Detect MrbMiner Malware

 3,346 0
Install metric...

Metrics install automatically if you have Redgate Monitor installed.

If you are using Redgate’s SQL Server monitoring tool, Redgate Monitor, you can instantly install and run this metric on your servers.

This metric looks for the presence of the MrbMiner malware by checking for an account in sys.sql_logins.

Additional information: https://www.zdnet.com/article/new-mrbminer-malware-has-infected-thousands-of-mssql-databases/

Metric definition

Name

DetectMrbMinerMalware

Description

This metric looks for the presence of the MrbMiner malware by checking for an account in sys.sql_logins.

The T-SQL query that will collect data

Instances to collect from

select all

Databases to collect from

master

Collection frequency

5 mins

Use collected or calculated values

Leave the Use a calculated rate of change between collections check box unchecked

Metric collection

Enabled

Alert definition

Alert name

MrbMiner Malware Detected

Description

An account has been detected that is associated with the MrbMiner malware.

Raise an alert when the metric value goes

above the defined threshholds

Default threshold values

High:0
Medium:
Low:

Raise an alert when the threshold is passed for

collections

Alert is

Enabled

3,346 Rate
Click to rate this post!
[Total: 1 Average: 1]

What are custom metrics?

The Redgate Monitor custom metric feature lets you run T-SQL queries against your SQL Servers to collect specific data. You can analyze and receive alerts about your custom data just like everything else Redgate Monitor collects.

But what if you don’t want to write your own queries? No problem. Redgate has brought together a range of quality custom metrics for you to use in Redgate Monitor, which are all are free, tried and tested. You can install straight away, and use the resources on this site to help you write your own.

See the Getting Started guides

What is Redgate Monitor?

Redgate Monitor is a SQL Server performance monitoring tool that gives you real-time and historical SQL Server performance data with alerts and diagnostics.

With its embedded expertise from SQL Server experts and MVPs, it gives you the information and advice you need to find and fix issues before users are even aware.

Find out more about Redgate Monitor

Featured custom metrics

  • Total database file size

    by Hugo Kornelis | 8,256 views |

    This custom metric measures the total database file size (data files and log file combined). An increase in this metric signals that a database was grown. When not done by the DBA, this is an autogrow. Excessive autogrow events should be prevented as this can result to file fragmentation. Try to manually grow files before […] Read more

  • Number of active backups and restores

    by Redgate Monitor Team | 6,311 views |

    This metric will display the total number of active backups and restores on a server. This can be used to correlate with other metrics to explain why disk IO and CPU usage could have changed. Read more

  • Full backup to odd path

    by Eelco Drost | 5,723 views |

    This custom metric queries the MSDB database to search for multiple paths for a full backup Read more

See all custom metrics

Find metrics

See all metrics