Comments
1 comment
-
This is part of Microsoft Defender - Advanced Threat Protection which can be extended to on-premise SQL Servers. I was able to filter this out in Redgate SQL Monitor by going to Setting, go to Alert settings, and add a filter in “Exclude Queries that contain sql commands or objects matching the following regular expressions.” There I entered the object sys.fn_MSxe_read_event_stream. This did the trick.
Add comment
Please sign in to leave a comment.
Microsoft Defender for SQL is is issuing a perpetual query showing in Redgate Monitor as a long running query across all SQL Server in Redgate Monitor. The Query is: (@source nvarchar(256))SELECT type, data FROM sys.fn_MSxe_read_event_stream (@source, 0).
I believe this is new functionality being pushed out by Microsoft for those using Defender. The issue is that all SQL Server now show blue because of this Long running Query. So this is causing unexpected results as the Redgate Monitor SQL Server will likely never show Green staus again unless this can be ingnored.
Has anyone encountered this issue? I'm hoping to be able to filter or ignore this query as I can not turn of MS Defender.