Backup and restoration

To recover from any data loss that might occur, regularly back up the data in your IBM Cloud Pak® for Security and integrated databases. You can use the backup to support a disaster recovery that requires a redeployment of your environment.

About this task

The backup and restoration process for IBM Cloud Pak for Security covers the main data stores within the system.

The following data is backed up and restored when you complete the process:

User Entitlement
User entitlements are maintained through the backup and restoration process.
Note: The LDAP configuration is managed through IBM® Cloud Platform Common Services and is not part of the IBM Cloud Pak for Security backup and restoration procedure. If the LDAP configuration is lost, you must re-create it before you start the IBM Cloud Pak for Security restoration procedure. For more information, see Configuring LDAP authentication.
IBM® Security Data Explorer
Data sources connections, configuration, and queries are maintained through the backup and restoration process.
IBM Security Case Management
All Case Management data is maintained through the backup and restoration process.

Note: IBM® Security Data Explorer query results, including the results of queries that are saved in Case artifacts, are not retained through the backup and restoration process. After a backup and restoration process is completed, if you try to open a pre-existing query in Data Explorer from the Case that was created in relation to it, an error is displayed.

Before you begin

Cluster administrator level privileges are required to complete the backup and restoration process.

To install Cloud Pak for Security, you configure a suitable storage class in the cluster. You support the configuration by one or more persistent volumes of suitable size. For more information about storage, see Persistent storage requirements.

You provide secure storage for the backups that is mounted as a Persistent Volume Claim (PVC) in a pod. The backup and restoration process uses a common Toolbox pod, which contains all of the necessary utilities that are required for the backup and restoration process. The Toolbox is deployed automatically as part of the installation or upgrade of IBM Cloud Pak® for Security.

When the backups are run, the data is stored on the PVC. For the Toolbox, you can opt to provision your own storage instead of using the defaults specified for installation. For more information, see Creating a persistent volume claim for the Toolbox

Backup process

The backup process is outlined in the following overview.

  1. Create a Persistent Volume Claim (optional).
  2. Run the backup scripts.
    a. CouchDB
    b. ArangoDB
    c. IBM® Security Case Management
    Backup data is stored in the PVC that is mounted in the Toolbox pod.
    Note: The secrets that are associated with those databases are backed up as part of the script.

Restoration process

The restoration process is outlined in the following overview.

  1. Run the restoration script for each database.
    a. CouchDB
    b. ArangoDB
    c. IBM® Security Case Management
    Backup data is restored from the PVC that is mounted in the Toolbox pod.
  2. When all of the components are restored, run the postrestoration script.

After the restoration script is completed, the data is restored and the IBM Cloud Pak for Security system returns to the state at the time of the backup.