Restoring archived data on an empty appliance

You can restore archived data to a stand-alone system that has no other audit data on it, and is designated for restoring and reviewing historical data. Use a stand-alone system to avoid interference with current data that is operating.

Before you begin

  • Restoring from Tivoli Storage Manager only: A dsm.sys configuration file must be uploaded to the Guardium® system. Use the CLI command: import tsm config.
  • Restoring from EMC Centera only: a .pea file must be uploaded to the Guardium system, in the Data Archive page.
  • If the target restore system is not the system that generated the archive, you must create a location entry in the catalog. Create the entry either with Catalog Archive (Data and Result catalogs) or with the GuardAPI (create_entry_location). This entry enables the file transfer to the target restore system.
  • If the file was encrypted by a different Guardium system, make sure that the system shared secret used by the Guardium system that encrypted the file is available on this system. Otherwise, it cannot decrypt the file. See About System Shared Secret.

About this task

This procedure describes one method of adding a file record to a catalog. You can also move the file entry to the catalog by one of:

Procedure

  1. Click Manage > Data Management > Catalog Archive.
  2. Optional: Enter the start and end dates. Then, enter the hostname, and click Search.
  3. If the archive files that you want are not in the list, add the entries manually by clicking Add. The Add Location page opens.
    1. Select the Storage System: the type of server that the files are saved on. The fields update according to the server type. Some fields might not be available for a server type.
    2. Enter the name of the archive file that you want to restore.
      Tip: You can use one of the following formats:
      • <day of data>-<Guardium system name>-w<time of zip>-d<execution date>.dbdump.enc
      • <day of data>-<Guardium system name>-w<time of zip>-d<execution date>.agg.<sql ver>tar.gz.enc
    3. In the Host name field, enter the server name on which the archive file is located.
    4. In the Path field, specify the full path to the archive file.
      Tip:

      For Amazon S3 and IBM COS, specify the bucket name.

      For EMC Centera, specify the Centera clipID.

      For SFTP (Formerly FTP), specify the directory relative to the SFTP account home directory.

      For SCP, specify the directory as an absolute path.

      For IBM Cloud, specify the container.

    5. Enter the username for the user with read access to retrieve the archive file.
      Tip:

      For Amazon S3 and IBM COS, specify the Access Key ID.

      For IBM Cloud, specify the X-Auth-User.

    6. Enter the password for the user based on the type of server as follows:
      Tip:

      For Amazon S3 and IBM COS, specify the Secret Access Key.

      For IBM Cloud, specify the X-Auth-Key.

    7. In the Retention field, enter the number of days to store the data on the target restore system and click Save.
      The entry is added to the catalog.
  4. Click Manage > Data Management > Data Restore.
    The Data Restore Search Criteria window opens.
  5. Select From and To dates to specify the time range for which you want data.
    The Data Restore Search Results page opens.
  6. Optional: To filter the search results, enter the Host Name of the Guardium system from which the archive originated.
  7. Click Search.
    The Data Restore Search Results page opens, showing the records for all archive files from this Guardium system.
  8. Optional: To prevent purging of restored data even though it meets the purge requirements on the target restore Guardium system: enter the number of days that you want to retain the restored data on the system in the Don't purge restored data for at least field. Then click Apply.
  9. Check the Select checkbox for each archive you want to restore.
  10. Click Restore and then click Done when you are finished.

What to do next

Verify that the restore operation status in Manage > Reports > Data Management > Restored Data is Succeeded.