How to create Backups
1.Backup CYBERQUEST Agent
In the event of a disaster, to save the Agent's configurations and data sources, please follow these steps:
A. On the Windows machine where the CYBERQUEST Agent is installed, open Windows Services and stop the CYBERQUEST Agent service.
To check if the CYBERQUEST Agent has stopped, open Task Manager > Details and wait until the Agent.exe process disappears from Task Manager.
B. Copy the folder datasources to another machine. The folder is in the following path:
C:\Program Files\CyberQuestAgent\datasources
C. Open Windows Services and start the CYBERQUEST Agent service.
To verify that the CYBERQUEST Agent has started, open Task Manager> Details and wait until the Agent.exe process appears in the Task Manager.
2.Backing up configuration server side
To back up configurations, we need to export the two databases, config and reports.
Config contains CYBERQUEST application settings such as alert settings, jobs, dictionaries, and CYBERQUEST service settings.
Reports contains CYBERQUEST application customizations at dashboards, dashgroups, reports, agents and users.
To back up the two databases, we need to follow these steps:
A.Authenticate in CYBERQUEST server via ssh
B.Change the path using the following command:
cd /home/superadmin/
C.Create the folder bkp where the data will be saved:
mkdir bkp
D.Change the path to the newly created folder:
cd bkp
E.Use the following commands to back up the two databases:
mysqldump -u root -p --databases reports > reports.sql
mysqldump -u root -p --databases config > config.sql
F.Copy the bkp folder to another machine to complete the backup process.
3.Backup Virtual Appliance
It is recommended to use a tool for backing up virtual appliances. Many tools on the market, like VEEAM or Quest Rapid Recovery, use an agent installed on hypervisor to handle virtual machines, therefore installing nothing on the virtual machine itself.
A.Open Veeam application
B.Create a Backup Job. Add name and description
C.Select Virtual Machine to backup data
D.Select backup repository to save data and number of restore days
E.Choose guest OS processing options
E.Schedule the execution job
F. Summary
4.Backup data storage data
Every message collected by CYBERQUEST is automatically sent to data storages, as configured in Settings > Data Storages page:
Stored events are normalized in JSON format, compressed, encrypted and digitally signed. They can be later imported to a backup storage.
The default path is: /data/storage/default
The default folder must be copied to another external storage medium (outside CYBERQUEST).
5.Backup elasticsearch data
Every message collected by CYBERQUEST is automatically sent to short term storage (elasticsearch).
The default path is: /data/elasticsearch
The elasticsearch folder must be copied to another external medium (outside CYBERQUEST).