I wanted to share my updated version of my backup script for SA 10.6. I say that this is for 10.6 because the files might be different on anything lower, but I believe they are all pretty accurate for 10.4 and 10.5.
This script is pretty simple and can be run on any of your devices no matter the type. The script will check for each device my checking your directory structure and start the backups based on what it finds. After further review I have also added logging to each time it tries to move the files off the server. For each section below is the basic workflow:
Check if directory exits
Backup directory according to RSA Documents
take a sha1 of the backup file
SCP the files off the server to a server of your choice. I only error check on the actual config files being moved, if the sha1 does not move I will not pop an error.
At the end it will clean up the backup directory on the SA system to save space.
Currently this script does not stop each service before doing a backup, this does lead to potential issues but I cannot take down services weekly so this is the best I can do.
Future planned enhancements:
Add the DB backup that RSA suggests but right now errors are happening and I need to contact support.
Add email/snmp alerts to the script for failures
Add arguments to make the script more versatile
SCP and passwords:
I use keys for all my servers so I never have a password issue, just copy the root public key to your other server and it will work fine.
Things that need changed when downloading the script:
Change all spots that have CHANGEME in it. The user, SCPHOST and DBBAK, which is the .jar file location (this does not work right now and is not needed, it is left in the script for future).
Parsing of error logs: Parsing is coming, I just need to parse them and I will upload the events you will need to add.
Hopefully this helps people out, it has satisfied all our auditors and works well.
DISCLAIMER: RSA does not develop this script, use at your own risk.
Thanks!
