The user account used for monitoring can be a Windows authenticated account (if the Database Agent is running on Windows) or SQL Server authenticated (if AppDynamics Database Visibility is running on Windows or Linux). 

Minimum Permissions Required for SQL Server Logon

You can use the procedure below to create a SQL Server user with the minimum permissions required. 

Use the following to create a SQL Server logon user that provides the minimal level of permissions required in order to gain full AppDynamics Database Visibility/SQL Server functionality.

  1. Using SQL Server Management Studio, create a new login for the AppDynamics SQL Server Database Collector, such as DBMon_Agent_User. 
  2. From the User Mapping tab, map the new user to the master and msdb databases. 

    Viewing Object Information

    To view object information on the Database > Objects Browser, map the monitoring user to the databases of interest.
  3. Once you have created the login, give the following privileges to the user, substituting DBMon_Agent_User with the name you specified on the Login - New window:

Note: You can execute the following as a batch from a query window in Management Studio. The example shows grants to DBMon_Agent_User; remember to change this if you have set up a different login.

 

use master
ALTER SERVER ROLE processadmin ADD MEMBER DBMon_Agent_User;
GRANT VIEW ANY DATABASE TO DBMon_Agent_User;
GRANT VIEW ANY definition to DBMon_Agent_User;
GRANT VIEW server state to DBMon_Agent_User;

 

where DBMon_Agent_User is the name of the SQL Server user account specified in Create New Collector, Connection Details, Username field. 
To generate an execution plan on AWS RDS, you need additional permissions. The SHOWPLAN permission must be provided explicitly for each database:

 

USE <DB NAME>
go
GRANT SHOWPLAN to DBMon_Agent_User;
go
  • No labels