Skip to content
Troubleshooting Prompts — Guided Scenarios

Professional Troubleshooting Prompts

Copy-ready prompts that structure problem description, environment, steps taken, evidence, hypotheses, and a clear ask for assistance. They reduce ping-pong, speed triage, and improve outcomes.

Jump to Scenarios Jump to Sources

How to Use These Prompts

1) Paste and Fill In

Paste a prompt into your ticket, email, or chat. Replace bracketed sections with specifics (systems, timestamps, error texts, IPs where allowed).

2) Attach Evidence

Include logs, screenshots, command output, and configuration snippets. Mask secrets. Provide exact times and time zones.

3) State the Ask

Be explicit about the decision or action you want: root cause analysis, workaround, change request, rollback, or post-incident review.

Guided Prompt Templates by Scenario

Networking

Connectivity / Latency

Scenario: Network connectivity or latency issue.

Problem Summary:
- Affected systems/segments: [hosts, VLANs, SSIDs, site]
- Scope: [one user / subnet / site / global]
- When it started (with timezone): [YYYY-MM-DD HH:MM TZ]
- Expected vs observed behavior: [describe]
- Error messages / codes: [paste exact text]

Environment:
- Topology context: [WAN, edge FW, VLANs, SD-WAN, Wi-Fi vendor]
- Recent changes: [firmware, rules, circuits]
- DNS/DHCP status: [servers, leases, changes]

Evidence Collected:
- ping/traceroute/mtr: [paste]
- nslookup/dig: [paste]
- Router/Switch/AP logs: [attachments or snippets]

Working Theories:
- [theory 1], [theory 2]

Ask:
- Request path isolation (L1→L4), rule review, and DNS validation.
- If feasible, propose a minimally disruptive test.
Systems

Server or Workstation Performance

Scenario: System performance degradation.

Problem Summary:
- Hostname / asset tag: [id]
- Symptoms and timeline: [slow app, spikes, freezes]
- Workload profile: [DB, web, build, VDI]

Evidence:
- CPU / RAM / disk / network graphs: [attach]
- Top processes and versions: [paste]
- Recent updates or driver changes: [list]

Working Theories:
- [IO bottleneck], [memory pressure], [driver regression]

Ask:
- Request performance triage and bottleneck confirmation.
- Recommend immediate mitigations and longer-term fixes.
Storage & Data

Disk / NAS / Data Integrity

Scenario: Storage failure or data integrity concern.

Problem Summary:
- Device / array / share: [id]
- Symptoms: [I/O errors, CRC, timeouts, stale reads]
- Impacted data sets: [paths, DB names]

Evidence:
- SMART / ZFS / RAID status: [paste]
- fsck / zpool / vendor diag: [paste]
- Recent power or topology events: [describe]

Ask:
- Validate integrity and propose recovery options (RPO/RTO).
- Provide replacement / rebuild plan and post-mortem steps.
Security

Potential Security Incident

Scenario: Suspected security incident.

Problem Summary:
- Indicator(s): [alert id, email, URL, hash, process]
- Affected accounts/systems: [ids]
- Time window (with timezone): [start→end]

Containment Actions Taken:
- [isolated host], [revoked tokens], [blocked domain/IP]

Evidence:
- EDR events, firewall logs, auth logs: [paste]
- Triage notes: [what you checked]

Ask:
- Request incident handling guidance per playbook.
- Need scoping, containment validation, and eradication steps.
- Request forensics do/do not preserve volatile memory.
Web Apps

Website / API Outage or Errors

Scenario: Web or API failure.

Problem Summary:
- Endpoint(s): [URL paths]
- Error codes / logs: [HTTP status, stack trace]
- Rollout history: [commit, build, feature flags]

Infra Context:
- Reverse proxy / WAF / CDN: [versions, rules]
- App/DB versions, migrations: [ids]
- Cache layers: [Redis, CDN TTL]

Ask:
- Request layered triage (proxy → app → DB).
- Recommend rollback or hotfix if SLA risk is high.
Messaging

Email Delivery / Spam

Scenario: Email deliverability or spam incident.

Problem Summary:
- Sender / recipient domains: [list]
- Symptoms: [bounces, spam folder, delays]
- Message-IDs / sample headers: [paste]

Checks Performed:
- SPF/DKIM/DMARC status: [results]
- Blocklists / reputation: [notes]
- Mail logs / queues: [snippets]

Ask:
- Diagnose root cause and propose DNS / policy fixes.
- Provide interim workaround for critical messages.
Cloud

Service Degradation / Outage

Scenario: Cloud service degradation.

Problem Summary:
- Region / services: [us-east-1 / storage / queue]
- Symptoms: [timeouts, throttling, 5xx]
- Changes: [infra as code diff, scaling policy]

Evidence:
- Provider status / health checks: [links, times]
- Error rates and latency: [graphs]

Ask:
- Request failover or degradation plan.
- Propose policy adjustments (retries, backoff, limits).
Databases

Slow Queries / Locks

Scenario: Database performance issue.

Problem Summary:
- DB engine/version: [PostgreSQL/MySQL/...]
- Symptom: [slow query class, lock waits]
- Recent schema/migration: [id]

Evidence:
- EXPLAIN/ANALYZE: [paste]
- Wait events / contention: [paste]
- Resource graphs: [attach]

Ask:
- Request query/index tuning and configuration review.
- Recommend immediate mitigations and durable fixes.
Printing

Printer Errors / Queues

Scenario: Printing failures.

Problem Summary:
- Printer model / queue: [id]
- Symptoms: [stuck jobs, garbled output]
- Driver / OS versions: [list]

Evidence:
- Spooler logs, last good job time: [paste]
- Network path (USB/SMB/IPP): [describe]

Ask:
- Request remediation steps and driver/firmware guidance.
Resilience

Backup / Restore Request

Scenario: Need a restore or backup validation.

Problem Summary:
- Data set / system: [paths, DB, VM]
- Recovery point objective (RPO): [time]
- Recovery time objective (RTO): [target]

Evidence:
- Backup job IDs, logs, verification hashes: [paste]
- Last successful test restore: [date]

Ask:
- Execute restore to [target] and validate integrity.
- Document steps and gaps for future drills.
OS

Boot / Driver / Update Failure

Scenario: OS boot or update failure.

Problem Summary:
- Platform and version: [Windows/macOS/Linux]
- Error codes/messages: [paste]
- Last known good and recent changes: [dates]

Evidence:
- Boot logs / recovery output: [paste]
- Disk health / free space: [data]

Ask:
- Request safe remediation plan (rollback, repair, driver pinning).
- Preserve data integrity and verify after fix.
Browsers

Browser Errors / Extensions

Scenario: Browser-specific failures.

Problem Summary:
- Browser(s) and versions: [list]
- Repro steps and expected vs observed: [steps]
- Extensions / policies in effect: [list]

Evidence:
- Console/network traces (HAR): [attach]
- Feature flags / experiments: [notes]

Ask:
- Identify regression vs site config.
- Propose compatibility fix or policy adjustment.

Sources Used (APA)

  1. Grimes, R. A. (2019). Malware, Rootkits & Botnets (2nd ed.). McGraw-Hill.
  2. Joint Task Force. (2020). Security and Privacy Controls for Information Systems and Organizations (NIST SP 800-53 Rev. 5). National Institute of Standards and Technology.
  3. National Institute of Standards and Technology. (2010). Contingency Planning Guide for Federal Information Systems (NIST SP 800-34 Rev. 1). NIST.
  4. Scarfone, K., & Mell, P. (2007). Guide to Intrusion Detection and Prevention Systems (IDPS) (NIST SP 800-94). NIST.
  5. Strom, B. E., et al. (2018). MITRE ATT&CK®: Design and Philosophy. MITRE.
  6. Bejtlich, R. (2013). The Practice of Network Security Monitoring. No Starch Press.
  7. OWASP Foundation. (2021). OWASP Top Ten. OWASP.

These references inform the structure of incident prompts, logging guidance, and resilience practices.