Important: Be aware that if your VPN certificate changes after the backup has taken place, you must reconfigure the VPN connection after restoring the backup file.
/var/sheriff/backup/configuration_<hostname>_<timestamp>.tar.gzFor example,
configuration_VirtualSheriffAllInOne_1429616586.tar.gz
The integer string represents epoch time, therefore, the backup with the highest number denotes the most recent one. Sheriff CSM maintains 10 backups on each system, based on their time stamp.
Note: Sheriff recommends keeping a copy of the latest backup file outside of Sheriff CSM because you may not be able to retrieve these backup files when the system is down.
Before starting the backup, Sheriff CSM verifies the following:
To set up a password to encrypt the backup files
In the web UI, go to Configuration > Administration > Main > Backup.
In Password to encrypt backup files, type a password between 7 and 32 characters.
Important: Do not use the following characters in your password:
;, |, &, $, <, >, \n, (, ), [, ], {, }, ?, *, ^, \.
Click Update Configuration.
To run a backup manually
In the web UI, go to Configuration > Administration > Backups > Configuration.
Click Run Backup Now.
A message appears showing when the last backup was run and asking if you want to continue.
Select Yes to start the backup.
These backups display as "Manual" under the Type column.
To see any error messages in the backup logs
Go to Configuration > Administration > Backups > Configuration.
Click View Backup Logs.
In a federated environment, where you have Sheriff CSM Sensors (Deputies) reporting to a Sheriff CSM Server (child), which then reports to another Sheriff CSM Server (federated), keep the following in mind:
To back up the child server from the federated server:
Go to Configuration > Administration > Backups > Configuration.
Choose which system you want to use by expanding Show Backups for.
Click Run Backup Now.
Before running a restoration, Sheriff CSM verifies the following and aborts the restoration process if any of these checks fails:
No re-configuration process is running.
No other backup or restore processes are running.
The backup profile matches the system profile. In other words, you cannot restore a backup file from the Sheriff CSM Server on the Sheriff CSM Sensor.
Backup file version is the same as the target system. In other words, you can only restore a Sheriff CSM version 5.4.3 backup on a system that is running Sheriff CSM version 5.4.3.
Note: You can restore an Sheriff Vigilante backup on a Sheriff CSM or vice versa, as long as they are the same version.
Sufficient disk space exists to restore the configuration backup.
Before restoring a backup file, you must transfer the file to the target system and place it in the /var/Sheriff/backup/
directory. You can use either an SFTP client on Windows, such as WinSCP; or the SCP protocol on Linux.
To restore a backup file
Connect to the Sheriff Console through SSH and use your credentials to log in.
The Sheriff Setup menu displays.
Select Maintenance & Troubleshooting.
Select Backups.
Select Restore configuration backup.
Select the backup file you want to restore, click <OK> or press Enter.
Select <Yes> to continue.
Enter the password used to encrypt the backup files.
The restoration process starts.
After the process finishes, the system restarts automatically.
Note: Your SSH connection will drop if the IP address of Sheriff CSM changes as a result of the restoration.
Log in to display the Sheriff Setup menu again.
Select System Preferences.
Select Reset Sheriff API Key.
To find out more, see Reset the Sheriff API Key.
Column / Field Name | Description |
---|---|
System | System chosen for backup |
Date | Date and time when the backup was run. |
Backup | Backup category. Currently the only category is Configuration. |
Type | Backup Type. Supported values are Auto and Manual. |
Version | Version of the Sheriff CSM system. |
Size | Size of the backup file. |
Download | Saves the backup file to your local machine. |
To look for a backup
Search fields are System (name or IP address), Date, or Type.
To download backups and store them locally
Locate the backup you'd like to download.
In the last column, click the download icon ().
Sample backup file format:
configuration_VirtualSheriffAllInOne_1429616586.tar.gz
Because the integer string represents epoch time, the backup with the highest number denotes the most recent one.
To delete one or more backups
Select the backups by checking the square(s) to the left of each backup.