Basic SQL Server Configuration Help for Involuntary DBAs

After my presentation at the Techno Security and Digital Forensics conference, I had a information security professional stop by to ask a few questions. He’s in the position where he supports other clients since he works in a third-party security operations center (SOC). The reason most of these clients pay for a SOC instead of developing one of their own is cost. Since they don’t have the money to splurge on a lot of IT positions, another one that’s usually missing is the DBA.

Often times, as a SOC provider, when they interact with clients they can tell fairly quickly that the SQL Servers aren’t configured well. However, they don’t have the knowledge to go in and help their clients in a quick and easy way. He asked for advice. I pointed him to something that we have in our community: sp_Blitz. It’s part of the First Responder Toolkit from Brent Ozar.

Why did I recommend that particular tool? There are several reasons:

  1. It’s designed to provide a quick health check of your SQL Server.
  2. It’s a free tool (yes, you have to register), meaning budget isn’t an issue.
  3. The community has worked on and contributed to it.
  4. It provides explanations and recommendations on how to fix what’s wrong.

For someone such as an involuntary DBA or a consultant trying to assist a client when that’s not your primary skill set, it lets you make solid recommendations immediately that will improve the SQL Server setup. And it’s not hard to setup and run:

If you haven’t looked at this tool before, grab it, put into a non-prod environment, and see if it can help you.