Sys Maintenance: ESA Backup and Recovery

Document created by RSA Information Design and Development on Jul 28, 2016
Version 1Show Document
  • View in full screen mode
 

Note: In Security Analytics 10.4, ESA alert data is stored in the co-located Mongo instance (database name: esa). For details on backup and restore, refer to mongodump and mongorestore in the MongoDB 3.2 Manual.

To back up Configuration files:

  1. Stop the ESA service using the following command:

    service rsa-esa stop

  2. Create a single tar.gz of all the subdirectories except the sub-directories logs, db, bin, and lib under /opt/rsa/esa.

    cd /
    tar -C / --exclude=/opt/rsa/esa/logs --exclude=/opt/rsa/esa/db --exclude=/opt/rsa/esa/bin --exclude=/opt/rsa/esa/lib --atime-preserve --recursion -cvphjf esa.tar.gz /opt/rsa/esa

To restore the Configuration files:

  1. Login to the host you intend to restore from a saved backup using ssh
  2. Change to the / directory.

    cd /

  3. Copy the necessary tar file using a utility like SCP to the host in the / folder.
  4. Extract the tar file by using the following command:

    tar -xvpjf esa.tar.gz

  5. Delete the tar file.

    rm esa.tar.gz

Note: The wrapper.conf file under /opt/rsa/esa/conf contains the JAVA class path listing. The contents of this file are relevant for a given ESA RPM. If the backup and restore is across versions the old file must be discarded, else it must be preserved.

In Security Analytics 10.4, ESA alert data is stored in the co-located Mongo instance (database name: esa). For details on backup and restore, refer to  mongodump and mongorestore in the MongoDB 3.2 Manual

You are here: Backup and Restore Data for Hosts and Services > ESA Backup and Recovery

Attachments

    Outcomes