All Apps and Add-ons
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Issue with Microsoft SQL Server App

sushma7
Path Finder
‎01-16-2014 07:01 PM

Hi,

I had installed the Microsoft SQL app on the main splunk instance and also installed the corresponding add-ons on the universal forwarder machine, following the documentation, still the app is not showing SQL servers and it is not fetching data from it.

Thanks in advance for your help.

Regards,
Sushma.

0 Karma
Reply

amiracle
Splunk Employee
Splunk Employee
‎07-31-2014 01:58 PM

I figured this one out, finally. Here's what I did:
Windows Server 2008 R2 and Windows 2012 R2 - Open Powershell as Administrator

PS C:\>Get-Execution Policy

If it's Restricted, then do the following:

PS C:\>Set-Execution Policy Bypass

Say Yes to the Execution Policy Change.

Then run Get-ExecutionPolicy and see that it changed to Bypass:

PS C:\> Get-ExecutionPolicy
Bypass

Once you have that done, now you'll need to make one more change.

Open your SQL Server Management Studio and log in as sysadmin (sa). Go to Security ->Logins -> NT AUTHORITY\SYSTEM (Properties) and grant the user sysadmin Server Role. Apply the change and restart your Splunk service. (Thanks Adrian: http://answers.splunk.com/answers/108974/problem-with-powershell-and-splunk_for_sqlserver-app)

Once you have all these steps done, then go into the app and run the Lookup Table Rebuilder (Searches & Reports->Lookup Table Rebuilder)

Lastly, you can run the search: 

index=mssql | stats count, values(sourcetype) by host

You should see the following source types show up:

MSSQL:Database:Health
MSSQL:Host:Memory
MSSQL:Instance:Service
MSSQL:Instance:User
Powershell:ScriptExecutionSummary
0 Karma
Reply

FunPolice
Path Finder
‎06-09-2014 08:01 AM

Sushma,

The SQL app instructions don't include instructions for the other apps that you need - see http://answers.splunk.com/answers/101202/sql-server-splunk-app-does-not-show-any-servers for someone who is having the same problem. I'm still working through this myself, but at the very least you will need to ensure that powershell scripts can run.

On your SQL server:

  • Start a Powershell window as an administrator
  • Run "Get-ExecutionPolicy". You can see what the answer means at http://technet.microsoft.com/library/hh847748.aspx.
  • Run "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned (if that's suitable for you - I'm still testing)
  • Run "Get-ExecutionPolicy" again to confirm the change
  • Try running a script manually to see what happens (any script will do)
Reply
Get Updates on the Splunk Community!

.conf25 technical session recap of Observability for Gen AI: Monitoring LLM ...

If you’re unfamiliar, .conf is Splunk’s premier event where the Splunk community, customers, partners, and ...

A Season of Skills: New Splunk Courses to Light Up Your Learning Journey

There’s something special about this time of year—maybe it’s the glow of the holidays, maybe it’s the ...

Announcing the Migration of the Splunk Add-on for Microsoft Azure Inputs to ...

Announcing the Migration of the Splunk Add-on for Microsoft Azure Inputs to Officially Supported Splunk ...