立即与支持人员聊天
与支持团队交流

syslog-ng Store Box 6.3.0 - Administration Guide

Preface Introduction The concepts of SSB The Welcome Wizard and the first login Basic settings User management and access control Managing SSB Configuring message sources Storing messages on SSB Forwarding messages from SSB Log paths: routing and processing messages Configuring syslog-ng options Searching log messages Searching the internal messages of SSB Classifying messages with pattern databases The SSB RPC API Monitoring SSB Troubleshooting SSB Security checklist for configuring SSB

Creating a backup policy using NFS

The NFS backup method connects to a shared directory of the target server with the Network File Share protocol.

NOTE:

Backup and archive policies only work with existing shares and subdirectories.

If a server has a share at, for example, archive and that directory is empty, when the user configures archive/ssb1 (or similar) as a backup/archive share, it will fail.

  1. Navigate to Policies > Backup & Archive/Cleanup and click in the Backup policies section to create a new backup policy.

    Figure 48: Policies > Backup & Archive/Cleanup > Backup policies — Configure backup

  2. Enter a name for the backup policy (for example main-backup).

  3. Enter the time when the backup process should start into the Start time field in HH:MM format (for example 23:30).

  4. Enter the IP address or the hostname of the remote server into the Target server field (for example backup.example.com).

  1. Select NFS from the Target settings radio buttons.

    Figure 49: Policies > Backup & Archive/Cleanup > Backup policies — Configure NFS backups

  2. Enter the domain name of the remote server into the Target server field.

  3. Enter the name of the NFS export into the Export field.

    syslog-ng Store Box (SSB) saves all data into this directory, automatically creating the subdirectories.

  4. The remote server must also be configured to accept backups from SSB.

    Add a line that corresponds to the settings of SSB to the /etc/exports file of the backup server. This line should contain the following parameters:

    • The path to the backup directory as set in the Export field of the SSB backup policy.

    • The IP address of the SSB interface that is used to access the remote server. For more information on the network interfaces of SSB, see Network settings.

    • The following parameters: (rw,no_root_squash,sync).

    Example: Configuring NFS on the remote server

    For example, if SSB connects the remote server from the 192.168.1.15 IP address and the data is saved into the /var/backups/SSB directory, add the following line to the /etc/exports file:

    /var/backups/SSB 192.168.1.15(rw,no_root_squash,sync)
  5. On the remote server, execute the following command:

    exportfs -a

    Verify that the rpc portmapper and rpc.statd applications are running.

  1. To receive e-mail notification of the backup, select the Send notification on errors only or the Send notification on all events option. Notifications are sent to the administrator e-mail address set on the Management tab.

    To include the list of files in the e-mail, select Send notification on all events and enable the Include file list option. However, note that if list is very long, the SSB web interface might become unaccessible. In this case, set the Maximum number of files in notification lower. After this number has been reached, file names will be omitted from the notification.

    NOTE:

    This e-mail notification is sent to the administrator's e-mail address, while the alerts are sent to the alert e-mail address (see Configuring system monitoring on SSB).

  2. Click Commit.

  3. To assign the backup policy to a logspace, see Creating data backups.

Creating configuration backups

To create a configuration backup, assign a backup policy as the System backup policy of syslog-ng Store Box (SSB).

TIP:

To create an immediate backup of SSB's configuration to your machine (not to the backup server), select Basic Settings > System > Export configuration. Note that the configuration export contains only the system settings and configuration files (including changelogs). System backups includes additional information like reports and alerts.

To encrypt your configuration backups, see Encrypting configuration backups with GPG.

Prerequisites

You have to configure a backup policy before starting this procedure. For details, see Data and configuration backups.

To create a configuration backup

  1. Navigate to Basic Settings > Management > System backup.

    Figure 50: Basic Settings > Management > System backup — Configure system backup

  2. Select the backup policy you want to use for backing up the configuration of SSB in the System backup policy field.

  3. Click Commit.

  4. Optional: To start the backup process immediately, click Backup now. The Backup now functionality works only after a backup policy has been selected and committed.

Creating data backups

To configure data backups, assign a backup policy to the logspace.

TIP:

Data that is still in the memory of syslog-ng Store Box (SSB) is not copied to the remote server, only data that was already written to disk.

To make sure that all data is backed up (for example, before an upgrade), shut down syslog-ng before initiating the backup process.

Caution:

Statistics about syslog-ng and logspace sizes are not backed up. As a result, following a data restore, the Basic Settings > Dashboard page will not show any syslog-ng and logspace statistics about the period before the backup.

You have to configure a backup policy before starting this procedure. For details, see Data and configuration backups.

To configure data backups

  1. Navigate to Log > Logpaces.

  2. Select the logspace you want to back up.

  3. Select a backup policy in the Backup policy field.

  4. Click Commit.

  5. Optional: To start the backup process immediately, click Backup or Backup ALL. The Backup and Backup ALL functionalities work only after a backup policy has been selected and committed.

Encrypting configuration backups with GPG

You can encrypt the configuration file of syslog-ng Store Box (SSB) during system backups using the public-part of a GPG key. The system backups of SSB contain other information as well (for example, databases), but only the configuration file is encrypted. Note that system backups do not contain logspace data.

For details on restoring configuration from a configuration backup, see Restoring SSB configuration and data.

NOTE:

It is not possible to directly import a GPG-encrypted configuration into SSB, it has to be decrypted locally first.

Prerequisites:

You have to configure a backup policy before starting this procedure. For details, see Data and configuration backups.

You need a GPG key which must be permitted to encrypt data. Keys that can be used only for signing cannot be used to encrypt the configuration file.

To encrypt configuration backups with GPG

  1. Navigate to Basic > System > Management > System backup.

  2. Select Encrypt configuration.

  3. Select .

    • To upload a key file, click Browse, select the file containing the public GPG key, and click Upload. SSB accepts both binary and ASCII-armored GPG keys.

    • To copy-paste the key from the clipboard, paste it into the Key field and click Set.

  4. Click Commit.

相关文档