Preliminary checks hot backup

Before creating any backups, verify that all TheHive components are healthy. This helps catch any issues that could affect backup integrity.

Check service status

Confirm that all TheHive components are running.

sudo systemctl status thehive
sudo systemctl status cassandra
sudo systemctl status elasticsearch

All services should show as active and running.

Check Cassandra status

Run the following command:

nodetool status

You should see nodes marked as UN (Up/Normal). This indicates your Cassandra cluster is healthy.

Check Elasticsearch cluster health

curl -X GET "http://127.0.0.1:9200/_cluster/health?pretty"

The status should be green, which means your cluster is healthy and fully functional.

Other possible statuses include:

• yellow: Some replicas are missing but data is still available.
• red: Some data is unavailable—you should investigate before proceeding.

Review system logs

Check for any recent errors or warnings.

sudo journalctl -u thehive
sudo journalctl -u cassandra
sudo journalctl -u elasticsearch

If you find any critical errors, resolve them before continuing with the backup process.