End-of-Life (EoL)
Configure Live Backup
Configure Live Backup for an existing Cortex XSOAR multi-tenant deployment.
Configure Live Backup for the main server and the host server. Backup server
Ensure you have satisfied all prerequisites
before you configure Live Backup.
- Install and configure a Cortex XSOAR multi-tenant deployment, a main server and at least one host server.
- Root access.
- Internet access.
You need to configure Live Backup for the main server
and each host server.
You must install
the same Cortex XSOAR version and build on all servers.
When
using Cortex XSOAR with Elasticsearch, Live Backup is not available.
To back up or restore the contents of your Elasticsearch database,
follow the instructions in the Elasticsearch documentation. Alternatively,
you can also implement a full high availability solution.
Live
Backup architecture
The example provided assumes a multi-tenant
architecture with four servers.
- Main server (already installed)
- Host server (already installed)
- Backup main server
- Backup host server
Files and folders
These
are the files and folders you migrate from the main server and host server
to the backup main server and backup host server, respectively.
File/Folder | Location |
---|---|
Data | /var/lib/demisto/data |
Artifacts | /var/lib/demisto/artifacts |
Attachments | /var/lib/demisto/attachments |
Images | /var/lib/demisto/images |
System Tools | /var/lib/demisto/systemTools |
Tenants | /var/lib/demisto/tenants |
Public Key | /usr/local/demisto/cert.key |
PEM file | /usr/local/demisto/cert.pem |
License | The file is stored in one of the following
directories:
|
- Install and configure Cortex XSOAR on the backup main server.
- Run the./<demistoserver-xxxx.sh> -- -multi-tenant -dr -do-not-start-servercommand as root user to install Cortex XSOAR.
- On the main server machine, set all necessary server configurations, for example,External host name,Archiving,Log Level, and so on.
- On the main server machine go toto download a host installer file.SettingsAccount Management+Add Host
- Get the host installer file by one of the following methods.
- Download the file.
- Retrieve the file from the/artifactsfolder.
- Install and configure the host server and backup host server.
- Copy the host installer file from the main server to the backup host server.
- On the backup host server machine run the./<hostinstaller.sh> -- -dr -do-not-start-servercommand as root user to install Cortex XSOAR.
- On the host server machine, set all necessary server configurations, for example,External host name,Archiving,Log Level,Log level, and so on.
- On the main server machine, go toand verify that the main server recognizes the host server.SettingsAccount ManagementAll statuses should be green.
- Configure Live Backup for the main server.
- On the main server machine, go toand enable the Live Backup option.SettingsAdvancedBackups
- Enable theLive Backupoption.
- In theHostname/IP Addressfield enter the hostname or IP address of the backup main server.
- In thePortfield enter the port of the backup main server.
- ClickSave Live Backup configuration.
- Configure Live Backup for the host server.
- On the main server machine, go to.SettingsAccount Management
- ClickEditnext to the host name.
- Enable theLive Backupoption.
- In theHostname/IP Addressfield enter the hostname or IP address of the backup host server.
- In thePortfield enter the port of the backup host server.
- ClickSave Live Backup configuration.
- When prompted, restart the servers.
- Shut down the main server and host server in the following order.
- Main server
- Host server
- For each server (main server and all hosts), create a tarball file of the necessary files and folders and copy to the backup server.
- Ensure that all files and folders located in/var/lib/demistohavedemisto:demistoownership:chown -R demisto:demisto /var/lib/demisto
- Create the tarball file:tar --ignore-failed-read -pczf demistoBackup.tgz /var/lib/demisto/data /var/lib/demisto/artifacts /var/lib/demisto/attachments /var/lib/demisto/images /var/lib/demisto/systemTools /var/lib/demisto/d2_server.key /usr/local/demisto/cert* /usr/local/demisto/demisto.licSometimes thedemisto.licfile is located in/var/lib/demisto/demisto.licrather than/usr/local/demisto/demisto.lic. If so, change the directory in the command.If you have not set up a D2 server, you can remove/var/lib/demisto/d2_server.key.
- Verify the integrity of the tar file:md5sum demistoBackup.tgz
- Print the contents of the tar file to a text file:tar -tvf demistoBackup.tgz > demistoBackup.txtDo not delete the text file.
- Transfer the tarball file (demistoBackup.tgz) to the backup server, using your preferred tool such as scp:# scp demistoBackup.tgz root@<yourBackupServerIPortHostname>:/root
- On the backup server, check the MD5 Checksum and compare it to the original file to verify the tar file is 100% valid:md5sum demistoBackup.tgzThe MD5 sum is displayed. Compare this value against the MD5 sum saved in demistoBackup.txt in Step 4.
- On the backup server, extract the backup tarball file (original file permissions and ownership are preserved):sudo tar -C / -xzpvf demistoBackup.tgz
- Ensure all the copied files and folders havedemisto:demistoownership.
- Start the servers in the following order.
- Backup main server
- Backup host server
- Main server
- Host server
- When all servers are up, confirm that Live Backup is running successfully.
- On the main server machine, go toand verify that there are no errors.SettingsAdvancedBackups
- (Recommended) Create an incident on each tenant account and verify that there are no errors.
Recommended For You
Recommended Videos
Recommended videos not found.