End-of-Life (EoL)
Configure the Live Backup Environment
Configure a live backup environment by mirroring your
production server to a backup server in Cortex XSOAR.
Live Backup enables you to mirror your production
server to a backup server, and in disaster recovery scenarios to
easily convert your backup server to be the production server.
When
using Cortex XSOAR with Elasticsearch, Live Backup is not available.
To back up or restore the contents of your Elasticsearch database,
follow the instructions for Elasticsearch disaster
recovery. Alternatively, you can also implement a full high availability
solution.
Before
you start, ensure that you save the disaster recovery configurations
before you copy all files.
These
instructions do NOT apply to multi-tenant deployments. Instead,
follow the configure Live Backup instructions
in the multi-tenant guide.
- On the production server, enable live backup.
- Go to.SettingsAboutTroubleshootingServer Configuration
- Verify that theExternal Host Nameis correct.
- ClickAdd Server Configuration.
- Add the following key and value.KeyValueui.livebackuptrue
- Go toand in theAdvancedBackupsLive Backupfield, selectON.
- Add the following backup server parameters.ParametersValueHostname/IP AddressBackup server IP address or Host name (without https:// prefix).PortDefault is 443.Trust server certificate (unsecured)ON: certificates are not checked. OFF: certificates are checked.Use proxySelect whether to use a proxy.
- On the backup machine (with a different host name or IP address), install Cortex XSOAR.
- sudo ./demistoserver-xxxx.sh -- -dr -do-not-start-server
- Verify that the backup server is accessible from the production server through port 443 (or any other port configured as a listening port). Ensure that there are no firewalls that might drop communication.
- On the production server, stop the Cortex XSOAR server:sudo service demisto stop
- On the production server, create a tarball file of the necessary files and folders on the production server and copy it to the backup server.
- Ensure that all files and folders located in/var/lib/demistohavedemisto:demistoownership:chown -R demisto:demisto /var/lib/demisto
- Create the tarball file:tar --ignore-failed-read -pczf demistoBackup.tgz /var/lib/demisto/data /var/lib/demisto/artifacts /var/lib/demisto/attachments /var/lib/demisto/images /var/lib/demisto/systemTools /var/lib/demisto/d2_server.key /usr/local/demisto/cert* /usr/local/demisto/demisto.licSometimes thedemisto.licfile is located in/var/lib/demisto/demisto.licrather than/usr/local/demisto/demisto.lic. If so, change the directory in the command.If you have not set up a D2 server, you can remove/var/lib/demisto/d2_server.key.
- Verify the integrity of the tar file:md5sum demistoBackup.tgz
- Print the contents of the tar file to a text file:tar -tvf demistoBackup.tgz > demistoBackup.txtDo not delete the text file.
- Transfer the tarball file (demistoBackup.tgz) to the backup server, using your preferred tool such as scp:# scp demistoBackup.tgz root@<yourBackupServerIPortHostname>:/root
- On the backup server, check the MD5 Checksum and compare it to the original file to verify the tar file is 100% valid:md5sum demistoBackup.tgzThe MD5 sum is displayed. Compare this value against the MD5 sum saved in demistoBackup.txt in Step 4.
- On the backup server, extract the backup tarball file (original file permissions and ownership are preserved):sudo tar -C / -xzpvf demistoBackup.tgz
- Ensure all the copied files and folders havedemisto:demistoownership.
- Start the backup server:sudo service demisto start
- Start the production server:sudo service demisto startIf the procedure is successful,Live BackupisON.If the server is active, Cortex XSOAR appears as usual when you connect. You can Transition an Active Server to Standby Mode or Transition a Standby Server to Active Mode.
Recommended For You
Recommended Videos
Recommended videos not found.
