configure_archive

Use this command to configure a data archive.

This API is available in Guardium V9.5 and later.

REST API syntax

This API is available as a REST service with the PUT method. Call this API as follows:
PUT https://[Guardium hostname or IP address]:8443/restAPI/configure_archive

GuardAPI syntax

configure_archive parameter=value

Parameters

Parameter Value type Description
accessKey String Required for Cleversafe; and for Amazon S3 when authType=Security-Credentials or authType=IAM-Role. Identifies user as the party responsible for service requests. It needs to be included it in each request. It is not confidential and does not need to be encrypted. (20-character, alphanumeric sequence).
archiveOlderThan Integer Required. Specifies the number of days, older than which data is archived. For example, to archive data starting with yesterday’s data, set this value to 1.
archiveValues Integer Required. Specify whether the archive data includes values from SQL strings. Valid values:
  • 0: no. Values are replaced with 'Value~Removed' in the archive, and are not available as part of a restore operation.
  • 1: yes. Values are maintained.
authType String Required for Amazon S3 only. Valid values:
  • Security-Credentials
  • IAM-Role
  • IAM-Instance-Profile
bucketName String Required for Amazon S3 and Cleversafe only. The unique bucket name.
destHost String Required for SCP, SFTP, Cleversafe only. Valid values:
  • SCP and SFTP: Host name of the target archive server.
ignoreOlderThan Integer Required. Together with archiveOlderThan, specifies the time interval of data to archive: data that is older than this value, in days, is not exported.
passwd String Required for SCP, SFTP. Valid values: Password for the target archive server.
passwdRetype String Required for SCP, SFTP. Password for the target archive server.
port Integer Required for SCP, SFTP only. Port on the target archive server.
protocol String Required. Protocol of the target destination.

For valid values, call configure_archive from the command line with --help=true.

region String Required for Amazon S3 only. Valid values:
  • US_EAST_1
  • US_EAST_2
  • US_WEST_1
  • US_WEST_2
  • EU_CENTRAL_1
  • EU_WEST_1
  • EU_WEST_2
  • EU_WEST_3
  • EU_NORTH_1
  • CA_CENTRAL_1
  • AP_SOUTHEAST_1
  • AP_SOUTHEAST_2
  • AP_NORTHEAST_1
  • AP_NORTHEAST_2
  • SA_EAST_1
  • CN_NORTH_1
  • CN_NORTHWEST_1
  • AP_SOUTH_1
  • GovCloud
  • US_GOV_EAST_1
retention Integer Required for Centera only. Number of days to retain the archive data on the target archive server.
roleARN String Required for Amazon S3 when authType=IAM-Role. The Amazon resource name (ARN) specifying this role.
secretKey String Required for Amazon S3 and Cleversafe only. The Secret Access Key is associated with the Access Key ID, used to calculate the digital signature that needs to be included in the request. (Only the user and AWS should have this 40-character sequence. )
ssh_key_active Boolean Enables data transfer using the SSH key. Enable the SSH key feature with the CLI command store system scp-ssh-key-mode on. Generate ssh-key pairs and copy the public part of the key, public-transfer-key, to the remote host. For more information, see Enabling ssh-key pairs for data archive, data export, data mart. Valid values:
  • 0: Disable
  • 1: Enable
Default = 0
targetDir String Required for SCP, SFTP, Cleversafe only. Valid values:
  • SCP, SFTP: The target directory on the target archive server.
  • Cleversafe: Authentication endpoint URL
userName String Required for SCP, SFTP only. User name for the target archive server.
api_target_host String

Specifies the target hosts where the API executes. Valid values:
  • all_managed: execute on all managed units but not the central manager
  • all: execute on all managed units and the central manager
  • group:<group name>: execute on all managed units identified by <group name>
  • host name or IP address of a managed unit: specified from the central manager to execute on a managed unit.  For example, api_target_host=10.0.1.123.
  • host name or IP address of the central manager: specified from a managed unit to execute on the central manager. For example, api_target_host=10.0.1.123.

IP addresses must conform to the IP mode of your network. For dual IP mode, use the same IP protocol with which the managed unit is registered with the central manager. For example, if the registration uses IPv6, specify an IPv6 address. The hostname is independent of IP mode and can be used with any mode.

Examples

To configure archive of data, with SQL strings, older than one day and younger than 2 days, on an SFTP server:

grdapi configure_archive archiveOlderThan=1 archiveValues=1 destHost=<full path to target archive host> ignoreOlderThan=2 passwd=pass1 passwdRetype=pass1  port=0 protocol=SFTP targetDir=/archive/dir
grdapi configure_archive archiveOlderThan=1 archiveValues=1 destHost=“10.10.10.10” ignoreOlderThan=30 protocol=“scp” targetDir=“/var/tmp” userName=“root” ssh_keys_active=1