You want to know what do you need to save to fully recover your SSIM Appliance
Some files, configurations or changes made in the Symantec Security Information Manager can be removed or altered during an product update.
Backup the following items before updating, configuring Symantec Security Information Manager or when any changes are made.
SSIM 4.6 & SSIM 4.7
Backup the DB2 Database using the Web Configuration page 4.6 - Database Utilities -> Backup 4.7 - Maintenance -> Backup and Restore -> Backup The backup is stored in multiple files in /dbsesa/backup/ 4.8 - Maintenance -> Backup and Restore -> Backup The backup is stored in multiple files in /dbsesa/backup/
Backup the LDAP database using the Web Configuration page 4.6 - Database Utilities ->LDAP Backup 4.7 - Maintenance -> Backup and Restore -> LDAP Backup The backup is stored on the appliance in /dbsesa/backup/ldap 4.8 - Maintenance -> Backup and Restore -> LDAP Backup The backup is stored on the appliance in /dbsesa/backup/ldap
Custom User Rules, when you export them they will be exported as two files MyRule.xml and MyRule.cfg, both of these files must be in the same folder when you import them back in if necessary.
Custom queries in My Queries, must be exported or publish them so they are included in the LDAP Backup
Custom reports in My Reports, must be exported or publish them so they are included in the LDAP Backup Note: Exported reports, or backed up reports do not include the queries referenced by the reports.
Dashboard properties are included in the LDAP backup Note: custom queries referenced by the Dashboard must be backed up by one of the method covered previously.
Tar up the eventarchives using this command and move them off the appliance
# tar cf eventarchive.tar /eventarchive
These files should be backed up whenever you create or change anything in the Symantec Security Information Manager UI and are copied to the local machine from which you are running the Symantec Security Information Manager UI:
Backup all Queries by exporting the query as a *.qml file
Backup all Reports by exporting the report as a *.rml file
Export Sensors for Product configuration pages as .xml files
Export Assests as a .csv file incase you need to reinstall or rebuild and need to have assets.
Export any User Rules after they are tested and deployed. These will be exported as a .xml and.cfg file.
You also need to backup your certificate. If you don't backup the certificate after recovering from a disaster you won't be able to verify your old archive. (i.e. digital signature) See KB :TECH142577
Imported Document Id
This is machine translated content
Login to Subscribe
Please login to set up your subscription.
Didn't find the article you were looking for? Try these resources.