search

Set 4

31. Incident Triage – Extract Fatal Errors

Scenario During a production incident, SREs need to quickly isolate fatal log entries.

Instructions:

  • Navigate to ~/kactii29

  • Create folder fatal_errors

  • Assume prod.log exists

  • Extract lines containing FATAL

  • Save output to fatal.log

Commands Expected: grep, output redirection

32. Disk Capacity Check – Home Directory Usage Report

Scenario Capacity planning team needs a snapshot of disk usage under user home directories.

Instructions:

  • Navigate to ~/kactii29

  • Create capacity_report

  • Measure disk usage of home directory contents

  • Limit depth to one level

  • Save output to capacity.txt

Commands Expected: du -h --max-depth=1

33. User Accountability – Login Evidence Collection

Scenario Audit team requests evidence of active users during a maintenance window.

Instructions:

  • Navigate to ~/kactii29

  • Create user_accountability

  • Capture logged-in users

  • Append current date and time

  • Save to users.log

Commands Expected: who, date, output redirection

34. Binary Validation – Confirm Command Availability

Scenario Before running recovery scripts, engineers must ensure required commands are present.

Instructions:

  • Navigate to ~/kactii29

  • Create binary_validation

  • Locate paths for grep, du, and uptime

  • Save output to binaries.txt

Commands Expected: which

35. Service Health – SSH Availability Check

Scenario Remote access is critical during incidents; SSH service health must be verified.

Instructions:

  • Navigate to ~/kactii29

  • Create ssh_health

  • Check SSH service status

  • Start service if inactive

  • Save status output to ssh_status.txt

Commands Expected: systemctl status, systemctl start

36. Deferred Task Audit – Review Scheduled Jobs

Scenario Ops leadership wants visibility into all deferred tasks on the system.

Instructions:

  • Navigate to ~/kactii29

  • Create deferred_tasks

  • List all scheduled at jobs

  • Save output to tasks.txt

Commands Expected: atq

37. Environment Snapshot – Capture Runtime Context

Scenario Debugging requires capturing the full runtime environment during execution.

Instructions:

  • Navigate to ~/kactii29

  • Create runtime_context

  • Display all environment variables

  • Save output to env.txt

Commands Expected: printenv

38. Network Exposure – Listening Port Evidence

Scenario Security team needs evidence of open listening ports before policy enforcement.

Instructions:

  • Navigate to ~/kactii29

  • Create network_exposure

  • Capture all listening TCP and UDP sockets

  • Save output to ports.txt

Commands Expected: ss -tuln

39. Data Normalization – Deduplicate Transaction IDs

Scenario Finance team needs a clean list of unique transaction IDs from raw dumps.

Instructions:

  • Navigate to ~/kactii29

  • Create transaction_cleanup

  • Assume transactions.log exists

  • Sort and remove duplicate entries

  • Save to unique_tx.txt

Commands Expected: sort, uniq

40. System Evidence – Uptime During Incident

Scenario Post-incident report requires proof that the system stayed online.

Instructions:

  • Navigate to ~/kactii29

  • Create incident_evidence

  • Capture system uptime

  • Append timestamp

  • Save to uptime_evidence.log

Commands Expected: uptime, date, output redirection

PreviousSet 3NextSet 5

Last updated