Exporting data

Export compresses the data of the one day, midnight to midnight, into an encrypted file and sends it from a Guardium® collector to a Guardium aggregator, daily. The aggregator has its own schedule to import the encrypted export file. Archive and purge operations can be scheduled on both collectors and aggregators to speed up access operations on the internal database. Purge also frees up space.

Before you begin

The collector that sends the data and the aggregator to which it is sending data must have the identical System Shared Secret. If not, the export operation works, but the aggregator that receives the data is not able to decrypt the exported file and the import fails. For more information, see About System Shared Secret.

About this task

You can define one export configuration for each Guardium system.

To stop a scheduled export, clear the Export checkbox. You cannot stop an export after clicking Run once now.

Procedure

  1. Go to Manage > Data Management > Data Export
  2. Check Export.
  3. Specify the data to be exported:
    • Export data older than (required): specify a starting day for the export operation as a number of days, weeks, or months before the current day, which is day zero. Time is measured in calendar days. For example, if today is 24 April, all data that was captured on 23 April is one day old. To archive data yesterday’s data and data older than yesterday, specify 1 Day.
    • Ignore data older than: specifies how many days of data are archived. Guardium recommends always specifying Ignore data older than. Ignore data older than must always be greater than Export data older than. When left blank, you export data for all days previous to the date specified by Export data older than. The result is exporting the exact same days of data over and over again, overloading the network and the aggregator with redundant data.
    For example, to export daily data only: Export data older than=1 Day, and Ignore data older than=2 Day
  4. The Export Values box is checked by default, meaning all fields that contain sensitive fields are included in the exported data. Clear this option to mask all sensitive fields in the exported data, and replace the fields with Value~Removed.
  5. In the Host box, enter the IP address or DNS hostname of the aggregator to which this system’s encrypted data files are sent. You can optionally specify a second aggregator to export data to more than one aggregator. If you specify two aggregators, Guardium exports to both of them.
  6. Click Save to save the export configuration for this unit.
  7. Use Scheduling to define a schedule for running this operation.
  8. Click Apply: the system attempts to verify that the specified aggregator host accepts data from this unit. If the operation fails, the configuration is not saved, and system responds: A test data file could not be sent to this host. Please confirm the hostname or IP address is entered correctly and the host is online.
  9. Optional: Click Run Once Now to run the operation one time.

What to do next

Verify that the export operation succeeded. Go to Manage > Reports > Data Management > Aggregation/Archive Log. Each archive operation shows multiple activities. Check that the status of each activity is Succeeded.