openvpn-peak-session-spike-audit

star 0

Use when dashboard/history peak active sessions jumps unexpectedly and needs trusted-vs-suspect classification with evidence. Trigger on: "peak active", "session spike", "anomaly", "history sqlite", "UNDEF user".

liyongke By liyongke schedule Updated 5/28/2026
play_arrow Run Skill in Manus View GitHub

name: openvpn-peak-session-spike-audit description: >- Use when dashboard/history peak active sessions jumps unexpectedly and needs trusted-vs-suspect classification with evidence. Trigger on: "peak active", "session spike", "anomaly", "history sqlite", "UNDEF user".

OpenVPN Peak Session Spike Audit

Workflow:

  1. Query history snapshots for target day/time.
  2. Extract peak-row session identities, endpoints, protocol, bytes, and source status file.
  3. Classify trusted vs suspect sessions.
  4. Compute raw/trusted/suspect distributions.
  5. Correlate with OpenVPN service journals.

Rules:

  • Read-only evidence gathering.
  • Explicitly label confidence and data quality caveats.

Output:

  • Evidence table
  • Trusted vs suspect summary
  • Root-cause conclusion
  • Low-risk follow-up actions
Install via CLI
npx skills add https://github.com/liyongke/OpenVPN --skill openvpn-peak-session-spike-audit
Repository Details
star Stars 0
call_split Forks 0
navigation Branch main
article Path SKILL.md
More from Creator
liyongke
liyongke Explore all skills →