SysMaint: ESA Backup and Recovery

Document created by RSA Information Design and Development on Jul 29, 2016Last modified by Susan Ewald on Nov 1, 2016
Version 2Show Document
  • View in full screen mode
 

This topic tells administrators how to back up and restore the configuration and database files for ESA.

Note: In Security Analytics 10.4, ESA alert data is stored in the co-located Mongo instance (database name: esa). For details on backup and restore, refer to mongodump and mongorestore.

To back up Configuration files:

  1. Stop the ESA service using the following command:
    service rsa-esa stop
  2. Create a single tar.gz of all the subdirectories except the sub-directories logs, db, bin, and lib under /opt/rsa/esa.
    cd /
    tar -C / --exclude=/opt/rsa/esa/logs --exclude=/opt/rsa/esa/db --exclude=/opt/rsa/esa/bin --exclude=/opt/rsa/esa/lib --atime-preserve --recursion -cvphjf esa.tar.gz /opt/rsa/esa

To restore the Configuration files:

  1. Login to the host you intend to restore from a saved backup using ssh
  2. Change to the / directory.
    cd /
  3. Copy the necessary tar file using a utility like SCP to the appliance in the / folder.
  4. Extract the tar file by using the following command
    tar -xvpjf esa.tar.gz
  5. Delete the tar file.
    rm esa.tar.gz

Note: The wrapper.conf file under /opt/rsa/esa/conf contains the JAVA class path listing. The contents of this file are relevant for a given ESA RPM. If the backup and restore is across versions the old file must be discarded, else it must be preserved.

In Security Analytics 10.4, ESA alert data is stored in the co-located Mongo instance (database name: esa). For details on backup and restore, refer to mongodump and mongorestore.

You are here: Backup and Restore Data for Hosts and Services > ESA Backup and Recovery

Attachments

    Outcomes