Monitor Database Events

VN:RO [1.9.17_1161]
Rating: 5.0/5 (1 vote cast)
1
423 0 ,
This metric queries data from an Extended Events session to detect databases being dropped, created, started, stopped, attached or detached. It assigns a configurable “anxiety index” value (an integer from 1-10) to each detected event and then calculates a total based on the occurrences of these events over a period. First, create and start for […] Read more

Monitoring Changes in Permissions, Users, Roles and Logins

VN:RO [1.9.17_1161]
Rating: 4.0/5 (5 votes cast)
5
2,078 0
Reports the number of changes to logins, users, roles in the past 10 minutes. It measures every change but doesn’t tell you if this is a drift from what it should be, since it might only be a permission being temporarily created and then revoked. First, create the following function in the database on the […] Read more

Detect Suspicious Errors Typical of a SQL Injection Attack

VN:RO [1.9.17_1161]
Rating: 4.8/5 (5 votes cast)
5
2,692 0
Detects errors characteristic of a possible SQL Injection attack, or other attempts to gain illicit access to a database server. Returns the number of errors detected in the last 20 minutes. First, create an Extended Events session on the monitored SQL Server instance: [crayon-5effbb32e23f3561785630/] Start the event session, like this: [crayon-5effbb32e23f8190033902/] Read more

Default user service account

VN:RO [1.9.17_1161]
Rating: 5.0/5 (4 votes cast)
4
15,848 0
This metric checks whether SQL Server services are running under any of the default accounts, such as localsystem. Using a default account for SQL Server services can be a security risk. Read more

Default TCP Port

VN:RO [1.9.17_1161]
Rating: 3.0/5 (1 vote cast)
1
8,078 0
This metric checks whether your SQL Server installation is using the default TCP port, which is a known security risk. Read more