Search Results

This guide explains how to recover from the Windows Server Blue Screen: STOP CODE: 0xC00002E2 STATUS_DS_INIT_FAILURE This typically occurs when: ntds.dit was restored manually SYSVOL was restored manually BurFlags may have been set The server was ...

This guide documents the procedures for maintaining Wazuh agents on Ubuntu 22.04/24.04, with specific instructions for Docker monitoring and manual ID preservation. 1. Agent Version Control (Critical) Constraint: The Wazuh Manager version must always be ...

If you keep seeing “Wazuh dashboard server is not ready yet” in a loop, the Wazuh Dashboard is almost always stuck on a migration lock. This typically happens after an interrupted upgrade or restart. 🔐 Security Warning Never store real credentials in docum...

By default, Linux has a "swappiness" value of 60. Lowering this to 10 tells the kernel to avoid using the slow disk swap and prioritize the fast physical RAM, which is critical for Wazuh Indexer performance. 1 Check Current Swappiness Run th...

The "Another process is migrating" error occurs when the dashboard service is interrupted while recreating its internal indices. Follow these steps in exact order to clear the lock. 1 Stop the Dashboard Service You must stop the service to e...

The default dashboard logs are dense JSON strings. Use these filtered commands to see exactly what is happening during a migration without the "noise". 1 Filter for Migration Progress This command hides the repetitive warnings and only shows...

The Wazuh Dashboard logs are JSON-formatted, but standard journalctl prepends timestamps that break JSON parsers. Use these commands to see perfectly formatted, readable logs. 1 View Pretty-Printed JSON The -o cat flag removes the OS timesta...

When an agent shows as Disconnected, it is usually due to a service failure on the endpoint or a network/firewall block between the endpoint and the Wazuh Manager. 1 Restart Service on Hestia VM Log into the Hestia VM and restart the agent. ...

This guide walks through recovering a Windows Server system that fails to boot after a Windows Update. It uses Windows Recovery Environment (WinRE) and DISM to revert or remove problematic updates. Tested with Windows Server 2019. The process is nearly iden...

DiskPart is a low-level command-line tool used to manage disks, partitions, and volumes. It is commonly used in recovery environments, server troubleshooting, and OS deployment. ⚠ Warning: DiskPart can permanently destroy data. Always confirm disk numbers b...

Before using DiskPart, it is critical to understand the difference between a disk and a volume. Most recovery mistakes happen because these concepts are confused. What Is a Disk? A disk is a physical or virtual storage device. It is the entire container ...

Introduction to Exercise Before people in your organization can begin using your Cloud Identity service, you need to create user accounts for each person. An account provides users with a name and password for signing in to their cloud services. Each user you...

Introduction to Exercise You've learned how to add users manually; however, when adding many users at once, this method is quite time consuming. Let's see how to bulk upload many users at once. Note: This task requires being signed in as a super administrato...

Introduction to the Reading If your organization has a large, pre-established directory, Google Cloud Directory Sync (GCDS) is a secure tool that we provide that can help you sync your users into your Cloud Identity domain. GCDS allows you to synchronize your...

Introduction to Exercise In this exercise, you'll grant the super administrator role to Alexa Bell, the IT Manager. The super administrator role is an example of a pre-built administrator role that's standard in the Admin console and where you can create cust...

  Introduction to Exercise In this lesson, you will practice creating custom roles that have a custom set of privileges. Exercise Scenario A little later you receive a request from the Project Manager, Lars Ericsson. Hello Admin, I would like to understa...

Introduction to Exercise Now that users are signing in and using the tools, you're likely to come across a scenario where a user needs a password reset: A user forgets their password A user's account is compromised (security concerns) Exercise ...

  Exercise Introduction When you are using Cloud Identity as your primary identity provider (IdP), you may make mistakes when entering user data into the console. If for some reason you need to change a user's name in the Google Admin Console, this exercise ...

Introduction to Exercise As a Cloud Identity administrator, you can temporarily block a user's access to your organization's cloud services by suspending the user's account. This disables the account without deleting the user's profile and related information...

Introduction to Exercise If a user leaves your organization, you might want to delete their Google account. Data is purged within a matter of days. It's important to understand the different implications of suspending and deleting users, build a process for u...