what tool are you running that management doesn't know about
Posted by Evening-Result5868@reddit | sysadmin | View on Reddit | 183 comments
i have a headless ubuntu vm running on an old optiplex under my desk that does more useful work than half the stuff we actually have budget for. it runs uptime kuma for monitoring because the "enterprise monitoring solution" management bought has a 45 second page load and nobody checks it. it runs a grafana dashboard pulling metrics from our switches that i use more than the vendor's own management portal. and it runs a cronjob that checks ssl cert expiry dates and emails me two weeks before anything lapses because we got burned by that twice before i set it up.
none of this is approved. none of it is in any documentation. if i left tomorrow nobody would know it exists and things would start breaking within a month.
what's your shadow IT that's quietly holding things together?
dreniarb@reddit
Getting away with an unapproved device on your network says a lot about the IT team running things. Good on you but shame on them for not noticing it.
HailYurii@reddit
He is the IT team
DL05@reddit
Unless it’s a single man operation, someone else not knowing and speaking up is crazy. I doubt he’s a single man team.
Mailstorm@reddit
A >=2 person IT team is not going to have alerting on new devices on the network. Not even am 8 person team would...
dreniarb@reddit
What does the size of the team matter? Whether I was a 1 man team or a team of dozens I'd expect every device on the network to be accounted for.
Maybe not for a guest network where people are BYOD all day. But a staff network?
Mailstorm@reddit
This is the attitude to have when you are just first starting a business and everything is new. The moment your network exists for 2 or 3 years its gets harder and harder unless you had processes and technologies in place 2 or 3 years ago. Combine this with the fact that good systems cost money...and businesses don't like spending money in something that isn't required to make money or not be fined.
dreniarb@reddit
I just don't see it that way.
I use snmp to get a list of mac addresses on the staff vlans from our switches, a script monitors the list for a number of different things, one of those being an alert when a new mac shows up.
i don't see how that gets any more difficult when scaling up?
Mailstorm@reddit
Because you will get flooded with device alerts if you never had a process and its very overwhelming. And previous architecture decisions may mean some sublets or plans get forgotten about.
I am starting this and there's 3k macs on the network and there's only 1k documented assets. The other 2k are a mystery and require manual intervention to figure out what they are. Network scans can only tell you so much. And just because I know the port a Mac is at doesn't mean anything. These runs are old and finding where they go is...not really possible.
dreniarb@reddit
i can't imagine having 2k devices on my network that are a mystery to me. but maybe that's because i am in charge of the network and am responsible for the connectivity of every one of those devices.
but even in your situation you could still record those 3k macs and consider them "approved", then just monitor for new mac addresses added and get alerts on those.
again, i'm not talking about a guest network or some kind of network where devices are changing their mac addresses for anonymity. I'm talking about the main network(s) that run company devices that you wouldn't want a bad guy plugging into.
Mailstorm@reddit
I wouldn't imagine it either...but here we are.
And sure, I COULD do that. But that's not the proper way. If someone came up to me and asked me to tell them what Mac address xyz was I wouldn't be able to tell them anything. Which is often considered a failure of inventory
dreniarb@reddit
i could see inheriting a network and just not having the time to weed through the thousands of existing devices on it. a daunting task for sure.
my initial point though was that it's pretty simple to get an alert on new mac addresses that your network has never seen before. maybe start the process of collecting macs and let it run for a few weeks so that it catches those devices that come and go for whatever reason. then once you have a nice list that isn't changing anymore you start the alert process.
overook fing is a great tool for monitoring devices on the network. i have multiple devices running it 24/7 and it outputs nice html status pages and keeps a running log of when a device goes up and down.
we all have different priorities though. with that many devices i'm sure you have things higher on your priority list.
DrDongStrong98@reddit
not all businesses have the processes set up to do this. it gets harder at scale. its not as simple as you make it out to be once a business gets beyond a particular size.
DL05@reddit
This is absolutely false.
Mailstorm@reddit
Well do I have news for you lol. Not all organizations are equal
dreniarb@reddit
Can you be doing shadow IT if you're a single man operation? 😄
phillymjs@reddit
Fight Club, but the Narrator is the IT admin and Tyler Durden is stashing rogue Raspberry Pis inside the mess of tangled cables behind the rack.
SusAdmin42@reddit
The team probably agrees.
Linux_Account@reddit
I just assumed OP is the IT team.
Tanto63@reddit
All the more reason to document the setup. It's a tool used by the IT department.
johor@reddit
7zip.
Am I supposed to use the native Windows decompression tool like some fucking savage?
purplemonkeymad@reddit
Hope work haven't see that high severity exploit that allows code execution if you have 16gb+ ram.
johor@reddit
Are you saying I should buy WinRAR?
purplemonkeymad@reddit
Lets not go that far, you should just keep in in trial mode!
Aggraxis@reddit
Nothing. Everything we use is documented, and we follow our processes even when they're inconvenient for us. My team operates by integrity first, and we just make it work. Stakeholders know up front what they can expect of us, and they know precisely how thing will go down when our expectations are unmet.
You don't even have to FA to FO. It's in our documentation.
LeiterHaus@reddit
I like that. If I could remember things, I'd use it.
dCLCp@reddit
Sounds like you need documentation.
andrewsmd87@reddit
Yes but you may need to provide the documentation 5 different times to a client that will say you've never sent it to them. Even though you can respond with an email attached where you sent it to them :)
Less-Loss1605@reddit
i have a raspberry pi in the server room running a python script that parses our firewall logs and sends me a daily summary of blocked connections. the actual siem we pay for costs like 30k a year and the reports it generates are useless. my pi does a better job and it cost me $35. my manager has asked me twice how i "always know about suspicious traffic before anyone else" and i just say i keep an eye on things
Evening-Result5868@reddit (OP)
the $35 pi outperforming the 30k siem is so on brand for this industry. i almost told my manager about the optiplex once but then i realized if they knew about it they'd either want to "formalize" it which means 6 months of procurement and approval meetings, or they'd shut it down because it's not on the approved asset list. so it stays under my desk
kylesantora@reddit
Set up an LLC, make a generic web page that sells your exact set up as a SaaS and only charge $20K a year. Then you look like the hero for finding a better solution, cheaper solution, and you get $20K per year in residual income.
iamthesam2@reddit
this is probably not legal
commissar0617@reddit
Why wouldn't it be?
iamthesam2@reddit
basically a kickback but i’m not a lawyer
Ronell_jtech@reddit
There's a big list of reasons. Conflict of interest for starters 😂😂
Guilty-Statement-532@reddit
That's true, op could be president (if not a bot)
PlannedObsolescence_@reddit
The OP post, and this comment reply - are both clearly LLM generated. OP account is a bot. All the other comments are also clearly slop.
The other post it's made is https://www.reddit.com/r/opensource/comments/1ttpc5y/what_open_source_project_replaced_a_paid_tool_for/
yepperoniP@reddit
Yep. Classic all lowercase post to appear "human" ending in a question to try and increase engagement.
PlannedObsolescence_@reddit
tbh I honestly don't know what to do.
genuinely – gutted about the state of things. Some people say these are “real”.
What's your perspective on this issue? How do you spot things?
I^swear^I'm^not^a^bot
dreniarb@reddit
So frustrating.. I was enjoying this topic too. I know there are others but dang it this is frustrating.
RuleShot2259@reddit
How do you do fellow human please feed me the tools you are running nomnomnomnom
nikomo@reddit
{"action": "web_search", "args": {"query": "best tools 2026 roblox"}}
Why certainly, I really enjoy (tools that the system prompt is telling me to advertise)
SlendyTheMan@reddit
2 day old account as well, thanks r/apolloreborn
Linux_Account@reddit
What do/would you tell anyone who asked what it was?
TheOhNoNotAgain@reddit
Oh! That old Turbo-Encabulator? Yeah, we need a new one soon
jdunsta@reddit
Spurving bearings are out of alignment with the dang panametric fan. It’s only a matter of time.
Candid-Molasses-6204@reddit
IMO, if your SIEM just ingests Firewall logs it's focused on the wrong things. You want to be focused on attacker TTPs. If you want ideas there are a bunch of good KQL/SPL rules on github you can use to start with. If you want to roll your own SIEM on a budget, Greylog has a free tier for self-hosting and it's 200% worth it. ElasticSearch has also significantly improved as well but is more effort than Greylog.
Double_Ocelot_8673@reddit
You keep that server as your superpower and tell no one.
andrewsmd87@reddit
Just out of curiosity why haven't you told them about this? Is it a, if I say something then I'll have to maintain it type of thing
thatoneblacknerd@reddit
Job security lol
andrewsmd87@reddit
If no one knows, it has nothing to do with job security. Also, this type of thing is that will get you fired eventually. That's why I was asking
thatoneblacknerd@reddit
He mentioned his manager asking how he’s so aware of the suspicious traffic. So he (OC) is reaping the benefits of his creation without letting anyone know it’s doing the work for him.
So I say again, job security.
ProofLegitimate9990@reddit
Yeah that job security is out the window as soon as an unpatched and unmonitored device causes an incident.
Due_Peak_6428@reddit
You make it sound as if having an unmatched device is a bomb ready to explode. Sure it's a vulnerability, but I would still bet money on it never getting breached. In my experiences breaches of the network are very very rare. I'll get downvoted as I know this goes against the consensus
ProofLegitimate9990@reddit
Im a pentester my dude and rouge rpi’s have been a foothold to domain admin more than once.
Due_Peak_6428@reddit
Yeah but that's what you do for a living so you're bound to see it
robbob23@reddit
What would you normally do to monitor and patch the approved SIEM solution? Isn’t that just as fallible?
ProofLegitimate9990@reddit
Most SEIMs are SaaS so they are maintained by 3rd parties.
Just yoloing a rpi unmanaged on the network is incredibly reckless.
andrewsmd87@reddit
I read that. I don't think you or op understands how that works
invisi1407@reddit
Could very easily be because management doesn't understand it and "raspberry pi on the network BAD".
andrewsmd87@reddit
As someone who handles our infosec, there is a reason 'raspberry pi on the network bad" is a thing.
Unable-Entrance3110@reddit
Obviously there is no infosec in this case. If there was, they would spot the Mac address on the network via switch query reports and track it down.
andrewsmd87@reddit
Yea I figured that but still, this whole thread is why I can't trust devs
mytren@reddit
It’s not like InfoSec knows a damn thing about anything anyway and the same reason no one trusts them lol. Yall just sit behind Falcon and wait for a pretty red pop up and then ping another engineer to actually do investigations.
andrewsmd87@reddit
I mean I was a SWE engineer for roughly 15 years and still write code probably a couple times a month to help with things. We just had a dev try to install something they thought was a claude approved thing that wasn't. It got flagged but those things exist for a reason. You attitude is why info sec people have a job
invisi1407@reddit
Yep and that's probably the same reason why an rPi wouldn't even get an IP on our network if it somehow got itself connected physically, unless I personally change some network settings in our equipment which I'd eventually be asked about and had to explain it.
andrewsmd87@reddit
Yea this whole thread is an interesting read and basically reaffirming my belief that devs are the biggest info sec risk because they just think they know it all. I spent 15 years as a swe before moving so I am not just talking out of my ass.
ProofLegitimate9990@reddit
Devs would run code they found written on a truck stop restroom floor if they thought it would make their work 0.1% faster or easier.
andrewsmd87@reddit
I don't know you, but we would get along :)
ProofLegitimate9990@reddit
Bet we both have some stories to share lmao
madlyalive@reddit
Can I join you 2? My compliance hat is going nuts reading this post.
ProofLegitimate9990@reddit
Welcome!
Yeah it’s pretty wild honestly, i always joke that devs are the real insider threat but some of this stuff is next level.
geek_at@reddit
this you? https://blog.haschek.at/2019/the-curious-case-of-the-RasPi-in-our-network.html
Zenie@reddit
$35 pi!? Have you seen pricing on them lately!? $120 for a pi 5!
Guilty-Statement-532@reddit
$35 for the pi, $85 for a single 8GB DRAM chip.
paishocajun@reddit
Might have been an older one back pre-covid before the supply chain fucked them sideways, I think I got a B for that a couple of years after they came out
probablydnsibet@reddit
Would you be comfortable sharing how you configured you Pi? I have a few laying around from a previous project and our SIEM costs around the same as yours does. My CFO keeps bitching about how we are the biggest cost center..
Candid-Molasses-6204@reddit
If you want to do SIEM on the cheap well, I cannot recommend Graylog enough. Graylog Downloads – Open, Enterprise & API Security
Brandhor@reddit
wazuh is also a good alternative
ChesterM54@reddit
You need a new SIEM
Ihaveasmallwang@reddit
Or people who actually know how to manage it.
Mrhiddenlotus@reddit
Bingo
imsorryinadvance420@reddit
can you teach me your kung fu?
imsorryinadvance420@reddit
how the hell?
databeestjegdh@reddit
Yup, put in a formal "Can I get access to the monitoring system? no?"
Raspberry Pi it is.
dragery@reddit
My takeaway from this is that you either don't have access to configure the SIEM, or are unwilling to learn it enough to configure the proper reports/alerts.
Your use case seems extremely easy to setup on any SIEM, so doing it outside of makes zero sense. And running unapproved hardware, especially since your manager doesn't even know about it, is super shady.
arbyyyyh@reddit
I felt this so hard. And telling your employer to save $30k a year is going to go over like a lead balloon too.
SevaraB@reddit
Guessing that’s one of those “AI-driven ‘learning’ SIEMs.” Those things are terrible at profiling without a ton of care and feeding- for example, Digicert just got pwned by them not keeping a close enough eye on their Crowdstrike configs and their PAM configs, which let bad actors slip malware in through ticket attachments and fire off cert issuances that should have been gated behind privilege escalation.
Ihaveasmallwang@reddit
Have you ever though about perhaps acting professionally instead of whatever it is you are currently doing?
paishocajun@reddit
Between our desktop team and core network guys, hell include a couple of our admins, I can't think of anyone who doesn't either have some sort of Shadow IT or knows how to get to it if they need it. It can be as simple as a vanilla machine for reading/formatting thumb drives or a higher end network fluke they brought from home for whatever reason, it's stuff that's useful and isn't technically within the official tools and documentation in the same way your bank transactions page is technically part of the dark web just bc it's not scraped by a search algo.
We should always strive to do things by the books but the practical reality of our jobs is that sometimes official procedures don't give us adequate tools or answers, if they give any at all
Hotshot55@reddit
Weird way to say everyone you work with is bad at their job.
paishocajun@reddit
Or, like the flash drive issue, we have users who need USB read access for various reasons and part of the process is encrypting a flash drive to their username. We, however, don't have a networked machine that has USB write access readily available to us, so the easiest option is to use a vanilla machine to reformat instead of wasting dozens of thumb drives each year. That machine is technically "shadow" since the one my team uses is non-network, non current model stock, and was probably written off since it came from a company we purchased.
Our alternative is to try to run through cybersec to get a networked computer write access which is probably actually less secure than our current setup.
My point is not to justify MY use case, I'm providing an example of that not everything unofficial is bad. I'm reading a lot of these comments and it's really just people wanting to do their damn jobs and having to build tools to do it effectively for whatever reason.
I'm glad you two seem to have impeccable systems that run exactly as needed it seems
Ihaveasmallwang@reddit
No, purposefully hooking undocumented and unapproved servers up to the company network is not in any way a responsible or professional thing to do.
Bragging about it is even worse.
skeetgw2@reddit
But internet points
GeneMoody-Action1@reddit
In most my admin jobs, many, because management did not know about anything I did other than what I reported.
thedudewhofixedit@reddit
Grok
My_Big_Black_Hawk@reddit
PingInfoView
Our org is allergic to anything open source or free. But they also want us to save money. But only if we can buy support from the people who make the software and have them sign an agreement that says they’re responsible for everything bad that could happen to us. But save money.
phillymjs@reddit
I've had that argument.
Mgmt: "We can't use this, we need a Professional Product that has real support." Me: "If we buy a Professional Product, the support is some clueless script monkey sitting in an offshore call center. If we use this, I post an issue on Github and get an answer from the guy who fucking wrote it!"
TheShitmaker@reddit
After reading this post maybe I should do something with the 20 optiplexs sitting behind me right now I'd prefer not to e-waste.
TechnologyMatch@reddit
shadow IT is the glue nobody admits exists. half the “unsupported” boxes under desks are doing more real monitoring than the official tools
your uptime kuma + grafana + cert checks setup is exactly the kind of invisible backbone that keeps things from breaking. funny how the unapproved VM ends up being the most reliable part of the stack
Cyberhwk@reddit
Fortunately, we have the green light to basically run whatever we want in our lab so nothing's really "unapproved."
Anthader@reddit
Much earlier in my carear, I wrote some tools to automate remediation of systems that fell behind on Windows patching and AV compliance.
I probably collectively spent a few days building and improving those tools, but they easily saved me months worth of effort while they were in use.
monstaface@reddit
I have a fidget spinner from a confernece that lights up and does cool patterns. I often stare at it longer then I should.
PCLOAD_LETTER@reddit
Wage theft! That time should be spent delivering value to shareholders! Also, please dp not forget to deduct the SRP of the fidget spinner from your travel reimbursement request.
Deep-Detective-9226@reddit
fRee pDF to eXCel cONVerTeR
Chansharp@reddit
Why are end users obsessed with pdfs. Its like every day we get an alert that someone downloaded a virus called "pdfviewerfree" or some bullshit
paishocajun@reddit
Your users have local admin permissions?
Chansharp@reddit
No but they still download it and then SentinelOne immediately quarantines it out of the downloads folder
Id_Rather_Not_Tell@reddit
Wdym? It's totally not bad to upload sensitive and privileged customer and company information to a random website...
LeiterHaus@reddit
I just had a realization about a company I've previously worked at.
illusivegentleman@reddit
Well played! Haha!
Deep-Detective-9226@reddit
True story it appeared on some desktops from 2 weeks ago now ...
illusivegentleman@reddit
I hear you. And I'm the same users still open tickets for help with converting to excel.
james4765@reddit
I started off with Ansible as a skunks work project, now it's our main software deployment pipeline. They know about it now, but I had started it as a personal tool until they saw how fast things were going.
Huge environment, massively understaffed. Without automation we'd be screwed.
Cyberhwk@reddit
I'm trying to learn but am getting so much pushback. "We AlReAdY hAvE tOoLs!" Yeah, we have a piecemeal set of shitty apps with questionable support requiring constant maintenance and people that are stuck in the mud and can't be arsed to learn anything new to improve on it. 😒
blueblocker2000@reddit
MAME for Galaga.
StanQuizzy@reddit
We all saw you playing it. You didn't think we noticed.. but we did. 😄
paishocajun@reddit
Blueberry? Anyone?
XanII@reddit
None. Because secops would know instantly. I would not even dare to put a script running anymore that would keep teams green. Had a perfect one that kept pressing F13.
I basically run nothing but corporate stuff on corporate laptop. Not even my personal mail is open there.
Weak_Shoulder_6780@reddit
Your Secret Shadow machine does what Management thinks AI would do without using a single token.
PersonBehindAScreen@reddit
Alcohol
Competitive_Run_3920@reddit
Weatherbug because my office doesn’t have a window /s
paishocajun@reddit
OMG I haven't heard THAT name since it was still chirping rain updates on my parent's XP machine 20 years ago
ooREV0@reddit
I have a 10" Anaconda in my pants.
screener_kev@reddit
An old Raspberry Pi in the server closet running a Prometheus exporter that just scrapes our printer fleet's SNMP page counts and posts to a Slack channel weekly. We use it to spot the one printer that's quietly doing 80% of the org's pages so we can either right-size the lease or yell at marketing. Nobody asked for it, ops doesn't budget for it, and the Pi runs off a UPS that's older than half the helpdesk. It will outlive me.
demunted@reddit
Its always marketing. They never increase sales, just print to look busy.
guzhogi@reddit
Don’t some print servers like PaperCut do that? I don’t handle printers/copiers myself, so don’t know firsthand
leonj1@reddit
A place I used to work at they asked me to perform full platform production readiness every Sunday and that takes 3 hours. I asked to automate it since it’s error prone and time consuming. Management denied with “No, because if the script fails I can’t fire anyone.”
I still implemented the script and ran it for years allowing me to have a life on Sunday’s. When I resigned I shutdown all evidence of those scripts and had a candid conversation with my successors.
techtornado@reddit
Macs are highly contested in our org for some reason
Even though the productivity level is always higher, with more stuff that can be done, and updates that are far less intrusive
It’s still a hard no because «it costs too much”
Even though the thing will last for 7 years and run pretty much the same on day 1 as day 4000
I’ve had three PC’s in the same span that one Mac was more than sufficient
Recently there was a Mac that was retired from a client, suddenly my productivity has never been better ;)
I set up a lab to test things and management didn’t seem to mind, they care about documentation more than operational things right now
Academic_Taste663@reddit
My 2015 MBP still running strong!
techtornado@reddit
Awesome!
I upgraded to an M1 Pro at home and acquired an M3 ;)
goronmask@reddit
People like you have a special place in the nightmares pantheon of security workers.
ProofLegitimate9990@reddit
Devs are always the real insider threat
paishocajun@reddit
"ooh there's this new tool! Can you just install -"
"Has it gone through cybersec approval?"
"No but-"
"That website has a ._ _ domain that's on our embargo list put out by legal, I'm not touching it until you get it cleared"
"Yeah but I use it at home"
"And I like having a paycheck to pay for my home. Get it approved first."
Hotshot55@reddit
This thread reeks of /r/ShittySysadmin
Vemokin@reddit
My direct manager doesn't know anything about IT, and on the org chart I'm the IT manager, so I guess the answer is all my tools and none of my tools?
elpamyelhsa@reddit
I’m our only cyber security engineer (400 users), our IT (5 staff) usually runs it past me before anything goes live, but if not it usually takes me less than a day to discover it and start issuing vulnerability notifications or questions about it.
My theory is this is fine, try run what you like, if you can hide a system like this you have bigger systemic security issues that need fixing. I designed our network, our monitoring and our entire security stack.
Nothing hides from me on the network.
paishocajun@reddit
Haha I love the game of cat and mouse you and the IT team have going on. I feel like it's a pretty healthy and respectful attitude you have, because like you said, if they can hide something then there's a problem that you need to fix. It's too easy to get an ego in our world, only to have it smashed once something does manage to slip by.
LeiterHaus@reddit
"Wouldn't you like to know, weather boy"
Hopefully you get the reference, but if not, any search engine should point you to the clip.
williamp114@reddit
The funniest part was that was the weatherman's kid lmao. I love local news skits like that
Sh1rvallah@reddit
Nice try boss!
losekiloaskme@reddit
there's an Excel file at my company that nobody knows the origin of. If it ever gets deleted, three departments would probably stop functioning at the same time.
Tricky-Service-8507@reddit
Shadow it eh
Flatline1775@reddit
I work in a place where we don't have to do this kind of dumb shit.
Erpderp32@reddit
Same. I'd also say this isn't the job security or flex OP thinks it is. It's just dumb to not document things. So now everything will allegedly fall apart if OP goes on PTO.
Cowh3adDK@reddit
Lucky you
Linux_Account@reddit
No one likes a bragger.
andrewsmd87@reddit
As a manager who trusts my people, these contents are crazy
Jolly-Ad-8088@reddit
Bonzibuddy
hadrabap@reddit
Nothing! Are you crazy? 🤣
CYS_Slayga@reddit
Tool and tool its documentation. We were running a wiki.js server without management knowing for some months.
We wanted somewhere to write documentation that wasn't Word and Onenotes. We were all down to restart and clean up everything since our documentation was/is a mess.
Management: No So we hosted it anyways.
Fast forward my department got a new manager who actually listens and stands behind our wiki and sees the possibility and time-saving with it. So now she's pushing it on the other two managers.
Suspicious-Green-453@reddit
i did the exact same thing with a small nuc at my last job. honestly just having a local instance of uptime kuma saves so much headache when the enterprise stuff starts lagging or goes down for maintenance. just make sure u document what it does somewhere in case u leave unexpectedly, dont want someone else to find it and think its a rogue device
digitaltransmutation@reddit
They put in a 'process' where some manager has to approve changes to any KB. The managers are very bad about doing this so a non trivial amount of documentation is in oneNote now.
theMightBoop@reddit
My manager knows the semi-shady shit I do. Or at least I told him at one point. Whether he remembers or not is another matter.
Now the people above him? No
torbar203@reddit
I plead the 5th with my current job, but my last job as a Helpdesk tech I had a "rogue" MDT server for imaging.
When I started, imaging was a huge pain to do. They used Acronis, had a different fat image for each model machine, there were like 167 updates that had to be done, but one specific one had to be done first or the updates would all fail, manual software install, settings had to be changed. First week on the job and I was like "lol this sucks". Imaging a computer would be a nearly full day process
Did research on imaging, found MDT, grabbed an old decommissioned dell desktop, set it up, stashed it in the it workroom, and for the few years I was there that became the imaging standard. No idea what they ended up doing after I left
==
job before that was a Helpdesk tech as well, but more of a call center type thing rather than helpdesk/deskside support,
We had a ticket template we had to do which was just a text file, bunch of fields on top(name, department, contact info, KB article used, asset tag), and then 2 long form text fields of, troubleshooting steps done, reason for escalation(if it's escalated)
I like to quickly be able to tab between fields as I'm filling things out, which you can't do in a text document, so I created a quick Visual Basic program using a Visual Basic Studio trial that had all the fields(bunch of small text boxes, and then a couple of large multiline text boxes), and then when it was all done you could copy it to clipboard to paste into the ticket system. Then I had a handful of templates for common issues that were all filled out except for things that were unique per ticket, so the templates were for like, password reset, 2fa registration, mobile phone email sync issues due to wrong password, etc
Other people in the Helpdesk started using it as well, guy who was the step above the Helpdesk supervisor found out about it, looked at the code to verify it wasn't anything bad, and was like "yea that's cool, I can't officially approve it or anything but im not gonna say anything about it" and looked the other way
After I left apparently someone wanted to get it officially approved, tried to take credit for it and passed it up the chain and it got shot down by information security immediately and they were all forced to stop using it lol
desmond_koh@reddit
It's not "shadow IT" if it's IT that's doing it. It's just poor documentation on your part. If you're running critical systems that you aren't documenting, that's less-than-ideal. When you build something that solves a problem you should document it.
Top5CutestPresidents@reddit
I reinstalled windows and don’t have any of their management software. IT even think it’s my computer
Amazing-Tree-7038@reddit
My brain.
Academic_Taste663@reddit
You’re that one dude in the team that stores everything in his head and everyone else is cooked when you take a sick day 😂
lenswipe@reddit
WTF? you're supposed to be outsourcing your thinking to AI and just mindlessly copying the result so management can say they're ✨ doing AI✨
brock0124@reddit
~~Dear Mr Claude, this person on Reddit is asking about my secret superpower, should I be silly and say my brain lolzcatz?~~
lenswipe@reddit
Y"es you should use your brain🧠 at all times! You were right to push back on this. Not meant people would've noticed, but you did and that's powerful! You aren't just driving the discussion, you're CRUSHING IT! Well done!🎉"_
Jddf08089@reddit
You all should remember that best practices and regulations are written in blood.
redbluetwo@reddit
Yeah but some are written by upper management.
BemusedBengal@reddit
I have a bunch of SSH tunnels going across our internal VLANs because our network admins are sloppy, arrogant, and/or lazy.
Requested network changes always take several back-and-forths with the network admins because they just say "works for me" after the first insufficient change. Then I have to prove that it's still a problem on their side, and lo and behold there was some setting they missed.
They won't let me directly access my servers from the wifi network, so instead I have to SSH over the internet to our other location and come back through the internal connection between our sites. I told them about that one in an attempt to illustrate how stupid it was, but they prefer that over opening ports on the wifi network...
pollo_de_mar@reddit
Notepad :)
kaine904@reddit
When my guys started shifting from supporting devops to actually building tools that made their lives easier, I was thrilled. Lead engineer who deployed the not trash cert monitoring tool is getting an atta-boy at year end. I’m actively encouraging our folks who can code to build - tooling is our space is just meh.
TipIll3652@reddit
I have a VPN client setup on my computer so I can connect to my home network and watch movies.
Hefty_Platform_2070@reddit
Wtf…
Routine_Brush6877@reddit
My boss can barely work a computer so I just buy the tools I need 😂
HeKis4@reddit
Bookstack. Like, my N+1 and N+2 know, but the tooling team and the security team don't. We don't have permissions on our corporate Confluence and our KMS consists of word files and HTML pages in our ticketing and asset management system.
kruvii@reddit
Upwork. /s
Jeff-J777@reddit
LibreNSM it runs on a Ubuntu VM in our ESXi cluster. Everyone knows about it but everyone forget it exists so they "don't" know about it.
But it is a nice tool to have runnings. I put it in place about 2 months after I started since we had nothing.
Matt_NZ@reddit
I guess it kinda qualifies....but I have a Home Assistant instance running to have a interface run on an old tablet in the lunch room that tells the status of the two dishwashers since they're don't have any visible display and the floor display is blocked by the cabienty they put on the front of them. They also don't auto-resume when they're opened and then closed while running. But, they do have wifi connectivity so I put them on the IoT wifi network and onboarded them into Home Assistant
I got tired of going to lunch and finding a dishwasher half completed and no clean cutlery, so now the tablet shows the status of each machine and how long they have left to go. If someone opens it and doesn't resume it, the screen will flash aggressively.
xendr0me@reddit
Nice try senior management.
SVD_NL@reddit
"How ya doin' fellow kids? I'd like to buy one narcotics please."
Ur-Best-Friend@reddit
Lol, right? "What tool am I running that management doesn't know about", as thought they even know what an EDR is.
WizardsOfXanthus@reddit
Stardock Fences.
forever_lit@reddit
Nice try North Korea
TheGenericUser0815@reddit
Managemant has no clue, what IT is doing here. So basically most servers in the datacenter are unknown to them.
anarchist1331@reddit
Nice try, management!
Jose083@reddit
Mouse jiggler when I nap
nemor3@reddit
the ssl cert cron hits home. ran something similar for years, email alerts going straight to spam until i switched to slack. caught a few things since that would've been a very bad friday otherwise.
sryan2k1@reddit
And this is why you should do none of that.