. This vulnerability is very complex and requires patching on many layers, including hardware, operating systems and the application layer.

Database Administrators (DBAs) have to be prepared to patch every SQL Server starting with SQL Server version 2008 and the recommended patching procedure is different for different servers depending on SQL Server configuration settings and features used.

How can we determine what servers are affected and what steps should we take to protect SQL Server?

In this tip we will provide a “Meltdown/Spectre SQL Server Assessment Script” that you can run in Central Management Server (CMS) against all of your SQL Servers. This script will produce a report with recommendations/scenarios for patching and display configurations/features that are not secure and enabled on SQL Server.

Then we will provide a couple of remediation steps to review unsecure use cases.

After remediation we will run the Main Assessment Script again and review the final recommendations.

Please read the latest MSSQLTips post: “SQL Servers Assessment for the Meltdown and Spectre Vulnerabilities“.

Check out all of my tips here: http://www.mssqltips.com/sqlserverauthor/94/svetlana-golovko/.

Share

MSSQLTips: Tip #48 – SQL Server Database Mail Health Check with Policy Based Management

Featured

Email alerting is an important feature that helps to automate a lot of Database Administration tasks. How can we be sure that Database Mail works properly? If there is email problem there is no another email that will notify us of an issue and it could be days before we realize that there is a problem.

In this tip we will provide a solution to check all of your servers for the different types of Database Mail issues. We are going to use Policy-Based Management (PBM) to perform these checks.

Please read the latest MSSQLTips post: “SQL Server Database Mail Health Check with Policy Based Management“.

Check out all of my tips here: http://www.mssqltips.com/sqlserverauthor/94/svetlana-golovko/.

Share

MSSQLTips: Tip #47 – SQL Server Database Mail Health Check for all SQL Servers

Featured

Most of the SQL Server DBAs will agree that we rely on email alerts too much. Tasks are automated, we have emails notifying us of failed jobs, of errors, etc. But how can we be sure that emails are always sent? If there is an email problem there is not another email that will notify us of an issue and it could be days before we realize that there is a problem.

In this tip we will provide a solution to monitor all of your servers for the different types of Database Mail issues. We will provide a T-SQL script that is executed with a PowerShell script. The PowerShell script can be scheduled to run on a Central Management Server (CMS) or another SQL Server. In our example we will run it once a day to check the Database Mail health, but you can modify it and run it every hour or as often as you need.

Please read the latest MSSQLTips post: “SQL Server Database Mail Health Check for all SQL Servers“.

Check out all of my tips here: http://www.mssqltips.com/sqlserverauthor/94/svetlana-golovko/.

Share

MSSQLTips: Tip #43 – SQL Server Agent Jobs Monitoring Script

Featured

Problems with SQL Server Agent Jobs can lead to missing backups, missing notifications about a failed job and sometimes missing mission critical tasks that are run as scheduled jobs.

Some of the common SQL Server Agent Job problems are described in other MSSQLTips tips. In this tip we have provided a single script that will check the jobs for a number of issues including:

  • Disabled SQL Server Agent Jobs
  • Failed SQL Server Agent Jobs or Job Steps
  • SQL Server Agent Jobs without a Description
  • SQL Server Agent Jobs without Schedules
  • Disabled SQL Server Agent Job Schedules
  • SQL Server Agent Jobs without Categories
  • SQL Server Agent Jobs Owned by a DBA or Other Privileged User
  • SQL Server Agent Jobs with no Owner or Owner Login is Denied “CONNECT TO SQL”
  • No SQL Server Agent Notifications on Job Failure or Completion
  • SQL Server Agent Operators Issues
  • SQL Server Agent Missing Job History
  • Potential SQL Server Agent Job Step Issue or Step Won’t Execute

Please read the latest MSSQLTips post: “SQL Server Agent Jobs Monitoring Script“.

Check out all of my tips here: http://www.mssqltips.com/sqlserverauthor/94/svetlana-golovko/.

Share

MSSQL Tips: Tip #20 – Monitor SQL Server Master Database Changes with WMI Alerts

In this new tip you will find out how to setup monitoring of the master database and get real time notifications when the new objects created there.

Please read the latest MSSQL Tip: “Monitor SQL Server Master Database Changes with WMI Alerts“.

Check out all of my tips here: http://www.mssqltips.com/sqlserverauthor/94/svetlana-golovko/.

Share

MSDB log file max size reset after SQL Patches

I have encountered this several times already after different Cumulative Updates/Service Packs…

We set fixed maximum size for SQL Server databases and update the max size when required. But after installing Service Pack and Cumulative Updates the maximum size is reset to 2,097,152 MB for the MSDB log file:
max size - msdb log

I am going to submit this issue to the Microsoft Connect (hopefully it still works and active) or check if somebody else had similar issues. As this happens only with one system database and only with one file I would suspect that this is a bug.

This is just something to watch out and remember to review after SQL Server patching if you use fixed maximum files sizes.

Share

About usefulness of trivial tasks

I just wanted to share a story that one of my friends-DBAs shared with me.

So, they have internal DBAs responsible for the part of the environment and remote/external DBAs that look after another part of the environment.
In most cases these two groups do not look after each others environments and their responsibilities do not criss-cross. But my curious friend one day decided to do a little disk cleanup/checkup (from the old backups etc.) and discovered that archive logs for one of the mission critical databases have not been cleaned up for a year. The database was under the external group supervision.
After a short investigation my friend discovered that the database didn’t have backups for a year!

The moral is:
1) Even simple trivial tasks can sometimes help you to discover flows
2) Do not rely on third party contractors even if they have a very good reputation. Make an occasional checks. It wouldn’t heart to add a couple more servers to the monitoring.

Share

MSSQL Tips: Tip #18 – Using Policy Based Management for SQL Server Availability Groups Data Loss Alerts

This tip is again on my favorite topic – Policy Based Management.

Please read the latest MSSQL Tip: “Using Policy Based Management for SQL Server Availability Groups Data Loss Alerts“.

Check out all of my tips here: http://www.mssqltips.com/sqlserverauthor/94/svetlana-golovko/.

Share