Skip to content

Commit fec12ba

Browse files
joelmarcotteclaude
joelmarcotte
and
claude
authored
Add SQL Server diagnostics (DataDog#23621)
* Add SQL Server diagnostics * Add SQL Server diagnostics changelog * Address Codex review on SQL Server diagnostics - skip server-level VIEW SERVER STATE probe on Azure SQL Database and validate via sys.dm_exec_sessions (VIEW DATABASE STATE) - probe msdb.dbo.syssessions when agent_jobs is enabled and not on RDS Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * Explicitly check VIEW DATABASE STATE on Azure SQL Database On Azure SQL Database, `sys.dm_exec_sessions` always returns the caller's own session row, so probing it cannot detect a missing `VIEW DATABASE STATE`. Validate the permission with `HAS_PERMS_BY_NAME(DB_NAME(), 'DATABASE', 'VIEW DATABASE STATE')` before the session probe. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * Eliminate reference cycle in SQL Server diagnose Mirrors the postgres fix in DataDog#23647: register a module-level ``run_diagnostics`` via ``functools.partial`` so a fresh ``SqlserverDiagnose`` worker is built per invocation and disposed of when ``_run()`` returns. The previous shape kept a ``SqlserverDiagnose`` instance alive whose bound ``_run`` was held by ``Diagnosis``, forming a check → diagnosis → bound method → diagnose worker → check cycle. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * Use NULL securable in HAS_PERMS_BY_NAME for VIEW DATABASE STATE Azure SQL Database names can contain a dot. Passing ``DB_NAME()`` as the securable made ``HAS_PERMS_BY_NAME`` parse the name as a multipart identifier, returning 0 even when ``VIEW DATABASE STATE`` was granted and producing a false-negative diagnostic. Using NULL targets the current database unambiguously. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * Skip baseline diagnostic probes under only_custom_queries When only_custom_queries is set the check skips load_basic_metrics and database_metrics, so the Datadog login does not need access to sys.dm_os_performance_counters or the database_metrics-only msdb tables. Guard those probes (and VIEW SERVER STATE / VIEW ANY DEFINITION) so they only run when the corresponding metric path is active or DBM is enabled. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * Address SQL Server diagnose review feedback * Improve SQL Server diagnose remediation * Add SQL Server diagnostics for Azure perf state, ODBC driver, and per-db access Adds three high-signal pre-flight probes inspired by recurring SDBM escalations: - VIEW DATABASE PERFORMANCE STATE on Azure SQL Database / Managed Instance, probed with sys.dm_io_virtual_file_stats (SDBM-1707, SDBM-1504). - ODBC driver installed: compares the configured driver to pyodbc.drivers() before connecting (SDBM-1939). - Per-database access under autodiscovery: enumerates online user databases, applies the autodiscovery include/exclude filters, and probes each with USE/SELECT TOP 1 1 (SDBM-2293, SDBM-2401). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * Add per-database VIEW DATABASE STATE diagnostic The existing per-database access probe only verified that the Datadog login could USE each autodiscovered database. A login can pass that probe and still produce no per-database DBM data because the per-db DMV reads (sys.dm_exec_sessions filtered by database_id, sys.dm_db_index_usage_stats, sys.dm_db_file_space_usage, ...) require VIEW DATABASE STATE on the database — the exact permission the existing remediation already told users to grant but never checked. Extends the per-database loop to call HAS_PERMS_BY_NAME for VIEW DATABASE STATE on each accessible database and emits a new missing-per-database-view-state diagnosis with failures listed by database name. Skipped on Azure SQL Database (per_database_access is also skipped there) and when no database was accessible (the access probe already reports that case). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * format --------- Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
1 parent b0b75f5 commit fec12ba

4 files changed

Lines changed: 1440 additions & 0 deletions

File tree

sqlserver/changelog.d/23621.added

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
Add explicit diagnostics for SQL Server setup validation.

0 commit comments

Comments
 (0)