End-of-Life (EoL)

Configure Live Backup

Configure Live Backup for an existing Cortex XSOAR multi-tenant deployment. Configure Live Backup for the main server and the host server. Backup server
Ensure you have satisfied all prerequisites before you configure Live Backup.
  • Install and configure a Cortex XSOAR multi-tenant deployment, a main server and at least one host server.
  • Root access.
  • Internet access.
You need to configure Live Backup for the main server and each host server.
You must install the same Cortex XSOAR version and build on all servers.
When using Cortex XSOAR with Elasticsearch, Live Backup is not available. To back up or restore the contents of your Elasticsearch database, follow the instructions in the Elasticsearch documentation. Alternatively, you can also implement a full high availability solution.
Live Backup architecture
The example provided assumes a multi-tenant architecture with four servers.
  • Main server (already installed)
  • Host server (already installed)
  • Backup main server
  • Backup host server
Files and folders
These are the files and folders you migrate from the main server and host server to the backup main server and backup host server, respectively.
File/Folder
Location
Data
/var/lib/demisto/data
Artifacts
/var/lib/demisto/artifacts
Attachments
/var/lib/demisto/attachments
Images
/var/lib/demisto/images
System Tools
/var/lib/demisto/systemTools
Tenants
/var/lib/demisto/tenants
Public Key
/usr/local/demisto/cert.key
PEM file
/usr/local/demisto/cert.pem
License
The file is stored in one of the following directories:
  • /usr/local/demisto/demisto.lic
  • /var/lib/demisto/demisto.lic
  1. Install and configure Cortex XSOAR on the backup main server.
    1. Run the
      ./<demistoserver-xxxx.sh> -- -multi-tenant -dr -do-not-start-server
      command as root user to install Cortex XSOAR.
    2. On the main server machine, set all necessary server configurations, for example,
      External host name
      ,
      Archiving
      ,
      Log Level
      , and so on.
    3. On the main server machine go to
      Settings
      Account Management
      +Add Host
      to download a host installer file.
    4. Get the host installer file by one of the following methods.
      • Download the file.
      • Retrieve the file from the
        /artifacts
        folder.
  2. Install and configure the host server and backup host server.
    1. Copy the host installer file from the main server to the backup host server.
    2. On the backup host server machine run the
      ./<hostinstaller.sh> -- -dr -do-not-start-server
      command as root user to install Cortex XSOAR.
    3. On the host server machine, set all necessary server configurations, for example,
      External host name
      ,
      Archiving
      ,
      Log Level
      ,
      Log level
      , and so on.
    4. On the main server machine, go to
      Settings
      Account Management
      and verify that the main server recognizes the host server.
      All statuses should be green.
  3. Configure Live Backup for the main server.
    1. On the main server machine, go to
      Settings
      Advanced
      Backups
      and enable the Live Backup option.
    2. Enable the
      Live Backup
      option.
    3. In the
      Hostname/IP Address
      field enter the hostname or IP address of the backup main server.
    4. In the
      Port
      field enter the port of the backup main server.
    5. Click
      Save Live Backup configuration
      .
  4. Configure Live Backup for the host server.
    1. On the main server machine, go to
      Settings
      Account Management
      .
    2. Click
      Edit
      next to the host name.
    3. Enable the
      Live Backup
      option.
    4. In the
      Hostname/IP Address
      field enter the hostname or IP address of the backup host server.
    5. In the
      Port
      field enter the port of the backup host server.
    6. Click
      Save Live Backup configuration
      .
  5. When prompted, restart the servers.
  6. Shut down the main server and host server in the following order.
    • Main server
    • Host server
  7. For each server (main server and all hosts), create a tarball file of the necessary files and folders and copy to the backup server.
    1. Ensure that all files and folders located in
      /var/lib/demisto
      have
      demisto:demisto
      ownership:
      chown -R demisto:demisto /var/lib/demisto
    2. Create the tarball file:
      tar --ignore-failed-read -pczf demistoBackup.tgz /var/lib/demisto/data /var/lib/demisto/artifacts /var/lib/demisto/attachments /var/lib/demisto/images /var/lib/demisto/systemTools /var/lib/demisto/d2_server.key /usr/local/demisto/cert* /usr/local/demisto/demisto.lic
      Sometimes the
      demisto.lic
      file is located in
      /var/lib/demisto/demisto.lic
      rather than
      /usr/local/demisto/demisto.lic
      . If so, change the directory in the command.
      If you have not set up a D2 server, you can remove
      /var/lib/demisto/d2_server.key
      .
    3. Verify the integrity of the tar file:
      md5sum demistoBackup.tgz
    4. Print the contents of the tar file to a text file:
      tar -tvf demistoBackup.tgz > demistoBackup.txt
      Do not delete the text file.
    5. Transfer the tarball file (
      demistoBackup.tgz
      ) to the backup server, using your preferred tool such as scp:
      # scp demistoBackup.tgz root@<yourBackupServerIPortHostname>:/root
    6. On the backup server, check the MD5 Checksum and compare it to the original file to verify the tar file is 100% valid:
      md5sum demistoBackup.tgz
      The MD5 sum is displayed. Compare this value against the MD5 sum saved in demistoBackup.txt in Step 4.
  8. On the backup server, extract the backup tarball file (original file permissions and ownership are preserved):
    sudo tar -C / -xzpvf demistoBackup.tgz
  9. Ensure all the copied files and folders have
    demisto:demisto
    ownership.
  10. Start the servers in the following order.
    • Backup main server
    • Backup host server
    • Main server
    • Host server
  11. When all servers are up, confirm that Live Backup is running successfully.
    1. On the main server machine, go to
      Settings
      Advanced
      Backups
      and verify that there are no errors.
    2. (
      Recommended
      ) Create an incident on each tenant account and verify that there are no errors.

Recommended For You