A Need for Monitoring without Administration

Question

A Need for Monitoring without Administration

Steve Jones - SSC Editor

SSC Guru

Points: 736173
More actions
January 6, 2021 at 12:00 am

#3824847

Comments posted to this topic are about the item A Need for Monitoring without Administration

Viewing 9 posts - 1 through 8 (of 8 total)

You must be logged in to reply to this topic. Login to reply

Michael L John One Orange Chip Points: 27055 More actions · Answer 1

One of my "pet peeves" with most monitoring is that it captures and stores so many metrics, and these metrics never are used for anything.

Most monitoring is used an alerting system only. If that's all that monitoring is going to be used for, you don't need administrator level access.

Michael L John
If you assassinate a DBA, would you pull a trigger?
To properly post on a forum:
http://www.sqlservercentral.com/articles/61537/

Steve Jones - SSC Editor SSC Guru Points: 736173 More actions · Answer 2

You never know what metric you need until you need it. I think there is good reason to capture a lot of them, but also archive/delete them over time.

I agree, that for monitoring to raise alerts, you shouldn't require admin access.

Summer90 SSC-Dedicated Points: 32891 More actions · Answer 3

It does seem crazy that you have to have ADMIN rights to monitor systems doesn't it? The different operating system developers need to come up with a way to view/capture things for monitoring without needing to be an Admin.

Jeff Moden SSC Guru Points: 1004324 More actions · Answer 4

Since RedGate owns SQLServerCentral.com, a burning question comes to mind and that is, "What privs level does RedGate's "monitor" product require"?

--Jeff Moden

RBAR is pronounced "ree-bar" and is a "Modenism" for Row-By-Agonizing-Row.
First step towards the paradigm shift of writing Set Based code:
________Stop thinking about what you want to do to a ROW... think, instead, of what you want to do to a COLUMN.

Change is inevitable... Change for the better is not.

Helpful Links:
How to post code problems
How to Post Performance Problems
Create a Tally Function (fnTally)

Steve Jones - SSC Editor SSC Guru Points: 736173 More actions · Answer 5

https://documentation.red-gate.com/sm/adding-and-managing-monitored-servers/preparing-for-adding-monitored-servers/permissions-required-for-monitoring-servers

Jeff Moden SSC Guru Points: 1004324 More actions · Answer 6

Steve Jones - SSC Editor wrote:

https://documentation.red-gate.com/sm/adding-and-managing-monitored-servers/preparing-for-adding-monitored-servers/permissions-required-for-monitoring-servers

Thanks, Steve.

--Jeff Moden

RBAR is pronounced "ree-bar" and is a "Modenism" for Row-By-Agonizing-Row.
First step towards the paradigm shift of writing Set Based code:
________Stop thinking about what you want to do to a ROW... think, instead, of what you want to do to a COLUMN.

Change is inevitable... Change for the better is not.

Helpful Links:
How to post code problems
How to Post Performance Problems
Create a Tally Function (fnTally)

joe.lebaron SSC Enthusiast Points: 121 More actions · Answer 7

From RedGate's docs for SQL Monitor:

Monitoring Azure SQL Servers

The account used to monitor your Azure SQL Server must be the server admin account used to create the Azure SQL Server.

This is partly on MS that they have created this 'SA' like account that cannot be changed and there can only be one (noting that using an AD group of administrators has worked 99% for me as a workaround).

To Steve's point, Why? I can see needed elevated permissions during the setup (ie: create the storage database), but that should run under the creds of the user running the setup. Most (all?) of the Azure database monitoring happens at the database level - not server - so not sure why it cannot use a database account with some elevated read-only type permissions.

Steve Jones - SSC Editor SSC Guru Points: 736173 More actions · Answer 8

It's a crazy Azure restriction that we've complained to them about.