Backing Up the ArcSight Database

You can manually create or automatically schedule a database backup before upgrading the ArcSight Platform. Follow this section to successfully back up the database.

Understanding the Database Backup Process
Preparing the Backup Configuration File
Backing Up the Database
Scheduling Automatic Backups

Understanding the Database Backup Process

This section provides an introduction to the backup process:

Backup Overview
Backup Terminology
Prerequisites to Configuring Database Backup

Backup Overview

You can perform a full backup, which is a complete copy of the database catalog, its schemas, tables, and other objects. It provides a snapshot of the database at the time of backup. You can use it for disaster recovery or to restore a damaged or an incomplete database. You can also restore individual objects from a full backup.

If a full backup already exists, then the database backup utility tool backs up new or changed data from the time the full backup was created. You can specify the number of backup snapshots to retain.

Backup Terminology

Backups are stored in the following folders in the backup location:
- Object Folder: Consists of database objects files, which contain the actual data stored in the database. Repeated backups copy the new objects that are not in the backup location.
- Snapshot folder: Contains a snapshot of the full catalog of the database at the time of the backup. Catalog contains metadata which is smaller in size than the actual data in the database. Catalog keeps track of all the database objects that were present in the database at the time of the backup snapshot. Many Catalog snapshots will refer to the same object files as the backups are performed more often than the lifespan of the object file. This avoids storing duplicates of object files for each backup. The backup_snapshot portion is defined by the .ini file and the date time strings are automatically appended by the database backup process.
Restore point: Each backup operation records the state of the database at the time of the backup and stores it in the backup archive as a restore point. You can restore to a specific restore point using the -archive argument.
Restore point limit: Specifies the number of previous backups that you want to retain in addition to the most recent backup.
In the backup utility configuration file, you can specify the number of backup snapshots to be retained using Specify the number of historical backups to retain in addition to the most recent backup, so that the expired snapshots can be groomed out. When a backup snapshot is groomed out, all associated object files that was being referenced by the snapshot will also be groomed out.

(Conditional) Prerequisites to Configuring Database Backup

If you have a cloud deployment (AWS, Azure or Google Cloud), before you configure the database backup, ensure your cloud administrator creates the communal storage backup location.

AWS Environment

For an AWS-based deployment, the backup communal storage location must be in the same region as the live database communal storage. The database supports connecting to S3 buckets in AWS using IAM roles. IAM roles are the default access control method for AWS resources. The database uses this method if you do not configure the legacy access control session parameters.

To use an IAM role, the bucket must be in the same region as the node's database cluster and the role needs to be set with the proper permissions for reading and writing to the S3 bucket. For more information about creating Amazon S3 buckets, see the AWS documentation, Creating a bucket. For more information about IAM roles, see the AWS documentation, IAM Roles for Amazon EC2 and Creating a role to delegate permissions to an AWS service.

Azure Environment

The backup communal storage location must be in the same Azure Storage Account as the live database communal storage.

Google Cloud Environment

For a Google Cloud based deployment, the backup communal storage location must be in the same region as the live database communal storage. The database supports connecting to the HMAC key.

To use the HMAC key, the bucket must be in the same region as the node's database cluster and the Service Account needs to be set with the proper permissions for reading and writing to the bucket. For more information about creating Google Cloud buckets, refer to Understanding Google Buckets.

Preparing the Backup Configuration File

A database backup utility is provided to be used to perform backup and restore procedures. To use this utility, it must first be configured. Once configured, it can be used to perform the complete lifecycle of scheduling backups, backup on-demand, managing the backup archive, and restoring from backup.

You must create an S3 bucket or a Blob storage backup folder before configuring the database backup utility.

Run this tool as a root user.

On database node1, execute the following command from the database scripts directory, located by default at /opt/arcsight-db-tools/scripts:
```
./db_backup.sh config
```
Select the communal storage.

Specify the values for the fields based on your storage type.

For S3 storage:

Scenario	Fields
Using IAM role	Specify your S3 server: Specify S3 server port [443]: Is TLS enabled(y/n): Specify your S3 backup bucket: Specify your S3 backup folder path: Specify your locking system path [/tmp]: Specify the number of historical backups to retain in addition to the most recent backup: Are the values correct?(y/n):

For Blob storage:

The Blob account used for backup must be the same account as used for the live database, otherwise you will observe an error.

Using managed identity to authenticate	Specify the account name. Enter y to use the managed identity to authenticate with Azure storage container. Specify the path to the Blob storage backup folder. Specify the path to the locking system. Specify the number of historical backups to be retained in addition to the most recent backup.
Not using managed identity to authenticate	Specify the account name. Enter n to not use the managed identity to authenticate with Azure storage container. Specify the account key. Specify the path to the Blob storage backup folder. Specify the path to the locking system. Specify the number of historical backups to be retained in addition to the most recent backup.

Backing Up the Database

To back up the ArcSight Database, complete the following steps:

Prepare the backup configuration file.
Run the following command from the database scripts directory, located by default at /opt/arcsight-db-tools/scripts:
```
./db_backup.sh backup
```

Scheduling Automatic Backups

OpenText recommends that you schedule backups to run every hour. To schedule a backup, use the following command from the database scripts directory, located by default at /opt/arcsight-db-tools/scripts:

./db_backup.sh schedule '<crontab_expression>'

where <crontab_expression> represents the time that you want to set for the scheduled backup.

For example:

./db_backup.sh schedule '0 * * * *'