Gianluca Hotz ghotz

## evaluate-jobowner.sql
SELECT
	J1.[name] AS job_name
,	C1.[name] AS category_name, S1.[name] as [owner_name]
,	CASE
	WHEN S1.[name] = N'sa' OR S1.[name] LIKE '##%'
	THEN NULL
	ELSE	'EXEC msdb..sp_update_job @job_name = ''' + J1.[name] + ''''
		+	', @owner_login_name = ''sa'' -- was ' + QUOTENAME(S1.[name])
	END	AS alter_command
FROM	msdb.dbo.sysjobs AS J1

## evaluate-db-owner.sql
SELECT
	D1.[name] AS database_name, S1.[name] as [owner_name]
,	CASE
	WHEN S1.[name] = N'sa'
	THEN NULL
	--ELSE	'ALTER AUTHORIZATION ON DATABASE::' + QUOTENAME(D1.[name]) + ' TO [sa] -- was ' + QUOTENAME(S1.[name])
	ELSE	'USE ' + QUOTENAME(D1.[name]) + '; EXEC sp_changedbowner ''sa'' -- was ' + QUOTENAME(S1.[name])
	END	AS alter_command
FROM	sys.databases AS D1
LEFT

## evaluate-non-trusted-constraints.sql
SELECT
	QUOTENAME(S1.[name]) AS [schema_name]
,	QUOTENAME(O1.[name]) AS [table_name]
,	QUOTENAME(C1.[name]) AS [constraint_name]
,	N'FOREIGN_KEY_CONSTRAINT' AS [constraint_type]
,	'ALTER TABLE ' + QUOTENAME(S1.[name]) + '.' + QUOTENAME(O1.[name])
+	' WITH CHECK CHECK CONSTRAINT ' + QUOTENAME(C1.[name]) AS sql_stmt
FROM sys.foreign_keys AS C1
JOIN sys.objects AS O1 ON C1.parent_object_id = O1.[object_id]
JOIN sys.schemas AS S1 ON O1.[schema_id] = S1.[schema_id]

## evluate-page-verify.sql
SELECT
	[name] AS database_name, page_verify_option_desc
,	CASE
	WHEN page_verify_option_desc = N'CHECKSUM'
	THEN NULL
	ELSE	'ALTER DATABASE [' + [name] + ']'
		+	' SET PAGE_VERIFY CHECKSUM;'
	END	AS alter_command
FROM	sys.databases
WHERE	[name] NOT IN ('master','model','msdb','tempdb')

## evaluate-recovery-time.sql
SELECT
	[name] AS database_name, target_recovery_time_in_seconds
,	CASE
	WHEN target_recovery_time_in_seconds = 60
	THEN NULL
	ELSE	'ALTER DATABASE [' + [name] + ']'
		+	' SET TARGET_RECOVERY_TIME = 60 SECONDS;'
	END	AS alter_command
FROM	sys.databases
WHERE	[name] NOT IN ('master','model','msdb','tempdb')

## view-ag-listener-details.sql
SELECT	AG1.[name] AS ag_name
	,	AL1.dns_name AS ag_listener_dns_name
	,	AL1.[port] AS ag_listener_tcp_port
	,	AL2.ip_address AS ag_listener_ip_address
	,	AL2.ip_subnet_mask AS ag_listener_ip_subnet_mask
FROM	sys.availability_groups AS AG1
JOIN	sys.availability_group_listeners AS AL1
  ON	AG1.group_id = AL1.group_id
JOIN	sys.availability_group_listener_ip_addresses AS AL2
  ON	AL1.listener_id = AL2.listener_id

## auto-deny.ps1
# Warning: remember to whitelist who you want to allow to post by entering their IP addresses in the Azure Portal
import-module Az;
$TenantID = 'YOURTENANTID';
$SubscriptionID = 'YOURSUBID'
$ResourceGroupName = 'WebSite';
$AppServiceName = 'YOURSERVICENAME';
$MyIP = (Invoke-WebRequest -uri "http://ifconfig.me/ip").Content; #avoid self-banning
$MaxPostsBytes = 100KB;

# Authenticate to Azure if not already authenticated

## get-top-by-bytes-in.ps1
$MyIp = 'xxx.xxx.xxx.xxx';

$Log = Get-Content "C:\home\logfiles\http\rawlogs\*.log" | Select -Skip 2 | ConvertFrom-Csv -Delimiter " " -Header 'date','time','s-sitename','cs-method','cs-uri-stem','cs-uri-query','s-port,cs-username','c-ip','cs(User-Agent)','cs(Cookie)','cs(Referer)','cs-host','sc-status','sc-substatus','sc-win32-status','sc-bytes','cs-bytes','time-taken';

$Log | ? { $_.'cs-method' -eq 'POST' -and $_.'cs(User-Agent)' -ne $MyIp } | Group-object -Property 'cs(User-Agent)' | % {[pscustomobject]@{Type=$_.Name;'Total POSTs'=$_.Count;'Total Bytes ↓' = ($_.group | measure-object 'cs-bytes' -Sum).Sum}} | Sort-Object 'Total Bytes ↓' -Descending | Select -first 10 | ft;

## get-http-rawlogs-top-offenders.ps1
$Log = Get-Content "C:\home\logfiles\http\rawlogs\*.log" | Select -Skip 2 | ConvertFrom-Csv -Delimiter " " -Header 'date','time','s-sitename','cs-method','cs-uri-stem','cs-uri-query','s-port,cs-username','c-ip','cs(User-Agent)','cs(Cookie)','cs(Referer)','cs-host','sc-status','sc-substatus','sc-win32-status','sc-bytes','cs-bytes','time-taken';
$Log | ? { $_.'cs-method' -eq 'POST' } | Group-object -Property 'cs(User-Agent)' | % {[pscustomobject]@{Type=$_.Name;'Total POSTs ↓'=$_.Count;'Total Bytes' = ($_.group | measure-object 'cs-bytes' -Sum).Sum}} | Sort-Object 'Total POSTs ↓' -Descending | Select -first 10 | ft
$Log | ? { $_.'cs-method' -eq 'POST' } | Group-object -Property 'cs(User-Agent)' | % {[pscustomobject]@{Type=$_.Name;'Total POSTs'=$_.Count;'Total Bytes ↓' = ($_.group | measure-object 'cs-bytes' -Sum).Sum}} | Sort-Object 'Total Bytes ↓' -Descending | Select -first 10 | ft

## get-space-multiple-tables.sql
-- based on https://stackoverflow.com/questions/7892334/get-size-of-all-tables-in-database/64037173#64037173
DECLARE	@tables TABLE (table_name sysname primary key);
INSERT	@tables VALUES ('schemaname.tablename'), ('schemaname.tablename')

SELECT
     [object_id]        = t.[object_id]
    ,[schema_name]      = s.[name]
    ,[table_name]       = t.[name]
    ,[index_name]       = CASE WHEN i.[type] in (0,1,5) THEN null    ELSE i.[name] END -- 0=Heap; 1=Clustered; 5=Clustered Columnstore
    ,[object_type]      = CASE WHEN i.[type] in (0,1,5) THEN 'TABLE' ELSE 'INDEX'  END
	SELECT
	J1.[name] AS job_name
	, C1.[name] AS category_name, S1.[name] as [owner_name]
	, CASE
	WHEN S1.[name] = N'sa' OR S1.[name] LIKE '##%'
	THEN NULL
	ELSE 'EXEC msdb..sp_update_job @job_name = ''' + J1.[name] + ''''
	+ ', @owner_login_name = ''sa'' -- was ' + QUOTENAME(S1.[name])
	END AS alter_command
	FROM msdb.dbo.sysjobs AS J1
	SELECT
	D1.[name] AS database_name, S1.[name] as [owner_name]
	, CASE
	WHEN S1.[name] = N'sa'
	THEN NULL
	--ELSE 'ALTER AUTHORIZATION ON DATABASE::' + QUOTENAME(D1.[name]) + ' TO [sa] -- was ' + QUOTENAME(S1.[name])
	ELSE 'USE ' + QUOTENAME(D1.[name]) + '; EXEC sp_changedbowner ''sa'' -- was ' + QUOTENAME(S1.[name])
	END AS alter_command
	FROM sys.databases AS D1
	LEFT
	SELECT
	QUOTENAME(S1.[name]) AS [schema_name]
	, QUOTENAME(O1.[name]) AS [table_name]
	, QUOTENAME(C1.[name]) AS [constraint_name]
	, N'FOREIGN_KEY_CONSTRAINT' AS [constraint_type]
	, 'ALTER TABLE ' + QUOTENAME(S1.[name]) + '.' + QUOTENAME(O1.[name])
	+ ' WITH CHECK CHECK CONSTRAINT ' + QUOTENAME(C1.[name]) AS sql_stmt
	FROM sys.foreign_keys AS C1
	JOIN sys.objects AS O1 ON C1.parent_object_id = O1.[object_id]
	JOIN sys.schemas AS S1 ON O1.[schema_id] = S1.[schema_id]
	SELECT
	[name] AS database_name, page_verify_option_desc
	, CASE
	WHEN page_verify_option_desc = N'CHECKSUM'
	THEN NULL
	ELSE 'ALTER DATABASE [' + [name] + ']'
	+ ' SET PAGE_VERIFY CHECKSUM;'
	END AS alter_command
	FROM sys.databases
	WHERE [name] NOT IN ('master','model','msdb','tempdb')
	SELECT
	[name] AS database_name, target_recovery_time_in_seconds
	, CASE
	WHEN target_recovery_time_in_seconds = 60
	THEN NULL
	ELSE 'ALTER DATABASE [' + [name] + ']'
	+ ' SET TARGET_RECOVERY_TIME = 60 SECONDS;'
	END AS alter_command
	FROM sys.databases
	WHERE [name] NOT IN ('master','model','msdb','tempdb')
	SELECT AG1.[name] AS ag_name
	, AL1.dns_name AS ag_listener_dns_name
	, AL1.[port] AS ag_listener_tcp_port
	, AL2.ip_address AS ag_listener_ip_address
	, AL2.ip_subnet_mask AS ag_listener_ip_subnet_mask
	FROM sys.availability_groups AS AG1
	JOIN sys.availability_group_listeners AS AL1
	ON AG1.group_id = AL1.group_id
	JOIN sys.availability_group_listener_ip_addresses AS AL2
	ON AL1.listener_id = AL2.listener_id
	# Warning: remember to whitelist who you want to allow to post by entering their IP addresses in the Azure Portal
	import-module Az;
	$TenantID = 'YOURTENANTID';
	$SubscriptionID = 'YOURSUBID'
	$ResourceGroupName = 'WebSite';
	$AppServiceName = 'YOURSERVICENAME';
	$MyIP = (Invoke-WebRequest -uri "http://ifconfig.me/ip").Content; #avoid self-banning
	$MaxPostsBytes = 100KB;

	# Authenticate to Azure if not already authenticated
	$MyIp = 'xxx.xxx.xxx.xxx';

	$Log = Get-Content "C:\home\logfiles\http\rawlogs\*.log" \| Select -Skip 2 \| ConvertFrom-Csv -Delimiter " " -Header 'date','time','s-sitename','cs-method','cs-uri-stem','cs-uri-query','s-port,cs-username','c-ip','cs(User-Agent)','cs(Cookie)','cs(Referer)','cs-host','sc-status','sc-substatus','sc-win32-status','sc-bytes','cs-bytes','time-taken';

	$Log \| ? { $_.'cs-method' -eq 'POST' -and $_.'cs(User-Agent)' -ne $MyIp } \| Group-object -Property 'cs(User-Agent)' \| % {[pscustomobject]@{Type=$_.Name;'Total POSTs'=$_.Count;'Total Bytes ↓' = ($_.group \| measure-object 'cs-bytes' -Sum).Sum}} \| Sort-Object 'Total Bytes ↓' -Descending \| Select -first 10 \| ft;
	$Log = Get-Content "C:\home\logfiles\http\rawlogs\*.log" \| Select -Skip 2 \| ConvertFrom-Csv -Delimiter " " -Header 'date','time','s-sitename','cs-method','cs-uri-stem','cs-uri-query','s-port,cs-username','c-ip','cs(User-Agent)','cs(Cookie)','cs(Referer)','cs-host','sc-status','sc-substatus','sc-win32-status','sc-bytes','cs-bytes','time-taken';
	$Log \| ? { $_.'cs-method' -eq 'POST' } \| Group-object -Property 'cs(User-Agent)' \| % {[pscustomobject]@{Type=$_.Name;'Total POSTs ↓'=$_.Count;'Total Bytes' = ($_.group \| measure-object 'cs-bytes' -Sum).Sum}} \| Sort-Object 'Total POSTs ↓' -Descending \| Select -first 10 \| ft
	$Log \| ? { $_.'cs-method' -eq 'POST' } \| Group-object -Property 'cs(User-Agent)' \| % {[pscustomobject]@{Type=$_.Name;'Total POSTs'=$_.Count;'Total Bytes ↓' = ($_.group \| measure-object 'cs-bytes' -Sum).Sum}} \| Sort-Object 'Total Bytes ↓' -Descending \| Select -first 10 \| ft
	-- based on https://stackoverflow.com/questions/7892334/get-size-of-all-tables-in-database/64037173#64037173
	DECLARE @tables TABLE (table_name sysname primary key);
	INSERT @tables VALUES ('schemaname.tablename'), ('schemaname.tablename')

	SELECT
	[object_id] = t.[object_id]
	,[schema_name] = s.[name]
	,[table_name] = t.[name]
	,[index_name] = CASE WHEN i.[type] in (0,1,5) THEN null ELSE i.[name] END -- 0=Heap; 1=Clustered; 5=Clustered Columnstore
	,[object_type] = CASE WHEN i.[type] in (0,1,5) THEN 'TABLE' ELSE 'INDEX' END