diff --git a/docs/docs/topics/data-storage.md b/docs/docs/topics/data-storage.md
index 8be1c10de..f2fcb7bb5 100644
--- a/docs/docs/topics/data-storage.md
+++ b/docs/docs/topics/data-storage.md
@@ -81,3 +81,7 @@ databroker_storage_ca_file: /tls/ca.pem
 ::: tip
 the second `s` in `rediss` is intentional and turns on TLS support
 :::
+
+## Troubleshooting
+
+Most issues with the Databroker service are caused by a [`shared_secret`](/reference/readme.md#shared-secret) mismatch between services. See [Troubleshooting - Shared Secret Mismatch](/docs/troubleshooting.md#shared-secret-mismatch) for details.
\ No newline at end of file
diff --git a/docs/docs/troubleshooting.md b/docs/docs/troubleshooting.md
index eb962c354..0fa9314d1 100644
--- a/docs/docs/troubleshooting.md
+++ b/docs/docs/troubleshooting.md
@@ -159,6 +159,14 @@ When using Redis, the [shared secret](/reference/readme.md#shared-secret) is use
 
 The resolution is to flush the Redis database with [`FLUSHDB`](https://redis.io/commands/flushdb) or [`FLUSHALL`](https://redis.io/commands/FLUSHALL).
 
+An example of how to do this on Kubernetes with TLS enabled is to use `kubectl` to execute a command on the master pod:
+
+```bash
+kubectl exec -it pomerium-redis-master-0 -- redis-cli --tls --cert /opt/bitnami/redis/certs/tls.crt --key /opt/bitnami/redis/certs/tls.key --cacert /opt/bitnami/redis/certs/ca.crt FLUSHALL ASYNC
+```
+
+Adjust `pomerium-redis-master-0` to match your pod name. If TLS is not enabled, you may omit the TLS options.
+
 ### RPC Errors
 
 #### certificate signed by unknown authority