FortiSIEM
FortiSIEM provides Security Information and Event Management (SIEM) and User and Entity Behavior Analytics (UEBA)
Andy_G
Staff
Staff
Article Id 190928

Description

This article describes how to backup and restore event DB for FortiSIEM. 


Solution

Backup

In order to back up the data from event DB, situate the event data stored in /data/eventdb. Since this data can become very large over time, a program such as rsync can be used to incrementally move the data to another location.

Restore

In order to restore the event DB data Simply mount the directory where the event database was backed up.

$ sudo mkdir /media/newhd

$ sudo mount /data/eventdb /media/newhd

$ df -H

It is important to note that the event data logs are stored in a proprietary event database.

 

 

Related Articles

Technical Note: How to Migrate the eventdb/data to NFS - RSYNC

Technical Note: How to migrate data to NFS share - INTERNAL

Technical Note: [Accelops KB] How to configure Event DB backup with Remote Share

Contributors