Author: GDanu
-
High CPU Usage on Linux Server
Sustained high CPU usage impacts application latency and system stability. This guide provides a structured, low-risk triage method before tuning or scaling decisions are made. Symptoms Load average consistently above CPU core count Slow application response times Increased context switching Monitoring alerts for CPU saturation Environment Linux servers (RHEL-based or Debian-based) systemd Bare metal or…
-
Wazuh Agent Not Sending Logs
A Wazuh agent can appear installed and running while silently failing to deliver logs to the manager. This runbook focuses on end-to-end validation, from agent service state to manager-side ingestion. Symptoms Agent shows as installed but no alerts or logs appear Agent intermittently disconnects Manager UI shows agent as never connected No obvious errors in…
-
PowerShell Audit Script: Local Administrators Enumeration
Auditing local administrator memberships is a common security requirement. This script is read-only, idempotent, and suitable for production use across servers and workstations. Use Cases Privileged access reviews Incident response triage Compliance audits Baseline comparisons Environment Windows 10 / 11 Windows Server 2019 / 2022 PowerShell 5.1 or newer Script (SAFE – Read-Only) $Timestamp =…
-
VMware ESXi High Disk Latency – Practical Troubleshooting
High storage latency is one of the most common causes of VM performance degradation. This runbook focuses on fast, non-disruptive diagnostics before any invasive changes are made. Symptoms Slow VM response or freezes vSphere alerts for datastore latency High DAVG or KAVG values IO wait inside guest operating systems Environment VMware ESXi 7.x / 8.x…
-
SSH Connection Refused on Linux Server
An “SSH connection refused” error indicates that the connection reached the host, but no service accepted it. This runbook provides a structured, low-risk approach to identify and resolve the issue without locking yourself out. Symptoms SSH client returns connection refused Server responds to ping, but SSH fails Issue appeared after hardening or firewall changes Console…
-
MikroTik Multi-WAN Failover (Safe Configuration)
Overview Multi-WAN failover ensures uninterrupted internet access when a primary ISP fails. This guide implements a conservative, production-safe failover using route distance and gateway monitoring. Environment MikroTik RouterOS v7.x Two WAN connections (static or PPPoE) No policy routing required Design Principles No traffic marking No scripting dependencies Predictable rollback Minimal impact on existing firewall/NAT rules…
-
SNMP Client Installed but SNMP Service Missing on Windows
On modern Windows systems, SNMP is deployed as a Windows Capability. In some cases, the capability appears installed, but the SNMP service is missing. This runbook addresses the issue safely and repeatably. Symptoms SNMP Client shows as installed SNMP service does not appear in Services Get-Service SNMP returns no results Monitoring systems fail to poll…
-
WireGuard Handshake Works but No Traffic Passes on MikroTik
Overview A successful WireGuard handshake does not guarantee data transfer. On MikroTik devices, this issue is almost always caused by routing, firewall, or AllowedIPs misconfiguration. This runbook provides a safe, production-tested fix path. Symptoms WireGuard peer shows recent handshake RX/TX counters remain at zero Tunnel IPs are reachable from the router, but not from LAN…
-
ISP Support Ticket Template: ONT LAN Port Negotiates at 100Mbps (Evidence Pack)
Last updated: 2026-01-02 Use this template when an ONT/router port negotiates 100 Mbps on one LAN port but 1 Gbps on another, even after changing cables/devices. It includes an evidence checklist and copy-paste commands. Goal Send a high-quality ISP ticket that: clearly describes the issue includes reproducible steps attaches evidence (link speed + cables tested…
-
Windows SNMP Installed but SNMP Service Is Missing (Windows 10/11) — Fix
Last updated: 2026-01-02 If you ran Add-WindowsCapability -Online -Name “SNMP.Client~~~~0.0.1.0” but Get-Service SNMP returns service not found, follow this playbook. Microsoft documents installing both SNMP and the WMI SNMP Provider and how to verify the capability state. Microsoft Learn Goal Restore the SNMP components so the SNMP service is present and can be configured safely.…