Overview of device group export and import
When multiple IBM Security Guardium Key Lifecycle Manager instances are maintained across operating systems, you might need to move device group data from one instance to another according to your business requirements. You can use the device group export and import operations to export and import data across IBM Security Guardium Key Lifecycle Manager instances with the same version as of the source IBM Security Guardium Key Lifecycle Manager instance, on the same or different operating systems, while maintaining data integrity. The exported device group data is encrypted and protected through a password.
Device groups for all the default device types are created during installation of IBM Security Guardium Key Lifecycle Manager. When you add a device type by using the graphical user interface or REST interface, the corresponding device group is created in the database. Name of the device group is same as the device type that you created.
Device group export
- Manifest file, which lists all the device group data files in the archive
- summary.json, which contains summary information for the device group
- Files specific to devices
- Files specific to keys
- Files specific to certificates
Device group import
Device group import conflicts
At times, the device group data that is imported might conflict with an existing data in the database. For example, a key in the imported device group might be a duplicate key of a device group in the current instance of IBM Security Guardium Key Lifecycle Manager where the data is being imported. When conflicts occur, they must be resolved before the import process can continue.
- Saving export file in the target IBM Security Guardium Key Lifecycle Manager server where the device group is being imported. You must have the same encryption password that was used for creating the export file to extract and decrypt data
- Evaluating duplicates between the data that is imported and the data in the target server
- Resolving the conflicts
- Importing device group data to the target server
You can view the list of conflicting items, if any, during device group import operation. Then, you can export the conflict information to a file in comma-separated values (CSV) format for further analysis.