Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(inputs.sqlserver): Check SQL Server "encryptionEnforce" with xp_instance_regread #13284

Merged
merged 3 commits into from
Jun 1, 2023
Merged

feat(inputs.sqlserver): Check SQL Server "encryptionEnforce" with xp_instance_regread #13284

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
db58904
feat(sql-server): checking SQL Server encryptionEnforce with xp_insta…
MartinHBA May 18, 2023
a09c48a
feat(inputs.sqlserver): Check SQL Server "encryptionEnforce" with xp_…
MartinHBA May 30, 2023
d385aee
feat(inputs.sqlserver): Check SQL Server "encryptionEnforce" with xp_…
MartinHBA May 31, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 0 additions & 1 deletion plugins/inputs/sqlserver/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -441,7 +441,6 @@ ensure to check additional setup section in this documentation.
- *TempDB*: Free space, Version store usage, Active temp tables, temp table creation rate, + more
- *Resource Governor*: CPU Usage, Requests/sec, Queued Requests, and Blocked tasks per workload group + more
- *SQLServerProperties*: Number of databases in all possible states (online, offline, suspect, etc.), cpu count, total physical memory, available physical memory, SQL Server service uptime, SQL Server SPID and SQL Server version. In the case of Azure SQL relevant properties such as Tier, #Vcores, Memory etc.
- *SQLServerForceEncryption*: Retrieves info from registry if SQL Server is having forced encryption
- *SQLServerWaitStatsCategorized*: Wait time in ms, number of waiting tasks, resource wait time, signal wait time, max wait time in ms, wait type, and wait category. The waits are categorized using the same categories used in Query Store.
- *SQLServerSchedulers*: This captures `sys.dm_os_schedulers`.
- *SQLServerRequests*: This captures a snapshot of `sys.dm_exec_requests` and `sys.dm_exec_sessions` that gives you running requests as well as wait types and
Expand Down
1 change: 0 additions & 1 deletion plugins/inputs/sqlserver/sqlserver.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -130,7 +130,6 @@ func (s *SQLServer) initQueries() error {
} else if s.DatabaseType == typeAzureArcSQLManagedInstance {
queries["AzureArcSQLMIDatabaseIO"] = Query{ScriptName: "AzureArcSQLMIDatabaseIO", Script: sqlAzureArcMIDatabaseIO, ResultByRow: false}
queries["AzureArcSQLMIServerProperties"] = Query{ScriptName: "AzureArcSQLMIServerProperties", Script: sqlAzureArcMIProperties, ResultByRow: false}
queries["SQLServerForceEncryption"] = Query{ScriptName: "SQLServerForceEncryption", Script: SQLServerForceEncryption, ResultByRow: false}
queries["AzureArcSQLMIOsWaitstats"] = Query{ScriptName: "AzureArcSQLMIOsWaitstats", Script: sqlAzureArcMIOsWaitStats, ResultByRow: false}
queries["AzureArcSQLMIMemoryClerks"] = Query{ScriptName: "AzureArcSQLMIMemoryClerks", Script: sqlAzureArcMIMemoryClerks, ResultByRow: false}
queries["AzureArcSQLMIPerformanceCounters"] =
Expand Down
44 changes: 26 additions & 18 deletions plugins/inputs/sqlserver/sqlserverqueries.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -211,6 +211,29 @@ IF CAST(SERVERPROPERTY('ProductVersion') AS varchar(50)) >= '10.50.2500.0'
END AS [hardware_type]'

SET @SqlStatement = '

DECLARE @ForceEncryption INT
DECLARE @DynamicportNo NVARCHAR(50);
DECLARE @StaticportNo NVARCHAR(50);

EXEC [master].[dbo].[xp_instance_regread]
@rootkey = ''HKEY_LOCAL_MACHINE'',
@key = ''SOFTWARE\Microsoft\Microsoft SQL Server\MSSQLServer\SuperSocketNetLib'',
@value_name = ''ForceEncryption'',
@value = @ForceEncryption OUTPUT;

EXEC xp_instance_regread @rootkey = ''HKEY_LOCAL_MACHINE''
,@key =
''Software\Microsoft\Microsoft SQL Server\MSSQLServer\SuperSocketNetLib\Tcp\IpAll''
,@value_name = ''TcpDynamicPorts''
,@value = @DynamicportNo OUTPUT

EXEC xp_instance_regread @rootkey = ''HKEY_LOCAL_MACHINE''
,@key =
''Software\Microsoft\Microsoft SQL Server\MSSQLServer\SuperSocketNetLib\Tcp\IpAll''
,@value_name = ''TcpPort''
,@value = @StaticportNo OUTPUT

SELECT
''sqlserver_server_properties'' AS [measurement]
,REPLACE(@@SERVERNAME,''\'','':'') AS [sql_instance]
Expand All @@ -224,6 +247,9 @@ SELECT
,SERVERPROPERTY(''ProductVersion'') AS [sql_version]
,SERVERPROPERTY(''IsClustered'') AS [instance_type]
,LEFT(@@VERSION,CHARINDEX('' - '',@@VERSION)) AS [sql_version_desc]
,@ForceEncryption AS ForceEncryption
,COALESCE(@DynamicportNo,@StaticportNo) AS Port
,IIF(@DynamicportNo IS NULL, ''Static'', ''Dynamic'') AS PortType
,dbs.[db_online]
,dbs.[db_restoring]
,dbs.[db_recovering]
Expand All @@ -247,24 +273,6 @@ SELECT
EXEC sp_executesql @SqlStatement
`

const SQLServerForceEncryption = `
SET DEADLOCK_PRIORITY -10;

DECLARE
@ForceEncryption INT
,@SqlStatement AS nvarchar(max)

SET @SqlStatement = N'
EXEC xp_instance_regread
@rootkey = 'HKEY_LOCAL_MACHINE',
@key = 'SOFTWARE\Microsoft\Microsoft SQL Server\MSSQLServer\SuperSocketNetLib',
@value_name = 'ForceEncryption',
@value = @ForceEncryption OUTPUT
SELECT @ForceEncryption AS ForceEncryption'

EXEC sp_executesql @SqlStatement
`

const sqlServerSchedulers string = `
SET DEADLOCK_PRIORITY -10;
IF SERVERPROPERTY('EngineEdition') NOT IN (2,3,4) BEGIN /*NOT IN Standard,Enterpris,Express*/
Expand Down