Administrators can back up and restore configuration and database files for Malware Analytics, so if information is lost or deleted, it can be restored.
Back Up Files
For a full backup of configuration files:
- Stop RSA Malware service with the following command:
- Create a tar file of the required files
tar -cjphvf RSAMalwareFromSlashNew.tar.bz2 /var/lib/netwitness/rsamalware --exclude='root.war' /etc/init/rsaMalwareDevice.conf
- Start RSA Malware service with the following command
Note: For a daily or a partial backup you can create a tar file of files in the subdirectory var/lib/netwitness/rsamalware/spectrum
To back up database files:
- Backup in one of the following ways:
- On a co-located host, it uses H2. If you backup the directory var/lib/netwitness/rsamalware mentioned above, it backs up the database as well.
- On a standalone MA box, Postgres is used. Back up the database in the directory var/lib/pgsql/9.1/data on a daily basis.
To restore the configuration and database files:
- Log on to the host you intend to restore from a saved backup using ssh.
Stop RSA Malware service with the following command:
Change the directory.
- Copy the necessary tar file RSAMalwareFromSlashNew.tar.bz2 using a utility like SCP to the host in the / folder.
Extract the tar file by using the following command:
tar -xjpvf RSAMalwareFromSlashNew.tar.bz2
Start RSA Malware service with the following command: