Backing up / Restoring of data
This page aims to guide you through the process of backing up the data of all ACUBE-related services, including (but not limited to):
- ACUBETotal
- OpenCTI
- CAPEv2 sandbox
- Correlation
Backing up procedure
- With compression:
tar zcvf <output_gzip_filename> <files_to_backup>
- Without compression:
tar cvf <output_tar_filename> <files_to_backup>
Restoring an old backup
- Move the tar/gzip file to the corresponding locations to restore
- Restore the files
- With compression:
tar zxvf <gzip_filename> - Without compression:
tar xvf <tar_filename>
- With compression:
Key backup/restoring locations
ACUBETotal
Backing up of ACUBETotal’s data is relatively easy - almost everything is stored in docker volumes.
| Volume name | File Location |
|---|---|
| pipeline | /var/lib/acubetotal/pipeline |
| database | /var/lib/acubetotal/database |
| elasticsearch | /var/lib/acubetotal/elasticsearch |
info
You may also want to backup /var/lib/acubetotal/pipeline-tmp, though it only serves as a cache. Losing the contents of this directory will not result in any actual loss of data.
OpenCTI
Similarly, everything in OpenCTI is stored in docker volumes.
| Volume name | File Location |
|---|---|
| opencti_amqpdata | /var/lib/docker/volumes/opencti_amqpdata |
| opencti_esdata | /var/lib/docker/volumes/opencti_esdata |
| opencti_redisdata | /var/lib/docker/volumes/opencti_redisdata |
| opencti_s3data | /var/lib/docker/volumes/opencti_s3data |
CAPEv2 Sandbox
Sandbox's storage is located in /opt/CAPEv2/storage.
You may also want to backup the postgres and MongoDB data.
Correlation
Work in Progress