This metric identifies when an object has been changed by other than the authorized login. It relies on an Extended Events session to capture the metrics and filters for a specific login. This is a tweak to this custom metric. Here is the necessary Extended Events Session (substitute the appropriate login for the ‘LoginName’ string. […] Read more
This metric looks for the presence of the MrbMiner malware by checking for an account in sys.sql_logins. Additional information: https://www.zdnet.com/article/new-mrbminer-malware-has-infected-thousands-of-mssql-databases/ Read more
This metric queries data from an Extended Events session to detect databases being dropped, created, started, stopped, attached or detached. It assigns a configurable “anxiety index” value (an integer from 1-10) to each detected event and then calculates a total based on the occurrences of these events over a period. First, create and start for […] Read more
Reports the number of changes to logins, users, roles in the past 10 minutes. It measures every change but doesn’t tell you if this is a drift from what it should be, since it might only be a permission being temporarily created and then revoked. First, create the following function in the database on the […] Read more
Reports the number of server or database configuration option changes in the past five minutes. First, create the following Extended Event session on the monitored SQL Server instance: [crayon-6072ca8cb6d4b207624127/] Read more
Reports the number database object changes (create, alter or drop) in last 30 mins. First, create the following Extended Event session on the monitored SQL Server instance: [crayon-6072ca8cb6ed2057736955/] Read more
Detects errors characteristic of a possible SQL Injection attack, or other attempts to gain illicit access to a database server. Returns the number of errors detected in the last 20 minutes. First, create an Extended Events session on the monitored SQL Server instance: [crayon-6072ca8cb703a611493840/] Start the event session, like this: [crayon-6072ca8cb7040119852459/] Read more
This metric checks whether your SQL Server installation is using the default TCP port, which is a known security risk. Read more
What are custom metrics?
The SQL Monitor custom metric feature lets you run T-SQL queries against your SQL Servers to collect specific data. You can analyze and receive alerts about your custom data just like everything else SQL Monitor collects.
But what if you don’t want to write your own queries? No problem. Redgate has brought together a range of quality custom metrics for you to use in SQL Monitor, which are all are free, tried and tested. You can install straight away, and use the resources on this site to help you write your own.
This custom metric measures the total database file size (data files and log file combined). An increase in this metric signals that a database was grown. When not done by the DBA, this is an autogrow. Excessive autogrow events should be prevented as this can result to file fragmentation. Try to manually grow files before […] Read more
This metric will display the total number of active backups and restores on a server. This can be used to correlate with other metrics to explain why disk IO and CPU usage could have changed. Read more