PowerShell

How to Convert FileTime to DateTime

One of my customers recently wanted to rename each of the SQL audit files will the datetime stamp of when it was created. I explained to them the filename already contains a datetime stamp. While it does not look like a typical timestamp, it is based on the Windows Filetime data structure that is a 64-bit value representing the number of 100-nanosecond intervals since January 1, 1601 (UTC). Nonetheless, they still wanted a traditional datetime stamp in the file name. According to the documentation, the audit file naming convention is this: and if we use this file as an example:...

Continue reading...

Convert SQL Audit Files to a CSV Using Read-SqlXEvent

SQL Server Audit is an efficient way to track and log events that occur within the database engine. For on-premises or IaaS environments, those audits can only be stored in a binary file, the Windows Application log, or the Windows Security log. Most customers I have worked with over the years store the audits in a binary file because of the limitations of the Windows Event logs. Reading the contents of an audit event file can be accomplished using either Management Studio or the T-SQL function, sys.fn_get_audit_file. However, sometimes a customer may want to use a third-party tool to read...

Continue reading...

Get Certificate Details for SQL Encryption In-Transit Using PowerShell – UPDATED

In a previous blog post, I showed you how to use PowerShell to retrieve the details of the certificate being used for encryption-in-transit, aka TLS encryption. I have received a lot of feedback about that script and one of the most common requests was how to run it remotely. I have finally modified the script to do just that. The previous version required you to run it locally on a server. It would return the certificate information for each SQL instance that it detected. The new version can be run remotely, but it will expect you to pass in a...

Continue reading...

Get Certificate Details for SQL Encryption In-Transit Using PowerShell

There is an updated version of this script here. In my opinion, all customers should be encrypting connections to their SQL Servers to secure data in-transit, but that’s a discussion for another day. Today, I wanted to discuss how you can use PowerShell to lookup details on the certificate being used for that encryption. For this example, we have three SQL Server instances each configured slightly different for encrypted communication. Using the SQL Server Configuration Manager, we can see the first instance is configured to use a certificate named “deathstar.govlab.corp (SHA256)”. The FORCE ENCRYPTION option is set to YES to...

Continue reading...

Finding the NTFS Allocation Unit Size for Mount Points

The 64Kb Allocation Unit size is one of the easiest SQL Server best practice items to complete during your new builds, but from time to time, I still see this one overlooked. And I know this topic has been beat to death over the years, so we are not going to cover the why you should format volumes using 64Kb Allocation Size. We are just going to cover how to check the current value. In our setup, we have a server with 4 disks attached; two are mounted with drive letters (M: and S:) and two are mounted as folders...

Continue reading...