The backup and recovery procedures ensure that you can return to the previous working state of Security Analytics in the event of a failed upgrade. It is also used to retain and use the saved configuration and database files when upgrading to a new version. In addition, you can choose to back up information on an as-needed basis.
Note: In case of All-in-one hosts, Hybrid hosts or hosts with multiple services running, you must back up all the services and then restore them. For example, if the Log Decoder host has the Log Collector and Warehouse Connector services running, you must back up these services and then restore them. For more information, refer to the back up and restore procedures described for each service.
Note: Ensure that the systems and services that you are backing up will be restored on systems at the same version level or later. For example, if you are backing up files on a 10.6.0.0 system, be sure to restore the files on a system that is 10.6.0.0 or later.
Note: Each backup procedure described in this section includes steps for creating tar files and lists of directories to back up. However, not all of these directories are present on all Security Analytics deployments. If you list a directory that does not exist in the tar command, the following error is displayed:
Cannot stat: No such file or directory
tar: Exiting with failure status due to previous errors
Ignore the error. The tar file is created and you can proceed with the instructions.
The topics in this section describe how to backup and restore data on the Security Analytics server and appliance systems.