000026935 - How to use the RSA NetWitness Informer 2.0 backup and restore scripts

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 3Show Document
  • View in full screen mode

Article Content

Article Number000026935
Applies ToRSA NetWitness NextGen
RSA NetWitness Informer
RSA NetWitness Informer 2.0
IssueHow to use the RSA NetWitness Informer 2.0 backup and restore scripts.
ResolutionDownload and install the Informer Toolkit from the knowledgebase article How to download and use the RSA NetWitness Informer Toolkitonto your Informer appliance.  Please pay careful attention to the notes in the solution concerning setting directory paths, or the scripts will likely fail.  Three backup and restore scripts are provided, one for daily backup, one for full backup, and one for restoration.  These will backup and restore rules, alerts, reports, Visualizations, results, usernames, passwords, and service connection info.

backupinformer-daily.cmd Simply run the backupinformer-daily.cmd script with Administrative privileges.  The script will stop the IIS, SQLEXPRESS, and Informer services.  It will then copy the current configuration files into "%USERPROFILE\Desktop\informerbackup\<DATE>-<TIME>.daily".  The most recent day's snapshots and results will then be copied to %USERPROFILE\Desktop\informerbackup\results.daily and  snapshots.daily.  The reason they are placed outside of the daily backup folder is that restoring snapshots and results for more than one day would be quite cumbersome if they were placed beneath separate daily folders.  Please keep in mind that snapshots and results will have to be restored manually from the aforementioned folders if restoring from a daily backup.  After all files are copied, the script will then restart the services.  If scheduled to run automatically, It is recommended that this script be scheduled to run shortly before midnight, as the script copies only the most recent snapshot and results directories, which are named by date.

backupinformer-full.cmd
:  Simply run the backupinformer-full.cmd script with Administrative privileges.  The script will stop the IIS, SQLEXPRESS, and Informer services.  It will copy all necessary configuration files into "%USERPROFILE\Desktop\informerbackup\<DATE>-<TIME>.full", and will restart the services.  This script will copy all configuration snapshots and results

restoreinformer.cmd:  Copy the restoreinformer.cmd script into the output directory of backupinformer.cmd, i.e. C:\Users\joeuser\Desktop\informerbackup\20110609-11.10.11.  Run the script with Administrative privileges.  Be advised that this script will overwrite your existing Informer configuration, and will stop and start the IIS, SQLEXPRESS, and Informer services.  This script can optionally use informerpaths.cmd and will do so if it is also placed in the directory.
NotesThese scripts are provided for the convenience of our customers.  Questions on usage should be directed to NetWitness support, but full support for these scripts is not currently available.
Legacy Article IDa59772

Attachments

    Outcomes