Documentation

Configuring MS SQL Server database monitoring

On the page

Need some help?

Create an MS-SQL Server user

Create a user on the MS SQL Server that will be used for accessing the database that you want to monitor. This user has the minimum rights to access system information about the instance and databases.
The user can then be set up as an MS SQL monitoring account in the ServiceNav application.
A domain user is preferred to an 'sa' user.
Run the following script on theMS SQL Server instance that you want to monitor, or alternatively perform the configuration from the Microsoft SQL Server Management Studio console.
The script performs the following configuration tasks:
  • user creation
  • authorised user access to system state information of the Microsoft SQL Server instance
  • on each database of the instance except master, tempdb, msdb:
    • creation of the role indicated in the parameter
    • following rights granted to the role: execution on the database, definition view, database state view
    • creation of the user and addition of the role for the user
Before running it, the following lines must be edited with the user's login information.
DECLARE @dbname VARCHAR(255)
DECLARES @check_mssql_health_USER VARCHAR(255)
DECLARES @check_mssql_health_PASS VARCHAR(255)
DECLARES @check_mssql_health_ROLE VARCHAR(255)
DECLARE @source VARCHAR(255)
DECLARES @options VARCHAR(255)
DECLARE @backslash INT

/*******************************************************************/
SET @check_mssql_health_USER = '"[Servername|Domainname]Username"'
SET @check_mssql_health_PASS = 'Password'
SET @check_mssql_health_ROLE = 'ServiceNavMonitoring'
/*******************************************************************

Please modify the above values with your information.

- Example for Windows authentication:
SET @check_mssql_health_USER = ''[Servername|Domainname]Username"'
Do not omit the ".
SET @check_mssql_health_ROLE = 'Rolename'.

- Example for SQLServer authentication:
SET @check_mssql_health_USER = 'Username'.
SET @check_mssql_health_PASS = 'Password'.
SET @check_mssql_health_ROLE = 'Rolename

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
It is strongly recommended to use a windows authentication
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

*************** NO NEED TO CHANGE ANYTHING BELOW THIS LINE *******************/

SET @options = 'DEFAULT_DATABASE=MASTER, DEFAULT_LANGUAGE=English'.
SET @backslash = (SELECT CHARINDEX('', @check_mssql_health_USER))
IF @backslash > 0
BEGIN
SET @source = ' FROM WINDOWS'.
SET @options = ' WITH ' + @options
END
ELSE
BEGIN
SET @source = ''
SET @options = ' WITH PASSWORD=''' + @check_mssql_health_PASS + ''',' + @options
END

PRINT 'CREATE Nagios plugin USER ' + @check_mssql_health_USER
EXEC ('CREATE LOGIN ' + @check_mssql_health_USER + @source + @options)
EXEC ('USE MASTER GRANT VIEW SERVER STATE TO ' + @check_mssql_health_USER)
PRINT 'USER' + @check_mssql_health_USER + ' created.'
PRINT ''

declare dblist cursor for
select name from sys.databases WHERE name NOT IN ('master', 'tempdb', 'msdb') open dblist
fetch next from dblist into @dbname
while @@fetch_status = 0 begin
EXEC ('USE [' + @dbname + '] print ''GRANT permissions IN the db '' + ''"' + DB_NAME() + ''"')
EXEC ('USE [' + @dbname + '] CREATE ROLE ' + @check_mssql_health_ROLE)
EXEC ('USE [' + @dbname + '] GRANT EXECUTE TO ' + @check_mssql_health_ROLE)
EXEC ('USE [' + @dbname + '] GRANT VIEW DATABASE STATE TO ' + @check_mssql_health_ROLE)
EXEC ('USE [' + @dbname + '] GRANT VIEW DEFINITION TO ' + @check_mssql_health_ROLE)
EXEC ('USE [' + @dbname + '] CREATE USER ' + @check_mssql_health_USER + ' FOR LOGIN ' + @check_mssql_health_USER)
EXEC ('USE [' + @dbname + '] EXEC sp_addrolemember ' + @check_mssql_health_ROLE + ' , ' + @check_mssql_health_USER)
EXEC ('USE [' + @dbname + '] print ''Permissions IN the db '' + ''"' + DB_NAME() + ''" GRANTED.'')
fetch next from dblist into @dbname
end
close dblist
dblist deallocate

Configuring access to the database from the ServiceNav Box

This is done by Coservit (or the partner) for each SNB in production.

Edit the file /etc/freetds.conf.

CautionThe freetds.conf file is a link to the following file : -> /usr/local/freetds/etc/freetds.conf

[global]
# TDS protocol version
# tds version = 4.2
tds version = 7.0

[LOGIN_NAME]
    host = fqdn or @IP
    port = TCP/IP port of the instance
    instance = proceeding name
    tds version = 7.0

LOGIN_NAME is important: this is the name that will be specified in services.

ServiceNav configuration

Example: Configuring the User Service "MS-SQL database-backup-age" with the objective to measure the number of hours that have elapsed since the last backup of the MS SQL Server database instance:

Configuration: the database instance, the account and password of the user with access to the database, the number of hours above which the status changes to WARNING, the number of hours above which the status changes to CRITICAL. The instance must be defined on the SNB. The user must have the serveradmin role on the instance.

ServiceNav - MS SQL database monitoring

Deleting the user

The following script is used to delete the user created earlier.

DECLARE @dbname VARCHAR(255)
 DECLARES @check_mssql_health_USER VARCHAR(255)
 DECLARES @check_mssql_health_ROLE VARCHAR(255)
 SET @check_mssql_health_USER = '"[Servername|Domainname]Username"'
 SET @check_mssql_health_ROLE = 'ServiceNavMonitoring'
 DECLARE dblist cursor FOR
 SELECT name FROM sys.databases WHERE name NOT IN ('master', 'tempdb', 'msdb') OPEN dblist
 fetch NEXT FROM dblist INTO @dbname
 while @@fetch_status = 0 BEGIN
 EXEC ('USE [' + @dbname + '] print ''Revoke permissions in the db '' + ''"' + DB_NAME() + ''"')
 EXEC ('USE [' + @dbname + '] EXEC sp_droprolemember ' + @check_mssql_health_ROLE + ' , ' + @check_mssql_health_USER)
 EXEC ('USE [' + @dbname + '] DROP USER ' + @check_mssql_health_USER)
 EXEC ('USE [' + @dbname + '] REVOKE VIEW DEFINITION TO ' + @check_mssql_health_ROLE)
 EXEC ('USE [' + @dbname + '] REVOKE VIEW DATABASE STATE TO ' + @check_mssql_health_ROLE)
 EXEC ('USE [' + @dbname + '] REVOKE EXECUTE TO ' + @check_mssql_health_ROLE)
 EXEC ('USE [' + @dbname + '] DROP ROLE ' + @check_mssql_health_ROLE)
 EXEC ('USE [' + @dbname + '] print ''Permissions in the db '' + ''"' + DB_NAME() + ''" revoked.'')
 fetch NEXT FROM dblist INTO @dbname
 END
 close dblist
 dblist deallocate
PRINT ''
PRINT 'drop Nagios plugin user ' + @check_mssql_health_USER
EXEC ('USE MASTER REVOKE VIEW SERVER STATE TO ' + @check_mssql_health_USER)
EXEC ('DROP LOGIN ' + @check_mssql_health_USER)
PRINT 'User' + @check_mssql_health_USER + ' dropped.'

Help

If the tools are not installed (in the case of boxes installed directly in version 3.13.1)

On the SNB, execute the following command line. (The box must have internet access)

apt-get install freetds-bin

For all the commands below, if yours is an Ubuntu 12 version SNB, you must add "/usr/local/freetds/bin/" to the beginning of the command:

tsql -H ... becomes /usr/local/freetds/bin/tsql -H

Get the list of database instances

On the box, execute the following command line, replacing Host IP or name with the IP or name of the host:

tsql -H  -L

Validate the access account with a database instance

To validate that the account created (by you or the script above is functional).

On the box, execute the following command line, replacing by the name of the instance (in the example CONNECTION_NAME) and \ by the identifier (be careful to keep the double)

tsql -S "tag defined in freetds.conf" -U "Windows Domain"\"Login Name"

Enter the password at the system request (Password associated with the account \)

If the connection is OK, you should get a response like:

locale is "fr_EN.UTF-8"
locale charset is "UTF-8".
using default charset "UTF-8"

If the connection does not work, you get a response like :

locale is "fr_EN.UTF-8"
locale charset is "UTF-8".
using default charset "UTF-8"
Msg 18452 (severity 14, state 1) from  Line 1:
"Login failed. The login is from an untrusted domain and cannot be used with Windows authentication."
Error 20002 (severity 9):
Adaptive Server connection failed
There was a problem connecting to the server

It is then necessary to check your connection identifiers and/or your freetds file according to the message received.

Get the list of instance databases

On the box, execute the following command line, replacing by the name of the instance (in the example CONNECTION_NAME) and \ by the identifier (be careful to keep the double)

tsql -S "tag defined in freetds.conf" -U "Windows Domain"\"Login Name"

Then enter the following command lines

select name from master.dbo.sysdatabases ;

Go

The expected result should be similar to this: (The list is variable according to your database)

master
tempdb
model
msdb
BEDB

Validate database access account

On the box, execute the following command line, replacing by the name of the instance (in the example CONNECTION_NAME) and \ by the identifier (be careful to keep the double)

Then enter the following command lines (replacing with the database name)

use DATABASE_NAME ;

Go

In event of an access error you'll get a message similar to

 "The server principal "DomaineLogin" is not able to access the database "Database_Name" under the current security context."

This may also be of interest to you

How to monitor an Azure environment

Monitor Azure metrics via APIs

portal azure

1 - Prerequisites Azure and Office 365 plugins

en_US
fr_FR en_US

Welcome to ServiceNav!

Need help? More information about our products? Write to us!
You have taken note of our privacy policy.

[COVID - 19 ] - TELEWORKING, TARGET AVAILABILITY 100% !

While the epidemic lasts, ensure the availability and performance of your IT services for teleworking, with ServiceNav!

Following the government's call to mobilize to help businesses overcome the current health and economic context, we help you, free of charge, to ensure the complete monitoring of your teleworking environments: VPN, VDI, Teams, Skype Enterprise, Citrix... Objectives: collection, availability and usage indicators, dashboards to support your communication.
We use cookies to ensure that you have the best possible experience on our site, and if you continue to use this site, we will assume that you are satisfied with it.

Reserve your place

You have taken note of our privacy policy.