I often find myself giving out several SQL Execute steps I run in a daily script and explaining what they do, so this is mainly to save me time and typing. I am simply going to list the SQL Statements and an explanation of what each one does. These all go into a script that I schedule against the CWA server 1 time a day, but you can schedule it however often you like.
1. UPDATE agents SET lastscan = now() WHERE lastscan > now()
This resets all disabled internal monitors
2. UPDATE hotfix SET pushed='0' WHERE installed=0 AND pushed=1 AND approved=2
This resets the "pushed" flag for deployed patches, so CWA doesn't just give up after they fail a few times. I'm not sure if this is still needed but it doesn't hurt. If you are still
using pre version 11 patching then I envy you, but change the value of "approved" to 1.
3. DELETE FROM drives WHERE missing=1
I'm not even going to explain this one
4. DELETE FROM agents WHERE agents.name LIKE "%drive space critical%" AND agents.name NOT LIKE "%Disk - C:%" AND agents.computerid NOT IN (SELECT computerid FROM computers WHERE `os` LIKE "%server%")
This removes all those pesky disk space remote monitors on PCs for everything other than the C drive, because on workstations I could not care less about those drives.
5. DELETE FROM ScriptState WHERE LOWER(Variable) LIKE '%ticketid' AND VALUE NOT IN (SELECT ticketid FROM tickets)
This is something from Chris Taylor, so you know it's good
6. DELETE FROM eventlogs WHERE eventid IN (2280,5139)
This just deletes some events that seemed to take up a lot of space and that I didn't find useful
7. DELETE FROM eventlogs WHERE message LIKE "%software protection%" OR message LIKE "%uninitializing automatic updates%" OR message LIKE "%Security ID:S-1-0-0%" OR source="Microsoft-Windows-Security-Auditing"AND blacklistid=0
Same reason as step 6
8. DELETE FROM windowsupdateetlfiles
Deletes everything from this table, as this table is known for it's insane bloat an uselessness, and I seem to recall some potential issues with truncate that delete doesn't
9. DELETE FROM computerroledefinitions WHERE currentlydetected=0 AND `type`=0
This removes roles that were detected and are now missing from agents