The Sentinel backup and restore utility is a script that performs a backup of the system data and also lets you restore the data at any given point in time. However, this utility cannot be used to back up a Collector Manager or the operating system components and configuration.
NOTE:You can restore the data only on the same version of Sentinel in which the data was backed up because there might be changes between Sentinel versions, which might make the data incompatible.
You can back up the following data:
Configuration data: Data stored in the config, data, 3rdparty/postgresql, and 3rdparty/jetty directories, and the data in the Sentinel database. This data includes configuration files, property files, and keystore files. The Sentinel database contains various configuration information related to users, plug-ins, Collectors, Connectors, and filters.
NOTE:The configuration data can be critical and you should always include the configuration data in the backup.
Event data: Dynamic event data and raw event data stored in the data/eventdata and /var/opt/novell/sentinel/data/rawdata directories. The event data also includes event associations stored in the /var/opt/novell/sentinel/data/eventdata/exported_associations directory. The event associations data includes correlated event association data and the incident event association data.
Secondary storage data: The closed event data files that have been moved to the secondary storage.
Runtime data: Dynamic file-based queues used by plug-ins, Sentinel Link, and other Sentinel components. This includes the data in the data/plugindata and the /var/opt/novell/sentinel/data/sentinel_link.queues directories.
Security Intelligence data: The Security Intelligence data stored in the MongoDB database.
Sentinel logs: Log files generated by Sentinel and stored in the /var/opt/novell/sentinel/log directory.