diff --git a/session-logs/2026-03-24-session.md b/session-logs/2026-03-24-session.md
new file mode 100644
index 0000000..9f5c978
--- /dev/null
+++ b/session-logs/2026-03-24-session.md
@@ -0,0 +1,148 @@
+# Session Log: 2026-03-24
+
+## Session Summary
+
+Mixed session covering workstation fixes, OpenClaw AI agent setup, DNS SRV record cleanup across IX server, Discord upgrade, and 1Password skill installation for Claude Code.
+
+### Key Accomplishments
+
+1. **Screen brightness fix** -- Laptop was on battery with no `[Battery]` section in PowerDevil config. Added Battery and LowBattery display profiles to `~/.config/powerdevilrc` with proper idle dimming and restore settings.
+2. **OpenClaw AI agent installed** -- Installed OpenClaw v2026.3.23-2 via npm, added PATH to fish config, reviewed security docs. User proceeding with onboarding (Anthropic API key + Discord channel).
+3. **Discord upgraded 0.0.129 -> 0.0.130** -- Discord was stuck on splash screen requiring manual update. Extracted `~/Downloads/discord-0.0.130.tar.gz` to `/opt/discord/` replacing old files.
+4. **Homebrew installed** -- Installed Homebrew 5.1.1 on CachyOS, added to fish config via `eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv fish)"`
+5. **uv (Python package manager) installed** -- Required by OpenClaw's nano-pdf skill. Installed via astral.sh install script to `~/.local/bin/`
+6. **summarize npm package installed** -- OpenClaw skill `@steipete/summarize` is macOS-only via Homebrew, installed via `npm install -g` instead
+7. **DNS SRV record cleanup on IX** -- Removed 240 SRV records across 27 domains via WHM API. Categorized all ~100 domains by MX destination:
+   - IX/Websvr (54 domains): kept all SRV records
+   - Neptune/Exchange (7 domains): kept only autodiscover SRV
+   - Elsewhere/M365 (20 domains including glaztech): removed all SRV records
+8. **1Password Claude Code skill installed** -- Installed `kcmadden/claude-code-1password-skill` to `~/.claude/skills/1password.skill`
+
+### Key Decisions
+- Battery power management: Added explicit Battery/LowBattery profiles rather than relying on PowerDevil defaults (which weren't restoring brightness properly)
+- OpenClaw: User chose pnpm as node manager, setting up with Discord channel and Anthropic API key
+- DNS SRV cleanup logic: Domains with MX pointing to IX/websvr keep all SRVs; Neptune/Exchange domains keep only autodiscover; M365/external domains lose all SRVs
+- Glaztech specifically: user requested all SRVs removed despite having MailProtector MX
+- MVPSFD confirmed as IX-hosted (keep all SRVs)
+
+## Infrastructure Changes
+
+### PowerDevil Config (`~/.config/powerdevilrc`)
+Added Battery and LowBattery sections:
+- Battery: dim after 120s idle, display off after 300s, no auto-suspend
+- LowBattery: dim after 60s, display off after 120s, auto-suspend after 300s
+
+### Fish Config (`~/.config/fish/config.fish`)
+Added:
+```fish
+# OpenClaw - npm global bin
+fish_add_path ~/.npm-global/bin
+
+# Homebrew
+eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv fish)"
+```
+
+### Discord
+- Upgraded from 0.0.129 to 0.0.130
+- Extracted `/home/guru/Downloads/discord-0.0.130.tar.gz` to `/opt/discord/`
+- Package still shows as pacman `discord 1:0.0.129-1` (manual override)
+
+### OpenClaw
+- Version: 2026.3.23-2 (7ffe7e4)
+- Install location: `~/.npm-global/bin/openclaw`
+- Gateway default port: 18789 (ws://127.0.0.1:18789)
+- Onboarding: `openclaw onboard --install-daemon` (user running interactively)
+- Security docs reviewed: https://docs.openclaw.ai/gateway/security
+
+### DNS SRV Records Removed (IX Server via WHM API)
+**WHM API access:** `curl -sk "https://172.16.3.10:2087/json-api/..." -u "root:Gptf*77ttb!@#!@#"`
+
+**Neptune/Exchange domains (removed caldav/carddav SRV, kept autodiscover):**
+- acepickupparts.com (4 removed)
+- devconllc.com (4 removed)
+- farwestwell.com (8 removed)
+- goldenchoicecatering.com (4 removed)
+- littleheartslittlehands.org (4 removed)
+- outaboundssports.com (5 removed)
+- tucsongoldencorral.com (8 removed)
+
+**M365/External domains (ALL SRV removed):**
+- azcomputerguru.com (74 removed)
+- azrestaurantsupply.com (5)
+- barbaragrygutis.com (5)
+- bardach.net (4)
+- bestmassageintucson.com (20)
+- cascadestucson.com (10)
+- cryoweave.com (6)
+- fsgtucson.com (5)
+- glaztech.com (5 - all removed per user request)
+- grabblaw.com (20)
+- heieck.org (5)
+- horseshoemgt.com (5 - done earlier in session)
+- lamaddux.com (5)
+- martylryan.com (5)
+- pcatucson.com (5)
+- rednourlaw.com (5)
+- rrs-law.com (5)
+- russolaw.net (5)
+- sandtekomachinery.com (5)
+- starrpass.com (4)
+- themarcgroup.com (5)
+
+**Total: 240 SRV records removed across 27 domains**
+
+### Software Installed
+- Homebrew 5.1.1 (`/home/linuxbrew/.linuxbrew/`)
+- uv 0.11.0 (`~/.local/bin/uv`)
+- OpenClaw 2026.3.23-2 (`~/.npm-global/bin/openclaw`)
+- @steipete/summarize (npm global)
+- 1Password skill (`~/.claude/skills/1password.skill`)
+
+## Client Notes
+
+### Horseshoe Management (horseshoemgt.com)
+- Removed all SRV records (MX points to M365: themarcgroup-com... wait, horseshoemgt-com... check: MX is M365)
+- User also asked about themarcgroup.com 365 access -- no credentials found, deferred
+
+### Renee's iPhone
+- SIM Card Error on Verizon eSIM
+- Advised: toggle cellular, carrier update check, remove/re-add eSIM, contact Verizon to repush eSIM profile
+- Phone has been restarted already
+
+## Pending/Incomplete Tasks
+1. **OpenClaw onboarding** -- User running wizard interactively (API key, Discord setup)
+2. **themarcgroup.com M365 access** -- No credentials stored, need CIPP/remediation onboarding
+3. **Google Places API key** -- User looking into this for OpenClaw
+4. **IX SSH key auth from CachyOS** -- Still not set up (used WHM API as workaround)
+5. **Renee's iPhone eSIM** -- May need Verizon support if toggle/re-add doesn't fix
+6. **1Password skill** -- Installed but needs new Claude Code session to activate
+
+## Reference
+
+### API Pricing (Anthropic) - For OpenClaw Usage
+| Model | Input | Output |
+|-------|-------|--------|
+| Opus 4.6 | $5/MTok | $25/MTok |
+| Sonnet 4.6 | $3/MTok | $15/MTok |
+| Haiku 4.5 | $1/MTok | $5/MTok |
+
+### OpenClaw Security Key Points
+- Personal assistant model, not multi-tenant
+- Gateway binds to loopback by default
+- DM policy defaults to pairing (unknown senders need approval)
+- Prompt injection is explicitly NOT solved -- use tool policy + sandboxing
+- Use strong models for tool-enabled agents
+- Tailscale Serve preferred over LAN binding
+
+### Useful Commands
+```bash
+# OpenClaw
+openclaw onboard --install-daemon
+openclaw security audit --deep
+openclaw doctor
+
+# WHM API (IX server)
+curl -sk "https://172.16.3.10:2087/json-api/dumpzone?api.version=1&domain=DOMAIN" -u "root:Gptf*77ttb!@#!@#"
+curl -sk "https://172.16.3.10:2087/json-api/removezonerecord?api.version=1&zone=DOMAIN&line=LINE" -u "root:Gptf*77ttb!@#!@#"
+curl -sk "https://172.16.3.10:2087/json-api/listzones?api.version=1" -u "root:Gptf*77ttb!@#!@#"
+```