Runbooks Overview
Purpose
This page provides a quick index for operational runbooks used during common production incidents and high-risk operational tasks.
Runbooks are not a replacement for engineering judgment. They provide a safe first response path, evidence expectations, and escalation rules.
Runbook Rules
- Do not run destructive commands without approval.
- Do not expose secrets, tokens, passwords, or private keys in screenshots.
- Capture timestamps, affected service, impact, owner, and evidence.
- Escalate SEV-1 and financial or data exposure risks immediately.
- Record the incident in the incident response process if user impact exists.
Runbook Index
| Runbook | When To Use | Severity Default |
|---|---|---|
| Application Down | Website, dashboard, or app unavailable | SEV-1 |
| API Down | API health or protected endpoints failing | SEV-1 / SEV-2 |
| Database Issue | Database unreachable, slow, or erroring | SEV-1 / SEV-2 |
| Payment Failure | Payment, wallet, webhook, or duplicate transaction issue | SEV-1 |
| Backup Restore | Restore test or production restore workflow | SEV-1 / Operational |
| Sentry Critical Error | Critical application exception detected | SEV-2 |
| Forge Disconnected | Laravel Forge cannot connect to servers | SEV-3 unless service impact exists |
Evidence Standard
| Evidence Type | Examples |
|---|---|
| Screenshot | Cloudflare, Forge, Sentry, monitoring, status page |
| Log excerpt | Sanitized Laravel log, Nginx log, queue log |
| Command output | Health check, deployment status, queue status |
| Decision record | Owner approval, rollback approval, incident commander note |
| Recovery proof | Health endpoint, login, protected API, payment status |