Juniper STRM 2008.2 - RESTORING YOUR DATA 6-2008, STRM Troubleshooting Tips

JUNIPER NETWORKS STRM
T

ECHNICAL NOTE

RESTORING YOUR DATA

JUNE 2008

If you are using STRM 2008.1 and above, you can schedule the backu p of your
configuration information and data using the STRM Administration Console. The
data portion of the backup includes all offenses (including targets and attacker
information), asset data, event category information, vulnerability data, event data,
and flow data located on STRM.

Y ou can restore your configuration information using the STRM interface, however,
you must use the procedures in this document to restore your flow, event, or
reporting data. This document includes:

• Before You Begin

• Restoring Your Data

• Troubleshooting Tips

Caution: If the current configuration of your STRM system differs from the
configuration that existed at the time the data was backed up, your system may
experience some gaps in information once the data is restored. For example, if the
recovered data includes device information from a device that no longer exists, the
interface will not display information regarding this removed device.

Before You Begin Each managed host in your deployment, including the STRM Console, Flow

Processors, and Event Processors create backup files in the
directory.

Note: Your system may also include a mount /store/backup from an external SAN
or NAS service, which allows for long term off-line retention of data, as often
required for compliancy regulations, such as, HIPPA and PKI.

Before you restore the dat a , co nsider the following:

• Locate the managed host on which the data is backed up (Console, Flow

Processor, or Event Processor).

• Backup files are saved using the following format:

backup.<name>.<hostname>_<host ID>.<target date>.<backup
type>.<timestamp>.tgz

/store/backup/

Release 2008.2

2

Where:

<name> is the name associated with the backup.
<hostname> is the name of the STRM system hosting the backup file.
<host ID> is the identifier for the STRM system.
<target date> is the date that the backup file was created.
<backup type> is the type of backup. The options are data or config.
<timestamp> is the time that the backup file was created.

• Make sure your /store partition includes adequate space for the data you wish

to recover.

• The date and time for the data you wish to recover.

Restoring Your
Data

To restore your data:

Step 1 Log in to your STRM Console, as root.
Step 2 Connect to the system on which you wish to store the data. This may be a system

host your Console, Event Processor, or Flow Processor.

Step 3 Change the directory:

cd /store/backup

Step 4 Identify the data files you need to restore by reviewing the date stamps on the

listed files:

ls -l

A list of backup files appear. For example:

root@csd6 /store/backup# ls
backup.scheduled.csd6_2.06_03_2008.config.1204862632982.tgz
backup.scheduled.csd6_2.07_03_2008.config.1204949036670.tgz
backup.scheduled.csd6_2.07_03_2008.db.1204948866713.tgz
backup.scheduled.csd6_2.08_03_2008.config.1205035447658.tgz
backup.scheduled.csd6_2.20_04_2008.config.1208747057662.tgz
backup.scheduled.csd6_2.20_04_2008.data.1208747105710.tgz
backup.scheduled.csd6_2.21_04_2008.config.1208833492837.tgz
backup.scheduled.csd6_2.21_04_2008.data.1208833780364.tgz
backup.scheduled.csd6_2.21_04_2008.db.1208833282522.tgz
backup.scheduled.csd6_2.22_04_2008.config.1208919886899.tgz
backup.scheduled.csd6_2.22_04_2008.data.1208920422678.tgz
backup.scheduled.csd6_2.22_04_2008.db.1208919678682.tgz
backup.scheduled.csd6_2.23_04_2008.config.1209006291557.tgz
backup.scheduled.csd6_2.23_04_2008.data.1209006842493.tgz

Release 2008.2