End-of-Life (EoL)

Configure the Live Backup Environment for a Distributed Database

  1. Navigate to
    Settings
    Advanced
    Remote Databases
    .
  2. Select the database node for which you want to configure Live Backup and click
    Edit Live Backup Configuration
    .
  3. Toggle the Live Backup field to
    On
    .
  4. Configure the backup server properties.
  5. Property
    Value
    Hostname
    Backup server IP address or hostname (without the https:// prefix).
    Port
    443 (by default).
    Trust server certificate
    On: certificates are not checked. Off: certificates are checked.
    Use proxy
    Select whether to use a proxy.
  6. Click
    Save Live Backup Configuration
    .
  7. Copy the installation package to the machines on which you want to install the live backup servers. Ensure that the backup server has a different IP address from the active server.
  8. Install Cortex XSOAR using the following command:
    ./demistoserver-xxxx.sh -- -dr -do-not-start-server -db-only -external-address=<IP or hostname> -db-secret=<your_db_secret> -y
  9. Parameter
    Description
    demistoserver-X
    The name of the Cortex XSOAR installer, where X is the version and build number.
    dr
    The flag indicating that the installation is for disaster recovery.
    do not start server
    The flag indicating that the server should not be started.
    db-only
    The flag indicating that only the database server is installed.
    db-secret
    A 10-character string that you defined when you installed the database server. The secret is used by the database to authenticate the app servers.
    external-address
    The app server's public IP address or hostname.
    Do not include the http or https prefix.
    y
    Answers all remaining installation questions with a yes (using default settings) and enables you to continue the installation silently.
    This automatically enables telemetry. For more information, see Cortex XSOAR Telemetry.
    For example:
    sudo ./cortexxsoarserver--6.0-70066.sh -- -dr -do-not-start-server -db-only -db-secret=9876543210 -external-address=2.2.2.2 -y
  10. Verify that the passive server is accessible from the active server through port 443 (or any other port configured as a listening port). Make sure that there are no firewalls that might drop communication.
  11. Stop the Cortex XSOAR server.
  12. Create a tarball file of the following necessary files and folders on the active server to be copied to the passive server.
    • /var/lib/demisto/data
    • /var/lib/demisto/artifacts
    • /var/lib/demisto/attachments
    • /var/lib/demisto/systemTools
    • /var/lib/demisto/d2_server.key
    • /usr/local/demisto/cert*
    • /usr/local/demisto/demisto.lic
    To create the file, use the following command, which preserves demisto:demisto ownership and file permissions.
    tar --ignore-failed-read -pczf demistoBackup.tgz /var/lib/demisto/data /var/lib/demisto/artifacts /var/lib/demisto/attachments /var/lib/demisto/systemTools /var/lib/demisto/d2_server.key /usr/local/demisto/cert* /usr/local/demisto/demisto.lic
  13. Copy the created tarball file (demistoBackup.tgz) to the passive server using either
    scp
    or a tool that you prefer. For example,
    scp demistoBackup.tgz root@<yourBackupServerIPorHostname>:/root
  14. On the passive server, extract the backup tarball file with the following command (original file permissions and ownership will be preserved):
    tar -C / -xzpvf demistoBackup.tgz
  15. Start the passive server.
  16. Start the active server.
If the procedure was successful, you will see the following information populated in the table in
Settings
Advanced
Remote Databases
.
Property
Value
DR Link
The hostname or IP address of the backup server.
DR Status
The connection status to the backup server. Possible values are:
  • Ok
  • Pending
  • Error

Recommended For You