Back in April I wrote a post asking why people tend to avoid Extended Events. Many of you provided feedback, which I greatly appreciated. A common theme in the responses was time. Many people found that creating an event session in Extended Events that was comparable to one they would create in Trace took longer. Ok, I get that…so as a follow up I am interested in knowing how you typically use Profiler and Trace. If you would be willing to share that information, I would be extremely grateful. At a minimum, I’d like to know what events you add, what columns you select for those events, what filters you add, and then how you view the data (e.g. do you run Profiler and watch the data live, or do you script it out as a server side trace and write it to a file, then view it later for analysis?). If it’s easiest to post the trace definition (i.e. export it from the Profiler UI) that works too. Again, any information you can share in the comments (or if you want to send me an email that’s great too) would be greatly appreciated. My goal is to create a library of event session definitions for these “typical” traces that people create and share them publicly. Stay tuned for another post once I (hopefully!) start getting some information. Thanks again!
I recently ran through a health audit for a customer, and in reviewing their system_health output I was reminded of the unnecessary security_error_ring_buffer_recorded event.