Idera strives to ensure our products provide quality solutions for your SQL Server needs. The following known issues are described in this section. If you need further assistance with any issue, please contact Support (www.idera.com/support).

Installation and configuration issues

Verify SQL CM repository database size before upgrading

It is important to check the size of the SQL Compliance Manager repository databases on the Collection Server before proceeding with an upgrade. There are four databases created by SQL Compliance Manager: SQLcompliance; SQLcompliance.Processing; SQLcompliance.<Instance>; SQLcompliance.<Instance>_Time_Partition. Each database should be under 20 GB to complete a successful upgrade. In order to avoid problems during the upgrade due to database size, Idera recommends that you regularly archive the repository data to maintain the audit history. For more information about archiving, see Manage Audit Data. If archiving the data through SQL Compliance Manager is not an option at the time of the upgrade, it is recommended to back up the repository databases and delete unneeded records from the Events and EventSQL tables of the event databases.

Case-sensitivity required when specifying the Repository database name

When specifying the location and name of your Repository database, SQL Compliance Manager requires that you use proper capitalization.

Upgrading from 2.1 to 3.3 or later results in SQL Server trace error

When you upgrade from SQL Compliance Manager version 2.1 to version 3.3 or later, you may receive warnings indicating that the trace has been altered unexpectedly. This issue is most likely to happen when:

    • Collection Server resides on a SQL Server 2005 instance
    • SQL compliance manager is configured for self-monitoring

These warnings are incorrect and do not indicate a problem with your upgrade.

Agent-Only installation does not create a trace directory when you use a different destination folder  

During an Agent-only installation, if you accept the default destination path for SQL Compliance Manager, and then select a different destination drive and use a sub-folder in the Agent Trace Directory dialog box, the installer does not create the Agent Trace Directory during installation. If this issue occurs, reinstall the Agent specifying a folder instead of a sub-folder as the destination path or use the default path specified in the installer.

Known issues in version 4.5

Net Time value not updated in recurring schedules

Users who have recurring archive schedules may notice an issue that prevents the archive process from executing. While the first scheduled archive does occur, the second scheduled archive does not. The workaround in this situation is to restart the Collection Service, and then wait until the next time the archive scheduler runs.

SELECT statements appear as DML events

A known SQL Server issue causes some SQL Compliance Manager SELECT statements to appear as DML events. This issue occurs when a user audits both SELECT and DML. SQL CM captures many events when certain columns are selected from certain system tables from a single SELECT statement query and shows them as individual DML events.

Specifically, the SELECT statement which uses the permissions() function generates only DML event traces and not a SELECT event trace. This step results in SQLcm reporting the SELECT statement as a DML event. In addition, the permissions() function is deprecated. Microsoft recommends in MSDN documentation that users implement the Has_Perms_By_Name() function instead of the permissions() function. The difference between these two functions is that the permissions() function always generates the DML event traces while the Has_Perms_By_Name() function generates event traces according to permission type used. For example, SELECT event traces for SELECT permission types, and DML event traces for EXECUTE or DELETE permission types.

Already Deployed option is unavailable  

When you attempt to add a new SQL Server instance to SQL CM, the Deployment dialog box does not default to Already Deployed on instances where the Agent was manually installed on the machine where the SQL Server instance specified is located.

Guest user is enabled after installation  

After installing SQL Compliance Manager 4.5, the Guest user is enabled in the SQLcompliance repository while it is disabled in the SQLcompliance event databases. You can disable this account in the repository using Microsoft SQL Server Management Studio.

Filtering Before-After data can cause event duplication  

SQL CM may duplicate some Before-After data events on the Audit Events tab of a database if you use the Filter by Table option to view your results. This issue does not occur with other filtering options.

Login Activity event alerts display as Security Changes in the Edit Event Alert Rule window  

When you access the Edit Event Alert Rule window for a Login Activity event alert,  SQL Compliance Manager defaults to the Security Changes option instead of the Login Activity option.  

Changing archive preferences to Daily after upgrading to SQL CM 4.5 causes an issue  

Users who upgrade to SQL CM 4.5, and then modify the archive preferences to Daily may experience that the subsequent archives fail and display a primary key constraint violation error message . In addition, SQL CM does not store the events in the Events table of the Archive database .

Re-adding a virtual (clustered) instance previously deleted does not re-add a sub-key to the registry  

When you install the SQLcompliance Agent on an audited instance, a Windows Registry sub-key called "Instances" is created in HKEY_LOCAL_MACHINE\SOFTWARE\Idera\SQLcompliance\SQLcomplianceAgent. This sub-key specifies the name of the SQL Server instance that you want to audit. In a clustered environment, the sub-key is created for each node. This issue occurs when you remove a virtual instance from the SQL CM console, thereby deleting the sub-key from the active node registry, and then you re-add the virtual instance to the console. The sub-key "Instances" is not re-added to the registry and SQL CM stops auditing data.

Archiving may fail on remote agents  

  Some users may experience an issue that causes archiving on a remote agent to fail . Associated error messages include:

  • Exception: Invalid attempt to call Read when reader is closed.
  • Exception: Unable to cast object of type 'System.Int32' to type 'System.String'.

Previous known issues

Grooming alerts may result in an error when running the SQL CM Console on Windows 2012 and Windows 8  

Users running the SQL Compliance Manager Console on Windows 2012 and Windows 8 may receive an exception error when attempting to groom alerts. As a workaround, you can create a SQL script that deletes alerts directly from the repository.

Invalid events may appear for the custom Server role on a SQL Server 2012 instance

Users who create a custom Server role and give it permissions on a SQL Server 2012 instance may see events appearing as Invalid.

Issues can occur when a table name contains a period (.)

The following issues can occur if you have tables containing a period (.) in the name:

    • Columns may not appear in the Before-After Data selection.
    • Importing audit configuration containing Before-After Data settings may fail.
    • Users cannot select Before-After Data and Sensitive Columns for audit.

Auditing sensitive columns does not capture events executed by encrypted stored procedures or linked servers

The Collection Server is unable to process SELECT events that have been executed by encrypted stored procedures or queries from linked servers. This issue is most likely to affect the audit data trail for specific, sensitive columns.

Column-level auditing is limited to tables

Auditing of SELECT events at the column level is limited to columns located in tables. For example, you cannot audit specific columns located in views. However, to audit SELECT commands performed on views, you can enable SELECT auditing at the database level and choose to capture the corresponding T-SQL statements.

Auditing of before-after data is not supported on databases that use SQL Server replication

You cannot audit before-after data, and their corresponding transactions, on databases that have SQL Server replication enabled. SQL Server replication is available for instances running SQL Server 2005 or later.

Events statistics may not display in charts

SQL Compliance Manager now displays event statistics on the new Enterprise, SQL Server Instance, and Database Summary tabs. Because this information was not collected in previous versions, the new graphs does not display event statistics for audit data collected by SQL Compliance Manager 2.1 or earlier.

Filters do not support audit data collected by version 2.1 or earlier

SQL Compliance Manager includes many new filters in the enhanced Management Console views. These filters will not sort or filter events collected with SQL Compliance Manager version 2.1 or earlier.

Encrypted trace files not supported

SQL Compliance Manager does not support collecting and processing events from encrypted SQL Server trace files. This issue is most likely to occur in environments that use third-party encryption software. For example, some applications can be configured to automatically encrypt all new files created on a specific computer. If you are running encryption software in your SQL Server environment, verify the encryption settings to ensure the application does not encrypt trace files on the audited SQL Server instances.

Alerts include raw variable data if undefined

SQL Compliance Manager now includes alert messages for all alerts. If you have not defined an alert message and an alert is generated, the alert message will display raw variable information without any corresponding values. Configuring your alert messages and defining the variables to include will allow you to customize what you see in alert messages.

Adding BLOB data type to table definition prevents updates

When you change the definition of a table you are auditing to include BLOB data types, the Before-After data trigger prevents the table from being modified by UPDATE, DELETE, and INSERT operations, such as through stored procedures or third party applications. This issue is most likely to occur when you are auditing all the columns in the target table.

This issue occurs because Before-After auditing does not support BLOB data types (such as text, image data, or XML code). To correct this issue, change the data definition of the table.

 

SQL  Compliance Manager  audits all activity on your server.  Learn more  > >
  • No labels