000036438 - Available backup and restore scripts for the RSA NetWitness Platform

Document created by RSA Customer Support Employee on Jun 16, 2018Last modified by RSA Customer Support Employee on Oct 17, 2018
Version 7Show Document
  • View in full screen mode

Article Content

Article Number000036438
Applies ToRSA Product Set: NetWitness Logs & Network, Security Analytics
RSA Product/Service Type: All Appliances
RSA Version/Condition: 10.6.x, 11.x
Platform: CentOS
O/S Version: EL6, EL7
IssueThis article explains where to get an RSA NetWitness Disaster Recovery backup and restore script, and which version of the released scripts should be used.
Tasks

There are other unofficial backup and restore scripts prior to NetWitness version 10.6.2.0, those are not documented here.



The official RSA NetWitness backup scripts are:

1. nw-backup



v1.0 NetWitness 10.6.2.0 and above, backup and restore - superseded by v2.0
v2.0 NetWitness 10.6.2.0 and above, backup and restore
v3.0 NetWitness 11.0 upgrade only - superseded by v4.1
v4.0 NetWitness 11.1 upgrade only - superseded by v4.1
v4.1 NetWitness 11.x upgrade only


 



2. nw-recovery-tool (NRT)



NW11.1 Backup and restore (Alpha release, not officially supported by RSA Engineering).
NW11.2 NetWitness Recovery Tool (NRT) official release.
Resolution

1. nw-backup



These scripts are designed to run on CentOS 6 only. You must execute these scripts on CentOS 6 machines.



The backup and restore scripts do not support backup and restore for STIG or FIPS hardened hosts.  The only workaround is to backup before hardening the appliance, and after a restore harden the appliance.



nw-backup-v1.0





nw-backup-v2.0



Note that nw-backup-v2.0, supersedes nw-backup-v1.0.




You can use the nw-backup.sh and the nw-restore.sh scripts to back up and restore configuration data from the Security Analytics server and Security Analytics hosts for versions 10.6.2.0 and later. The scripts are specifically for restoring systems that fail. You can use the backup and restore scripts for RMAs, hardware refreshes, and general backup and restore requirements.


 

nw-backup-v3.0



nw-backup-v3.0 is used only to upgrade version 10.6.4.x to version 11.0.  There is no nw-restore.sh script.




 


nw-backup-v4.0



nw-backup-v4.0 is used only to upgrade version 10.6.5.x  to version 11.x.  There is no nw-restore.sh script.







nw-backup-v4.1



Note that nw-backup-v4.1, supersedes nw-backup-v3.0 and nw-backup-v4.0.



nw-backup-v4.1 is used to upgrade version 10.6.4.x  to 11.0.0, or version 10.6.5.0 to 11.1.0.0, or version 10.6.6.0 to 11.2.0.0.  There is no nw-restore.sh script.






 



2. nw-recovery-tool (NRT)




rsa-nw-recovery-tool-11.1.0.0-1802231617.5.6ec9690.el7.noarch.rpm




  • The NW 11.1 backup and restore (Alpha release, not officially supported by RSA Engineering) is an included rpm with the NW11.1.0.0 install.



  • There is no official announcement for this script, and no documentation.



  • The script can be run to make a backup using the following syntax:



/usr/bin/nw-recovery-tool --export --dump-dir {path-to-directory} --category {category-value}




where,




  • {path-to-directory} is a path to a directory where the backup is written.



  • {category-value} is a value from the /etc/netwitness/recovery-tool/category.sequence file, case-sensitive (like ESAPrimary) for the type of appliance to backup.




rsa-nw-recovery-tool-11.2.0.0-1808071743.5.14596d4.el7.noarch.rpm




Attachments

    Outcomes