This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
NetWitness Discussions

Data base backup in RSA Security Analytic

PoojaSharma1
Beginner
Beginner

‎2016-08-25 06:26 AM

Hi

 

I am taking backup of my data base location i.e. /var/netwitness/broker.

 

tar -C / --exclude='/var/netwitness/broker/statdb/*' -cvJf /tmp/Broker-Data.$year.$day.$month.tar.xz /var/netwitness/broker

 

Please let me know if anything else also is required for full DB backup.

0 Likes
5 REPLIES 5

JohnSnider
Trusted Contributor Trusted Contributor
Trusted Contributor

‎2016-08-25 01:30 PM

May I ask WHY you are backing up those files?  The broker can re-consume the indexes from the concentrators in a matter of minutes, there is no real need to back up the databases on the Broker service..

BobDredger
Frequent Contributor Frequent Contributor
Frequent Contributor

‎2016-08-25 05:43 PM

Mr. Snider is certainly correct on this matter.  If you looking to backup any sort of configuration data though, I've provided a link to SA Docs below which articulates the method to do so.  

 

Core Hosts Backup and Recovery - RSA Security Analytics Documentation 


Otherwise, there would be little value in attempting to backup the indexes from the Brokers themselves.  Let us know exactly what it is that you're trying to accomplish.

PoojaSharma1
Beginner
Beginner

‎2016-08-26 03:58 AM

Hi John

 

I am exactly preparing a procedure for full DB backup in our enviornment for disater recovery. So I can understand with your reply that we need to take backup of db files at decoder and meta and session files at concentrator to backup the database. I am already taking config backup i.e /etc/netwitness/ng and reporting engine. Should I include more in this procedure?

0 Likes

PoojaSharma1
Beginner
Beginner
In response to BobDredger

‎2016-08-26 03:59 AM

Thanks for reply Robert. Please see my new comment for the details on issue.

0 Likes

BobDredger
Frequent Contributor Frequent Contributor
Frequent Contributor
In response to PoojaSharma1

‎2016-08-26 07:41 AM

   So you're looking to backup the entire system including the data you've captured so far?  What sort of instance are you running, Logs/Packets/Both?

 

   If I am making the correct assumption, have you backed up your packetdp's, session db's, meta db's, etc?  I'll defer to Johns knowledge and experience here but, if I am understanding you, it sounds like quite the endeavor!  You must have a heck of a lot of backup storage!

© 2022 RSA Security LLC or its affiliates. All rights reserved.