Database Server Configuration

AccelOps supports these database servers for discovery and monitoring.

IBM DB2 Server Configuration

Microsoft SQL Server Configuration

Microsoft SQL Server Scripts

SQL Server Database Level Event Creation Script (PH_Database_Level_Events.sql)

SQL Server DDL Event Creation Script (PH_DDL_Server_Level_Events.sql)

SQL Server Table Creation Script (PH_EventDB_Tables_Create.sql)

SQL Server Trigger Creation Script (PH_LogonEventsTrigger.sql)

MySQL Server Configuration

Oracle Database Server Configuration

IBM DB2 Server Configuration

What is Discovered and Monitored

Protocol	Information discovered	Metrics collected	Used for
SNMP	Application type	Process level CPU and memory utilization	Performance Monitoring
WMI	Application type, service mappings	Process level metrics: uptime, CPU utilization, Memory utilization, Read I/O KBytes/sec, Write I/O KBytes/sec	Performance Monitoring
JDBC	None	Database audit trail: Successful and failed database log on, Database CREATE/DELETE/MODIFY operations, Table CREATE/DELETE/MODIFY/INSERT operations	Security Monitoring

Event Types

In CMDB > Event Types, search for “db2” in the Device Type and Description column to see the event types associated with this device.

Rules

There are no predefined rules for this device.

Reports

There are no predefined reports for this device.

Configuration

Configuring IBM DB2 Audit on Linux – DB2 side

1. Log in to IBM Installation Manager.
2. Click the Databases tab, and click the + icon to create a new Database Connection.
3. Enter these settings.

Field	Setting
Database Connection Name	Enter a name for the connection, such as AccelOps
Data Server Type	DB2 for Linux, Unix, and Windows
Database Name
Host name	db2.org
Port number	50000
JDBC Security	Clear text password
User ID	The username you want to use to access this Server from AccelOps
Password	The password you want to use with the User ID
JDBC URL	jdbc:db2://db2.org:50000/<databasename>:retrieveMessagesFromServerOnGetMessage=true;securit

4. In the Job Manager tab, click Add Job.
5. For Name, enter audit.
6. For Type, select DB2 CLP Script.
7. Click OK.
8. Add script.
9. Add schedule detail to audit task.
10. Add database to audit task.

You can now configure AccelOps to communicate with your device by following the instructions in Setting Access Credentials for Device Discovery, and then initiate discovery of the device as described in the topics in Discovering Infrastructure.

Configuring IBM DB2 Audit on Windows – DB2 side

1. Create a non-admin user on Windows, for example “AoAuditUser” , and set password
2. Login DB2 task center, add the user to DB Users, connect it to database 3. Grant Permission (use Administrator), use commands below
3. Create Catalog with db2admin
4. Create task in DB2 user Administrator:
   1. Open DB2 task center, create a task like below
   2. Add schedule
   3. Add task

 

IBMDB2_CHECKING_OBJECT <134>May 14 13:57:39 10.1.2.68 java: [IBMDB2_CHECKING_OBJECT]:[eventSeverity]=PHL_INFO,[objName]=TABLES,[srcI pAddr]=127.0.0.1,[srcApp]=DB2HMON,[dbName]=SAMPLE,[appVersion]=DB2 v10.1.0.0,[instanceName]=db2inst1,[eventTime]=2014-05-14-13.44.41.085567 ,[user]=db2inst1,[eventCategory]=CHECKING,[dbRetCode]=0

IBMDB2_CHECKING_FUNCTION <134>May 14 13:57:39 10.1.2.68 java: [IBMDB2_CHECKING_FUNCTION]:[eventSeverity]=PHL_INFO,[objName]=CHECKING,[ srcIpAddr]=127.0.0.1,[srcApp]=DB2HMON,[dbName]=SAMPLE,[appVersion]=DB2 v10.1.0.0,[instanceName]=db2inst1,[eventTime]=2014-05-14-13.44.40.739649 ,[user]=db2inst1,[eventCategory]=CHECKING,[dbRetCode]=0

IBMDB2_STATEMENT <134>May 14 13:57:40 10.1.2.68 java: [IBMDB2_STATEMENT]:[eventSeverity]=PHL_INFO,[srcIpAddr]=127.0.0.1,[srcAp p]=db2bp,[dbName]=SAMPLE,[appVersion]=DB2 v10.1.0.0,[instanceName]=db2inst1,[eventTime]=2014-05-14-13.48.59.433204 ,[user]=db2inst1,[eventCategory]=EXECUTE,[dbRetCode]=0

IBMDB2_COMMIT <134>May 14 13:57:40 10.1.2.68 java: [IBMDB2_COMMIT]:[eventSeverity]=PHL_INFO,[srcIpAddr]=10.1.2.81,[srcApp]= db2jcc_application,[dbName]=SAMPLE,[appVersion]=DB2 v10.1.0.0,[instanceName]=db2inst1,[eventTime]=2014-05-14-13.51.30.447924 ,[srcName]=SP81,[user]=db2inst1,[eventCategory]=EXECUTE,[dbRetCode]=0

IBMDB2_ROLLBACK <134>May 14 13:57:40 10.1.2.68 java:

[IBMDB2_ROLLBACK]:[eventSeverity]=PHL_INFO,[srcIpAddr]=127.0.0.1,[srcApp ]=db2bp,[dbName]=SAMPLE,[appVersion]=DB2 v10.1.0.0,[instanceName]=db2inst1,[eventTime]=2014-05-14-13.43.43.827986 ,[user]=db2inst1,[eventCategory]=EXECUTE,[dbRetCode]=0

IBMDB2_CONNECT <134>May 14 13:57:40 10.1.2.68 java:

[IBMDB2_CONNECT]:[eventSeverity]=PHL_INFO,[srcIpAddr]=127.0.0.1,[srcApp] =DB2HMON,[dbName]=SAMPLE,[appVersion]=DB2

v10.1.0.0,[instanceName]=db2inst1,[eventTime]=2014-05-14-13.44.39.991288 ,[user]=db2inst1,[eventCategory]=EXECUTE,[dbRetCode]=0

IBMDB2_CONNECT_RESET <134>May 14 13:57:40 10.1.2.68 java: [IBMDB2_CONNECT_RESET]:[eventSeverity]=PHL_INFO,[srcIpAddr]=127.0.0.1,[s rcApp]=db2bp,[dbName]=SAMPLE,[appVersion]=DB2 v10.1.0.0,[instanceName]=db2inst1,[eventTime]=2014-05-14-13.43.43.829149 ,[user]=db2inst1,[eventCategory]=EXECUTE,[dbRetCode]=0

IBMDB2_CREATE_OBJECT <134>May 14 13:57:40 10.1.2.68 java:

[IBMDB2_CREATE_OBJECT]:[eventSeverity]=PHL_INFO,[objName]=CAN_MONITOR=CA

N_MONITOR_FUNC,[srcIpAddr]=10.1.2.68,[srcApp]=DS_ConnMgt_,[dbName]=SAMPL E,[appVersion]=DB2 v10.1.0.0,[instanceName]=db2inst1,[eventTime]=2014-05-14-13.30.14.827242 ,[srcName]=10.1.2.68,[user]=db2inst1,[eventCategory]=OBJMAINT,[dbRetCode

]=0

IBMDB2_JDBC_PULL_STAT <134>May 14 13:57:39 10.1.2.68 java:

[IBMDB2_JDBC_PULL_STAT]:[eventSeverity]=PHL_INFO,[reptModel]=DB2,[dbName ]=SAMPLE,[instanceName]=db2inst1,[reptVendor]=IBM,[rptIp]=10.1.2.68,[aud itEventCount]=30,[relayIp]=10.1.2.68,[dbEventCategory]=db2inst1.AUDIT,[a ppGroupName]=IBM DB2 Server IBMDB2_ARCHIVE <134>May 14 13:57:39 10.1.2.68 java:

[IBMDB2_ARCHIVE]:[eventSeverity]=PHL_INFO,[srcIpAddr]=127.0.0.1,[srcApp] =db2bp,[dbName]=SAMPLE,[appVersion]=DB2 v10.1.0.0,[instanceName]=db2inst1,[eventTime]=2014-05-14-13.43.44.002046 ,[user]=db2inst1,[eventCategory]=AUDIT,[dbRetCode]=0

IBMDB2_EXTRACT <134>May 14 13:57:39 10.1.2.68 java:

[IBMDB2_EXTRACT]:[eventSeverity]=PHL_INFO,[srcIpAddr]=127.0.0.1,[srcApp] =db2bp,[dbName]=SAMPLE,[appVersion]=DB2 v10.1.0.0,[instanceName]=db2inst1,[eventTime]=2014-05-14-13.38.45.865016 ,[user]=db2inst1,[eventCategory]=AUDIT,[dbRetCode]=0

IBMDB2_LIST_LOGS <134>May 14 14:03:39 10.1.2.68 java:

[IBMDB2_LIST_LOGS]:[eventSeverity]=PHL_INFO,[srcIpAddr]=127.0.0.1,[srcAp

Microsoft SQL Server Configuration

What is Discovered and Monitored

Enabling SNMP on Windows Server 2003

Enabling SNMP on Windows 7 or Windows Server 2008 R2

Creating a Generic User Who Does Not Belong to the Local Administrator Group

Creating a User Who Belongs to the Domain Administrator Group

JDBC for Performance Monitoring

Create a Read-Only User to Access System Tables

JDBC for Database Audit Trail Collection

Create a Read-Only User to Access System Tables

Settings for Access Credentials

Sample Events

Per Instance Performance Metrics

Per Instance, per Database Performance Metrics

Generic Info

Config Info

Locking Info

Blocking Info

Error Log

Logon Events

DDL Events – Create Database

DDL Events – Create index

Supported Versions

SQL Server 2005

SQL Server 2008

SQL Server 2008 R2

SQL Server 2012

SQL Server 2014

What is Discovered and Monitored

The following protocols are used to discover and monitor various aspects of Microsoft SQL server.

Protocol	Information discovered	Metrics collected	Used for
SNMP	Application type	Process level CPU and memory utilization	Performance Monitoring
WMI	Application type, service mappings	Process level metrics: uptime, CPU utilization, Memory utilization, Read I/O KBytes/sec, Write I/O KBytes/sec	Performance Monitoring
WMI		Windows application event logs – successful and failed login	Security Monitoring
JDBC		General database info: database name, database version, database size, database owner, database created date, database status, database compatibility level Database configuration Info: Configure name, Configure value, Configure max and min value, Configure running value Database backup Info: Database name, Last backup date, Days since last backup	Availability Monitoring
JDBC		Database performance metrics (per-instance): Buffer cache hit ratio, Log cache hit ratio, Transactions /sec, Page reads/sec, Page writes/sec, Page splits/sec, Full scans/sec, Deadlocks/sec, Log flush waits/sec, Latch waits/sec,  Data file(s) size, Log file(s) used, Log growths, Log shrinks, User connections, Target server memory, Total Server Memory, Active database users, Logged-in database users, Available buffer pool pages, Free buffer pool pages, Average wait time Database performance metrics (per-instance, per-database):  Database name, Data file size, Log file used, Log growths, Log shrinks, Log flush waits/sec, Transaction /sec, Log cache hit ratio	Performance Monitoring
JDBC		Locking info: Database id, Database object id, Lock type, Locked resource, Lock mode, Lock status Blocking info: Blocked Sp Id, Blocked Login User, Blocked Database, Blocked Command, Blocked Process Name, Blocking Sp Id,  Blocking Login User, Blocking Database, Blocking Command, Blocking Process Name, Blocked duration	Performance Monitoring
JDBC		Database error log Database audit trail: Failed database logon is also collected through performance monitoring as logon failures cannot be collected via database triggers.	Availability / Performance Monitoring
JDBC	None	Database audit trail: Successful and failed database logon, Various database operation audit trail including CREATE/ALTER/DROP/TRUNCATE operations on tables, table spaces, databases, clusters, users, roles, views, table indices, triggers etc.	Security Monitoring and compliance

Event Types

In CMDB > Event Types, search for “sql server” in the Device Name and Description column to see the event types associated with this device.

Rules

In Analytics > Rules, search for ” sql server” in the Name column to see the rules associated with this application or device.

Reports

In Analytics > Reports, search for “sql server” in the Name column to see the reports associated with this application or device. Configuration

SNMP

Enabling SNMP on Windows Server 2003

SNMP is typically enabled by default on Windows Server 2003, but you will still need to add AccelOps to the hosts that are authorized to accept SNMP packets. First you need to make sure that the SNMP Management tool has been enabled for your device.

1. In the Start menu, go to Administrative Tools > Services.
2. Go to Control Panel > Add or Remove Programs.
3. Click Add/Remove Windows Components.
4. Select Management and Monitoring Tools and click Details.

Make sure that Simple Network Management Tool is selected.

If it isn’t selected, select it, and then click Next to install.

5. Go to Start > Administrative Tools > Services.
6. Select and open SNMP Service.
7. Click the Security
8. Select Send authentication trap.
9. Under Accepted communities, make sure there is an entry for public that is set to read-only.
10. Select Accept SNMP packets from these hosts.
11. Click
12. Enter the IP address for your AccelOps virtual appliance that will access your device over SNMP.
13. Click Add.
14. Click Apply.
15. Under SNMP Service, click Restart service.

Enabling SNMP on Windows 7 or Windows Server 2008 R2

SNMP is typically enabled by default on Windows Server 2008, but you will still need to add AccelOps to the hosts that are authorized to accept SNMP packets. First you should check that SNMP Services have been enabled for your server.

1. Log in to the Windows 2008 Server where you want to enable SNMP as an administrator.
2. In the Start menu, select Control Panel.
3. Under Programs, click Turn Windows features on/off.
4. Under Features, see if SNMP Services is installed.

If not, click Add Feature, then select SMNP Service and click Next to install the service.

5. In the Server Manager window, go to Services > SNMP Services.
6. Select and open SNMP Service.
7. Click the Security
8. Select Send authentication trap.
9. Under Accepted communities, make sure there is an entry for public that is set to read-only.
10. Select Accept SNMP packets from these hosts.
11. Click
12. Enter the IP address for your AccelOps virtual appliance that will access your device over SNMP.
13. Click Add.
14. Click Apply.
15. Under SNMP Service, click Restart service.

WMI

Configuring WMI on your device so AccelOps can discover and monitor it requires you to create a user who has access to WMI objects on the device. There are two ways to do this:

Creating a Generic User Who Does Not Belong to the Local Administrator Group

Creating a User Who Belongs to the Domain Administrator Group

Creating a Generic User Who Does Not Belong to the Local Administrator Group

Log in to the machine you want to monitor with an administrator account.

Enable Remote WMI Requests by Adding a Monitoring Account to the Distributed COM Users Group and the Performance Monitor Users Group

1. Go to Start > Control Panel > Administrative Tools > Computer Management > Local Users and Groups.
2. Right-click Users and select Add User.
3. Create a user.
4. Go to Groups, right-click Distributed COM Users, and then click Add to group.
5. In the Distributed COM Users Properties dialog, click Add.
6. Find the user you created, and then click OK.

This is the account you will need to use in setting up the Performance Monitor Users group permissions.

7. Click OK in the Distributed COM Users Properties dialog, and then close the Computer Management dialog.
8. Repeat steps 4 through 7 for the Performance Monitor Users group. Enable DCOM Permissions for the Monitoring Account
9. Go to Start > Control Panel > Administrative Tools > Component Services.
10. Right-click My Computer, and then Properties.
11. Select the COM Security tab, and then under Access Permissions, click Edit Limits.
12. Make sure that the Distributed COM Users group and the Performance Monitor Users group have Local Access and Remote Access set to
13. Click OK.
14. Under Access Permissions, click EditDefault.
15. Make sure that the Distributed COM Users group and the Performance Monitor Users group have Local Access and Remote Access set to
16. Click
17. Under Launch and Activation Permissions, click Edit Limits.
18. Make sure that the Distributed COM Users group and the Performance Monitor Users group have the permissions Allow for Local Launch, Remote Launch, Local Activation, and Remote Activation.
19. Click OK.
20. Under Launch and Activation Permissions, click Edit Defaults.
21. Make sure that the Distributed COM Users group and the Performance Monitor Users group have the permissions Allow for Local Launch, Remote Launch, Local Activation, and Remote Activation.

See the sections on Enabling WMI Privileges and Allowing WMI Access through the Windows Firewall in the Domain Admin User set up instructions for the remaining steps to configure WMI.

Creating a User Who Belongs to the Domain Administrator Group

Log in to the Domain Controller with an administrator account.

Enable remote WMI requests by Adding a Monitoring Account to the Domain Administrators Group

1. Go to Start > Control Pane > Administrative Tools > Active Directory Users and Computers > Users.
2. Right-click Users and select Add User.
3. Create a user for the @accelops.com domain.

For example, YJTEST@accelops.com.

4. Go to Groups, right-click Administrators, and then click Add to Group.
5. In the Domain Admins Properties dialog, select the Members tab, and then click Add.
6. For Enter the object names to select, enter the user you created in step 3.
7. Click OK to close the Domain Admins Properties dialog.
8. Click OK.

Enable the Monitoring Account to Access the Monitored Device

Log in to the machine you want to monitor with an administrator account. Enable DCOM Permissions for the Monitoring Account

1. Go to Start > Control Panel > Administrative Tools > Component Services.
2. Right-click My Computer, and then select Properties.
3. Select the Com Security tab, and then under Access Permissions, click Edit Limits.
4. Find the user you created for the monitoring account, and make sure that user has the permission Allow for both Local Access and Re mote Access.
5. Click OK.
6. In the Com Security tab, under Access Permissions, click Edit Defaults.
7. Find the user you created for the monitoring account, and make sure that user has the permission Allow for both Local Access and Re mote Access.
8. Click OK.
9. In the Com Security tab, under Launch and Activation Permissions, click Edit Limits.
10. Find the user you created for the monitoring account, and make sure that user has the permission Allow for Local Launch, Remote Launch, Local Activation, and Remote Activation.
11. In the Com Security tab, under Launch and Activation Permissions, click Edit Defaults.
12. Find the user you created for the monitoring account, and make sure that user has the permission Allow for Local Launch, Remote Launch, Local Activation, and Remote Activation.

Enable Account Privileges in WMI

The monitoring account you created must have access to the namespace and sub-namespaces of the monitored device.

1. Go to Start > Control Panel > Administrative Tools > Computer Management > Services and Applications.
2. Select WMI Control, and then right-click and select Properties.
3. Select the Security
4. Expand the Root directory and select CIMV2.
5. Click Security.
6. Find the user you created for the monitoring account, and make sure that user has the permission Allow for Enable Account and Remot e Enable.
7. Click Advanced.
8. Select the user you created for the monitoring account, and then click Edit.
9. In the Apply onto menu, select This namespace and subnamespaces.
10. Click OK to close the Permission Entry for CIMV2 dialog.
11. Click OK to close the Advanced Security Settings for CIMV2 dialog.
12. In the left-hand navigation, under Services and Applications, select Services.
13. Select Windows Management Instrumentation, and then click Restart. Allow WMI to Connect Through the Windows Firewall (Windows 2003)
14. In the Start menu, select Run.
15. Run msc.
16. Go to Local Computer Policy > Computer Configuration > Administrative Templates > Network > Network Connections > Windows Firewall.
17. Select Domain Profile or Standard Profile depending on whether the device you want to monitor is in the domain or not.
18. Select Windows Firewall: Allow remote administration exception.
19. Run exe and enter these commands:
20. Restart the server.

Allow WMI through Windows Firewall (Windows Server 2008, 2012)

1. Go to Control Panel > Windows Firewall.
2. In the left-hand navigation, click Allow a program or feature through Windows Firewall.
3. Select Windows Management Instrumentation, and the click OK.

JDBC for Performance Monitoring

Creating an User for SQL Server Monitoring

A regular Windows account cannot be used for SQL Server monitoring. AccelOps runs on Linux and certain windows libraries needed to do so are not available on Linux. You have to create a separate user with read-only privileges.

Create a Read-Only User to Access System Tables

1. Log in to your SQL Server with an sa account, and then create a read-only user to access system tables.
2. Log in with your newly created read-only account and run these commands.

Check to see if you get the same results with your read-only account as you do with your sa account.

3. The following additional configuration steps should be performed for the collection of Logon Failures.
   1. For Server 2012 – https://technet.microsoft.com/en-us/library/ms175850(v=sql.110).aspx
   2. For Server 2014 – https://technet.microsoft.com/sr-latn-rs/library/ms175850(v=sql.120)
   3. For Server 2016 – https://msdn.microsoft.com/en-us/library/ms175850.aspx

JDBC for Database Audit Trail Collection

Creating a User for SQL Server Monitoring

A regular Windows account cannot be used for SQL Server monitoring. AccelOps runs on Linux and certain windows libraries needed to do so are not available on Linux. You have to create a separate user with read-only privileges.

Create a Read-Only User to Access System Tables

1. Log in to your SQL Server with an sa account, and then create a read-only user to access system tables.

1. Save the four SQL Server Scripts attached to this topic to My Documents > SQL Server Management Studio > Projects as four separate files.
2. Login to SQL Server Management Studio with an sa account.
3. Browse to and execute the Database and Table Creation script to create the database and tables.
4. Browse to and execute the Logon Trigger Creation script to create triggers.

SQL Server introduced Logon Trigger in SQL Server 2005 SP2, so the database version must be greater than 2005 SP2 for logon trigger creation to succeed.

5. Browse to and execute the DDL Server Level Trigger Creation script to create database events.

You can now configure AccelOps to communicate with your device by following the instructions in Setting Access Credentials for Device Discovery, and then initiate discovery of the device as described in the topics in Discovering Infrastructure. Settings for Access Credentials

 

Creating a Database Truncate Script

Since audit tables grow after time, it is often a good idea to create a database truncate script that can run as a maintenance task and keep the table size under control.  it is often necessary to create a database truncate procedure as follows

 

1. Log into Microsoft SQL Management Studio and connect to the DB instance.
2. Under Management, go to Maintenance Plans, and create a new plan with the name
3. For Subplan, enter TRUNCATE, and for Description, enter TRUNCATE TABLE.
4. Click the Calendar icon to create a recurring, daily task starting at 12:00AM and running every 30 minutes until 11:59:59PM.
5. Go to View > Tool Box > Execute T-SQL Statement.

A T-SQL box will be added to the subplan.

6. In the T-SQL box, enter this command.
7. Click OK.
8. You will be able to see the history of this script’s actions by right-clicking on the maintenance task, and then selecting View History.

Sample Events

Per Instance Performance Metrics

 

<134>Apr 16 10:17:56 172.16.22.100 java:

[PH_DEV_MON_PERF_MSSQL_SYS|PH_DEV_MON_PERF_MSSQL_SYS]:[eventSeverity]=PH

L_INFO,[hostIpAddr]=172.16.22.100,[hostName]=wwwin.accelops.net,

[appGroupName]=Microsoft SQL Server,[dbDataFileSizeKB]=13149056,[dbLogFileUsedKB]=26326,[dbLogGrowthC ount]=4,[dbLogShrinkCount]=0,[dbLogFlushPerSec]=1.69,[dbTransPerSec]=4.4 4, [dbDeadLocksPerSec]=0,[dbLogCacheHitRatio]=60.01,[dbUserConn]=16,[dbTarg etServerMemoryKB]=1543232,[dbTotalServerMemoryKB]=1464760,[dbPageSplitsP erSec]=0.45, [dbPageWritesPerSec]=0.01,[dbLatchWaitsPerSec]=0.77,[dbPageReadsPerSec]= 0.01,[dbFullScansPerSec]=1.83,[dbBufferCacheHitRatio]=100,[dbCount]=8,[d bUserCount]=25, [dbLoggedinUserCount]=2,[dbPagesInBufferPool]=116850,[dbPagesFreeInBuffe rPool]=2336,[dbAverageWaitTimeMs]=239376, [appVersion]=Microsoft SQL Server 2008 R2 (RTM) – 10.50.1600.1

(X64),[serverName]=WIN-08-VCENTER,[instanceName]=MSSQLSERVER,[appPort]=1

433

Per Instance, per Database Performance Metrics

[PH_DEV_MON_PERF_MSSQL_PERDB]:[eventSeverity]=PHL_INFO,[hostIpAddr]=172. 16.22.100,[hostName]=wwwin.accelops.net,[dbName]=tempdb,[appGroupName]=M icrosoft SQL Server, [dbDataFileSizeKB]=109504,[dbLogFileUsedKB]=434,[dbLogGrowthCount]=4,[db LogShrinkCount]=0,[dbTransPerSec]=0.96,[dbLogFlushPerSec]=0.01,[dbLogCac heHitRatio]=44.44, [appVersion]=Microsoft SQL Server 2008 R2 (RTM) – 10.50.1600.1

(X64),[serverName]=WIN-08-VCENTER,[instanceName]=MSSQLSERVER,[appPort]=1

433

Generic Info

[PH_DEV_MON_PERF_MSSQL_GEN_INFO]:[eventSeverity]=PHL_INFO,[dbName]= tempdb,[dbSize]= 3.0,[dbowner]= sa,[dbId]= 2,[dbcreated]= 1321545600, [dbstatus]= Status=ONLINE; Updateability=READ_WRITE;

UserAccess=MULTI_USER; Recovery=SIMPLE; Version=655;

Collation=SQL_Latin1_General_CP1_CI_AS; SQLSortOrder=52;

IsAutoCreateStatistics; IsAutoUpdateStatistics,

[dbcompatibilityLevel]= 100,[spaceAvailable]= 0.9,[appVersion]=

Microsoft SQL Server 2008 (RTM) – 10.0.1600.22 (Intel X86),[serverName]=

WIN03MSSQL\SQLEXPRESS

Config Info

Locking Info

Blocking Info

[PH_DEV_MON_PERF_MSSQL_BLOCKBY_INFO]:[eventSeverity]=PHL_INFO,[blockedSp Id]= 51,[blockedLoginUser]= WIN03MSSQL\Administrator,[blockedDbName]= msdb, [blockedCommand]= UPDATE,[blockedProcessName]= Microsoft SQL Server

Management Studio – Query,[blockingSpId]= 54,[blockingLoginUser]=

WIN03MSSQL\Administrator,

[blockingDbName]= msdb,[blockingCommand]= AWAITING

COMMAND,[blockingProcessName]= Microsoft SQL Server Management Studio –

Query,[blockedDuration]= 5180936,

[appVersion]= Microsoft SQL Server 2008 (RTM) – 10.0.1600.22 (Intel

X86),[serverName]= WIN03MSSQL\SQLEXPRESS

Error Log

Logon Events

134>Feb 08 02:55:34 10.1.2.54 java:

[MSSQL_Logon_Success]:[eventSeverity]=PHL_INFO, [eventTime]=2014-02-08 02:54:00.977, [rptIp]=10.1.2.54, [relayIp]=10.1.2.54, [srcName]=<local machine>, [user]=NT SERVICE\ReportServer$MSSQLSERVEJIANFA, [srcApp]=Report Server, [instanceName]=MSSQLSERVEJIANFA, [procId]=52,

[loginType]=Windows (NT) Login,

[securityId]=AQYAAAAAAAVQAAAALJAZf5XMbcLh8PUDY31LioZ3Uwo=, [isPooled]=1,

[destName]=WIN-S2EDLFIUPQK, [destPort]=1437,

DDL Events – Create Database

<134>Sep 29 15:34:48 10.1.2.54 java:

[MSSQL_Create_database]:[eventSeverity]=PHL_INFO, [eventTime]=2013-09-29

15:34:05.687, [rptIp]=10.1.2.54, [relayIp]=10.1.2.54,

[user]=WIN-S2EDLFIUPQK\Administrator, [dbName]=JIANFA,

[instanceName]=MSSQLSERVER, [objName]=, [procId]=59, [command]=CREATE

DATABASE JIANFA, [destName]=WIN-S2EDLFIUPQK, [destPort]=1433,

DDL Events – Create index

<134>Sep 29 15:34:48 10.1.2.54 java:

[MSSQL_Create_index]:[eventSeverity]=PHL_INFO, [eventTime]=2013-09-29

15:30:40.557, [rptIp]=10.1.2.54, [relayIp]=10.1.2.54,

[user]=WIN-S2EDLFIUPQK\Administrator, [dbName]=master,

[instanceName]=MSSQLSERVER, [objName]=IndexTest, [procId]=58,

[command]=create index IndexTest on dbo.MSreplication_options(optname);,

[schemaName]=dbo, [objType]=INDEX, [destName]=WIN-S2EDLFIUPQK,

[destPort]=1433