Monitoring Changes in Permissions, Users, Roles and Logins

VN:RO [1.9.17_1161]
Rating: 4.0/5 (5 votes cast)
5
1,437 0
Reports the number of changes to logins, users, roles in the past 10 minutes. It measures every change but doesn’t tell you if this is a drift from what it should be, since it might only be a permission being temporarily created and then revoked. First, create the following function in the database on the […] Read more

Detect Suspicious Errors Typical of a SQL Injection Attack

VN:RO [1.9.17_1161]
Rating: 4.8/5 (5 votes cast)
5
1,842 0
Detects errors characteristic of a possible SQL Injection attack, or other attempts to gain illicit access to a database server. Returns the number of errors detected in the last 20 minutes. First, create an Extended Events session on the monitored SQL Server instance: [crayon-5dd7d4de1780a058327769/] Start the event session, like this: [crayon-5dd7d4de1780f627011167/] Read more

Default user service account

VN:RO [1.9.17_1161]
Rating: 5.0/5 (4 votes cast)
4
15,416 0
This metric checks whether SQL Server services are running under any of the default accounts, such as localsystem. Using a default account for SQL Server services can be a security risk. Read more

Default TCP Port

VN:RO [1.9.17_1161]
Rating: 3.0/5 (1 vote cast)
1
7,780 0
This metric checks whether your SQL Server installation is using the default TCP port, which is a known security risk. Read more