Restoring archived data on an empty appliance

You can restore archived data to a stand-alone system that has no other audit data on it, and is designated for restoring and reviewing historical data. Use a stand-alone system to avoid interference with current data that is operating.

Before you begin

Restoring from Tivoli Storage Manager only: A dsm.sys configuration file must be uploaded to the Guardium® system. Use the CLI command: import tsm config.
Restoring from EMC Centera only: a .pea file must be uploaded to the Guardium system, in the Data Archive page.
If the target restore system is not the system that generated the archive, you must create a location entry in the catalog. Create the entry either with the Catalog Archive (Data and Result catalogs) or with the GuardAPI (create_entry_location). This entry enables the file transfer to the target restore system.
If the file was encrypted by a different Guardium system, make sure that the system shared secret used by the Guardium system that encrypted the file is available on this system. Otherwise, it cannot decrypt the file. See About System Shared Secret.

About this task

This procedure describes one method of adding a file record to a catalog. You can also move the file entry to the catalog by one of:

Run Export catalog entries on the Guardium system where the archive files were created, then run Import catalog entries on the target Guardium restore system.
Run create_entry_location on the target Guardium restore system, then run delete_entry_location on the Guardium system where the archive files were created.

Procedure

Go to Manage > Data Management > Catalog Archive.
Enter the start and end dates, optionally enter the hostname, and click Search.
If the archive files that you want are not in the list, add the entries manually:
1. Click Add. The Add Location pane opens.
2. Select the Storage System: the type of server that the files are saved on. The fields update accord to the server type. Some might be unavailable.
3. Enter values for:
  - File Name: name of archive file that you want to restore, in one of these formats:
    - <day of data>-<Guardium system name>-w<time of zip>-d<execution date>.dbdump.enc
    - <day of data>-<Guardium system name>-w<time of zip>-d<execution date>.agg.<sql ver>tar.gc.enc
  - Host Name: server on which the archive file is located
  - Path: full path to the archive file:
    - Amazon S3: bucket name
    - IBM COS: bucket name
    - EMC Centera: Centera clipID
    - SFTP (Formerly FTP): directory relative to the SFTP account home directory.
    - SCP: directory as an absolute path.
    - IBM Cloud: Container
    - Tivoli Storage Manager: path
  - User Name: user with read access to retrieve the archive file.
    - Amazon S3, IBM COS: Access Key ID
    - IBM Cloud: X-Auth-User
  - Password: password for the user.
    - Amazon S3: Secret Access Key
    - IBM COS: Secret Access Key
    - IBM Cloud: X-Auth-Key
  - Retention: number of days to store the data on the target restore system.
Click Save.
The entry is added to the catalog.
Go to Manage > Data Management > Data Restore.
The Data Restore Search Criteria window opens.
Select From and To dates to specify the time range for which you want data.
The Data Restore Search Results pane opens.
Optional: To filter the search results, enter the Host Name of the Guardium system from which the archive originated.
Click Search.
The Data Restore Search Results page opens, showing the records for all archive files from this Guardium system.
Optional: To prevent purging of restored data even though it meets the purge requirements on the target restore Guardium system: enter the number of days that you want to retain the restored data on the system in the Don't purge restored data for at least field, and click Apply.
Check the Select checkbox for each archive you want to restore.
Click Restore.
Click Done when you are finished.

What to do next

Verify that the restore operation status in Manage > Reports > Data Management > Restored Data is Succeeded.