|Applies To||RSA Product Set: NetWitness Logs & Network, Security Analytics|
RSA Product/Service Type: All Appliances
RSA Version/Condition: 10.6.x, 11.x
O/S Version: EL6, EL7
|Issue||This article explains where to get an RSA NetWitness Disaster Recovery backup and restore script, and which version of the released scripts should be used.|
There are other unofficial backup and restore scripts prior to NetWitness 10.6.2.0, but those are not documented here.
The official RSA NetWitness backup scripts are:
2. nw-recovery-tool (NRT)
These scripts are designed to run on CentOS 6 only. You must execute these scripts on CentOS 6 machines.
The backup and restore scripts do not support backup and restore for STIG or FIPS hardened hosts. The only workaround is to backup before hardening the appliance, and after a restore harden the appliance again.
Note that nw-backup-v2.0, supersedes nw-backup-v1.0.
You can use the nw-backup.sh and the nw-restore.sh scripts to back up and restore configuration data from the Security Analytics server and Security Analytics hosts for versions 10.6.2.0 and later. The scripts are specifically for restoring systems that fail. You can use the backup and restore scripts for RMAs, hardware refreshes, and general backup and restore requirements.
nw-backup-v3.0 is used only to upgrade version 10.6.4.x to version 11.0. There is no nw-restore.sh script.
nw-backup-v4.0 is used only to upgrade version 10.6.5.x to version 11.x. There is no nw-restore.sh script.
Note that nw-backup-v4.1, supersedes nw-backup-v3.0 and nw-backup-v4.0.
nw-backup-v4.1 is used to upgrade version 10.6.4.x to 11.0.0, or version 10.6.5.0 to 126.96.36.199, or version 10.6.6.0 to 188.8.131.52. There is no nw-restore.sh script.
Note that nw-backup-v4.2, supersedes nw-backup-v2.0 and nw-backup-v4.1.
nw-backup-v4.2 is used to:
a. Backup and restore NetWitness 10.6.2.0 and above.
b. Upgrade NetWitness version 10.6.4.x and above to NetWitness 11.x.