Pharaoh PHARAOH

SELF-HEALING & SENTINEL

Fix endpoint issues before tickets start.

Pharaoh Sentinel checks endpoints on a schedule, detects common failures, runs approved repairs, and verifies the result. Routine problems recover automatically; only risky fixes wait for review.

  • Auto-repair routine issues Sentinel restarts failed services and clears repeat problems before they become tickets.
  • Recover, then verify Each run checks the outcome and records evidence for the session.
  • Escalate only when needed Riskier fixes pause for review instead of interrupting routine recovery.
Scope a Pilot See how it works

WHERE IT HELPS

Stop spending admin time on failures that should not become tickets.

Self-healing is for repeat endpoint work across internal fleets or managed client environments, where routine fixes can proceed under policy and risky fixes still need a narrow human decision.

In plain English Sentinel is Pharaoh's scheduled health check and recovery loop for each managed machine. It tries approved fixes and asks for approval when a repair needs more access.

Use this when

  • You start the morning with repeat endpoint failures and need to know what actually needs a human, ticket, or approval.
  • A routine VPN, printer, or app issue can be fixed under policy, but risky repair steps should wait.
  • An endpoint keeps failing the same check and you need run history, approval context, and accepted knowledge in one place before handoff.

Governance model

Pharaoh makes automation boundaries visible so approvals are narrow, expiring decisions rather than blank checks.

Sentinel explained
Pharaoh Sentinel is the scheduled health check and recovery loop for each machine.
Approval is narrow
Approvals apply to the exact action, endpoint, rule snapshot, and expiry window shown.
No silent access
Expired or rejected requests do not turn into automatic permission later.

HOW IT WORKS

Detect, repair, escalate - only what genuinely needs you.

Self-healing runs continuously. Routine failures can be handled under approved policy; anything that needs human access shows up in your queue with context for review, ticketing, or handoff.

  1. 01

    Detect

    Pharaoh Sentinel checks endpoints on a schedule and flags the machines that need repair, review, or approval.

    Scheduled · per-machine policy
  2. 02

    Repair

    When a check fails, Pharaoh investigates the cause and runs only the recovery actions your policy allows.

    Policy-approved · auditable
  3. 03

    Escalate

    If a fix needs more access, Sentinel stops and shows the exact machine, action, rule snapshot, and expiry for review.

    Specific request · expires

FLEET OVERVIEW

One place to see what agentic automation handled and what still needs you

The Self-Healing overview shows pending approvals, a direct path to the queue, and an endpoint lookup without leaving the page. Start here when you need to know which machines fixed themselves and which still need a decision, ticket, or handoff.

  • Live pending escalation count from the self-healing queue
  • Endpoint lookup by ID before opening the full detail page
  • Fleet-wide Sentinel and Autoheal defaults behind one settings link
  • Refresh on demand when handing off an active ticket or approval queue
Self-Healing overview page showing pending escalation list, endpoint lookup field, and triage controls

SENTINEL

Always-on checks that act only inside policy

Sentinel runs on a configurable schedule and checks each endpoint against your approval rules. When a machine fails, Pharaoh investigates and attempts the allowed fix, then escalates the moment more access is needed.

  • Configurable cadence with per-endpoint rule overrides
  • Full execution history — version, timing, and outcome per run
  • Failure fingerprints surface recurring VPN, printer, or app problems
  • Escalation pauses recovery rather than skipping the risky step
Endpoint self-healing Sentinel tab showing active version, latest execution status, execution history table, and failure fingerprints

APPROVAL WORKFLOW

Approve a specific action, not a blank authorization

When Pharaoh needs elevated access, it stops and puts the request in the escalation queue. You see the exact action, rule snapshot, and expiry window before you decide. Nothing happens until you approve or reject, and stale requests expire rather than auto-approve.

  • Exact action, endpoint ID, and run context visible before any decision
  • Rule snapshot included in every escalation record
  • Rejection requires a reason — the record stays for audit
  • Expired requests surface in the queue for review, not silent cleanup
Escalation review detail showing requested action, rule snapshot, expiry time, and approve or reject controls

ENDPOINT KNOWLEDGE

Machine-specific knowledge reduces repeat approvals

Every approved repair, known quirk, and durable endpoint fact becomes knowledge future Sentinel runs can use. Pharaoh learns what is specific to each machine so the same approval request is less likely to repeat.

  • Endpoint-scoped knowledge, separate from fleet-wide rules
  • All proposals require reviewer approval before they become active
  • Reject with reason — speculative or transient facts don’t accumulate
  • Knowledge informs future Sentinel generation and recovery context
Endpoint self-healing knowledge tab showing accepted knowledge entries and pending knowledge proposals awaiting review

Automated

Scheduled health checks and policy-allowed recovery attempts run without manual triggers.

Controlled

Sensitive actions need explicit approval; automation never assumes access it was not granted.

Auditable

Every run, approval, rejection, and knowledge change is logged with full context for review or handoff.

EVALUATE PHARAOH

Scope a governed remediation pilot.

Review the product, active controls, security review questions, integration priorities, and deployment fit across your internal environment or managed client fleet.