Perform a Cold Backup on a Virtual Server#
In this tutorial, we're going to guide you through performing a cold backup of TheHive on a virtual server. A cold backup involves fully stopping TheHive and its related services before making a copy of your data. While it requires downtime, this method ensures the highest level of data consistency.
Using virtual servers provides more flexibility in performing backup and restore operations.
Cold vs. hot backups and restores
Before proceeding, ensure you fully understand the implications of performing a cold backup and restore. This process requires stopping all services to ensure data integrity and is available only for standalone servers.
Best practices for safe backup and restore
- Coordinate your Apache Cassandra, Elasticsearch, and file storage backups to run at the same time. Using automation like a cron job helps minimize the chance of inconsistencies between components.
- Before relying on these backups in a real incident, test the full backup and restore flow in a staging environment. It’s the only way to make sure everything works as expected.
- Ensure you have an up-to-date backup before starting the restore operation, as errors during the restoration could lead to data loss.
Prerequisites#
This process and example below assume you have followed the step-by-step guide to install the application stack.
First option: Back up data folders#
Similar to using a physical server, use scripts to back up the configuration, data, and logs from each application in your stack. Store the backups in a folder that can be archived elsewhere. Refer to the Perform a Cold Backup on a Physical Server guide for detailed instructions.
Second option: Leverage the capabilities of the hypervisor#
Hypervisors often come with the capacity to create a snapshot volumes and entire virtual machine. Create snapshots of volumes containing data and files after stopping TheHive, Cassandra and Elasticsearch applications.
For the restore process, begin by restoring the snapshots created with the hypervisor. This allows you to quickly revert to a previous state, ensuring that both the system configuration and application data are restored to their exact state at the time of the snapshot. Be sure to follow any additional procedures specific to your hypervisor to ensure the snapshots are properly applied and that the system operates as expected after the restore.