No, that isn’t an April 1st joke, heh. I know a lot of vendors are shoving AI down your throat, but I can think of a few ways I actually want to get quick, easy advice from large language models (LLM) when I’m calling the sp_Blitz scripts:
- sp_BlitzCache will have an @AskAI parameter that sends the query plan to an LLM to get specific, actionable advice on how to improve the query and/or execution plan.
- sp_BlitzIndex will send a table’s indexes to the LLM to de-duplicate them and generate a change script for you to review.
- sp_BlitzLock will send a deadlock graph to the LLM asking for index changes, query changes, or query hints that might avoid deadlocking.
This post isn’t a debate about whether I’m going to code this – I am, period, full stop, because it’s going to be useful for some folks. If it’s not useful to you, that’s totally okay – close this browser tab and go on with your life. Let’s not turn this into a discussion of whether or not we should use tooling.
But if AI in the FRK is something you’d use, keep reading.
These features are going to require SQL Server 2025 or Azure SQL DB because it’ll rely on their new abilities to call LLMs via extended stored procedures, like sp_invoke_external_rest_endpoint. The thing I’m worried about is how we’re going to store your LLM credentials, like access keys.
Tools like ChatGPT, Gemini, and Claude are called with access keys that are unique to your account. Each time you call the service, your access key is what gets billed. If your access key gets out there – or even inside your company – then people can run up huge charges on your bill.
So right now, my design thoughts are:
- I don’t want you to have to copy/paste in an access key into the stored proc each time. That would make the features too much of a pain to use, and would lead people to store the access key all over the place.
- I’d like the First Responder Kit to check for the existence of a table (like master.dbo.llm_authentication), and if it exists, pull the access keys from there. Only your SQL Server user account (and other people on your nice list) should have read access to that table.
- I’ll add a decryption password to the First Responder Kit scripts, and if that’s passed in, use that password to decrypt the access keys stored in the table (otherwise they can be stored unencrypted if you just want to rely on SQL Server’s security to keep people out of those tables.)
- We should be able to call different LLMs based on an FRK parameter. Different LLMs have different strengths in different situations, and there are going to be times you want to experiment by asking for a second opinion. The llm_authentication table should be able to have multiple rows, with one designated as the default. This way you can store keys for ChatGPT, Gemini, Claude, and other services, and switch which one you’re calling at runtime.
When I’m coding this, is there anything else you’d like me to consider? I plan to code it this summer.
22 Comments. Leave new
This is a really awesome idea. Even if it’s just a PoC. If there’s any interest, I wouldn’t mind teaming up with you on it. Regardless, here would be some really interesting things to consider. Have the LLM parse the outputs and determine things very conversationally (obviously). Things like this:
* I just joined this company and installed the tools. What are the top 5 things I need to know RIGHT NOW about this instance?
* Is tempdb sized correctly given the workload?
* Given a database, what should I be focused on right now to get it running better?
* I just got a phone call, the instance is slow, what should I start looking at right now?
* Basic nl2sql style queries against any db on the instance WITHOUT the need for a system prompt. This is difficult to do in the industry but this would be a great way to demonstrate HOW someone would approach this. And it makes it very generic.
There’s probably tons more I’m not thinking of. But you would know what the common usage patterns are for FRK and where folks struggle with it (never, I know). You could have chat histories squirreled away and do some _learning_ against that.
This is an excellent way to show _alternative_ patterns of LLM usage that aren’t simply RAG patterns. Because this likely isn’t RAG. This would be more like:
* nl2sql (write me a query that does blah blah blah)
* TAG (table augmented generation) and LOTUS (LLMs over Tables of Unstructured and Structured data). Said differently, analyze the outputs of a call and tell me what the output _means_.
* classification calls (the LLM will need to determine which db to use and then how to construct the system prompt based on what is being asked).
* the ability to provide feedback loops so it _learns_ about a database (or maybe you’d rather not go down the path of allowing queries against user dbs). What I mean is a simple query like “show me active customers” is very hard for an LLM that doesn’t have tribal knowledge and a business glossary of how we define _active customer_. Is it “show me customers that ordered today or ordered in the last 6 months?”
This would be an excellent demo. I work for Microsoft doing this stuff daily and frankly the number one thing I’m being asked to help with is “getting my LLM to query my database for my users”. This is harder than folks think and a demo like this, which even most non-DBAs would understand, is a great way to show what you need to think about when you are leveraging an LLM as a querying assistant.
Great thoughts! Just to set expectations, I will be going absolutely nowhere near “get my LLM to query my database for my users,” period, full stop.
I think it’s a noble goal, but there are VC-funded companies pursuing that, and I want to be realistic about what we can accomplish here in the limited time that we have to volunteer on this kind of thing.
That’s amazing! I think there are many people using AI this way, copy-pasting stuff from ssms into a prompt. Having It integrated into the First Risponder Kit Just makes ton of sense
Great idea, I love it! Just curious though: in your experience, has there been one model/service that seems to do better at plan interpretation than others?
Great question – I haven’t done in-depth comparisons because the market is changing *so* quickly. Richie’s built a proof of concept for AI calls for PasteThePlan, but we have another feature for another product that we’re shipping first, so we’ll revisit the detailed comparison later.
Hey brent. Would the LLM prompts be standard outputs that we could simply copy/paste into the LLM of our choice rather than going through an API connection? It seems like that would also get some front-runner responses on if the prompts are generating useful responses before going all the way to integrations and would also allow older versions of SQL to benefit from the feature.
Brandon – that’s an interesting possibility, but it wouldn’t really work since the output would be so lengthy, and would involve attaching files like query plans. That’s easier to do via REST API calls, but kinda painful to do in SSMS results.
Of course, the FRK scripts are open source, and we’d welcome pull requests if that’s something important to you, and you can get it to work! I’m not against it – I just don’t see how it’d be easy to do.
I suspect he plans to use the AI integration in sql 2025+ its not just the prompts that matter, its the context grounded in your SQL instance
Bad news: SQL Server 2025 doesn’t include any database or instance context in its AI calls.
I think you might be thinking of SSMS 22 Copilot (which hasn’t been released yet), but that works with any supported version of SQL Server, and … I’m not really that impressed with it, based on what we’ve seen so far: https://www.brentozar.com/archive/2024/11/copilot-in-ssms-is-kinda-like-ie-in-ssms/
Supporting Azure Key Vault for the LLM credentials would be nice to have, especially for Azure SQL Database. I don’t want to have to put a copy of llm_authentication, or set up an External Table to access the One True Instance, in hundreds of production databases. But I understand that you have to support the most common use cases first.
I don’t use Azure Key Vault, so that would be something that someone else in the community would be welcome to code.
Could you encapsulate this fetch LLM credentials into a SP? eg sp_BlitzLLMCredentials(decryptionPassword VARCHR(100))
Then if you add this AI access to many Blitz SPs and people want to roll their own credential fetching they only have the one SP sp_BlitzLLMCredentials to replace
[…] ???? […]
In my opinion the Stored Procedure sp_invoke_external_rest_endpoint should be renamed sp_invoke_MSinternal_rest_endpoint because you can only query Azure endpoints.
If you want to query Gemini, Copilot, Claude every REST call need to pass through an Azure Logic Apps or Azure Functions that does the actual call for you.
In the documentation the only direct REST endpoint that you can query directly is ChatGPT (*.openai.azure.com)
Francesco, when I read your comment, I thought, “No way, Microsoft can’t possibly have done that.”
I owe you an apology, because you are 100% correct, and I’m dumbfounded. That’s shocking.
I know, I was so sad when I discovered that.
If you want, on-prem only, you can use my bad code: https://stackoverflow.com/questions/22067593/calling-an-api-from-sql-server-stored-procedure
Which is ugly and uses ‘MSXML2.ServerXMLHTTP.6.0’ to make the call (Fun fact: that object is a file contained in Windows Internet Explorer. Last time I checked it was still present on Windows & Windows Server).
In the same page you will find a post from Davide Mauri (Microsoft) that explains how to do a REST call from Azure SQL Database so you can take that as an example of sp_invoke_external_rest_endpoint + Azure Function.
See you in Croatia
I would have requested the ability to call local models (hosted on a different server, but still on-prem), but that seems unnecessary now. Microsoft is really pushing Azure and as an employee for a european government I find that more and more concerning.
Very interested, but have no experience in using LLM with SQL. Can anyone recommend a beginner video or examples of using LLM with SQL.
I found a solution for you: https://devblogs.microsoft.com/azure-sql/predictable-llm-output-with-sp_invoke_external_rest_endpoint/
The First Responder Kit can be OpenSource but the AI feature must be a paid one.
You have to:
1) Create an OpenAI endpoint on Azure called https://firstresponderkit.openai.azure.com/
2) If a person want to use the AI feature on the First Responder Kit first they need to buy a license token from brentozar.com and save a credit card number on Brent Ozar Unlimited
3) once they have a token they can query OpenAI from the First Responder Kit
4) In the backend Brent Ozar Unlimited can now track the number of calls or tokens used by each customer.
5) At the end of the month each user is charged for the use of the First Responder Kit AI
Or a free alternative for you but paid for us would be to use a simple deploy template button: https://learn.microsoft.com/en-us/azure/azure-resource-manager/templates/deploy-to-azure-button
1) Brent Ozar Unlimited creates a “Deploy to Azure” button that deploys a template.
2) the template contains an Azure OpenAI endpoint called https://firstresponderkit.openai.azure.com/ that is now deployed on the user’s Azure Subscription.
3) Users can now generate a key in their Azure OpenAI endpoint
4) They can now put that key in the First Responder Kit
5) The more they use the OpenAI the more they pay and they will be billed automatically by Azure at the end of the month on their own Subscription
I’ll be brutally honest: given my limited support time and the free nature of the tool, I won’t be doing any Azure template work. Hope that’s fair.
Hi Brent
I like the idea, here’s my thoughts:
* I would add the ability to call an on-prem DeepSeek-R1 aswell.
* Use symmetric keys for encryption and decryption and only grans specific users access.