Data back up and restore

You can use a command-line interface (CLI) script to back up data that is stored on IBM® QRadar® SIEM Console managed hosts.

You can use the CLI script to restore IBM QRadar Risk Manager after a data failure or hardware failure on the appliance.

A backup script is included in QRadar Risk Manager, which can be scheduled by using crontab. The script automatically creates a daily archive of QRadar Risk Manager data at 3:00 AM. By default, QRadar Risk Manager keeps the last five backups. If you have network or attached storage, you must create a cron job to copy QRadar Risk Manager back archives to a network storage location.

The backup archive includes the following data:

QRadar Risk Manager device configurations
Connection data
Topology data
Policy Monitor questions
QRadar Risk Manager database tables

For information about migrating from QRadar Risk Manager Maintenance Release 5 to this current release, see the IBM QRadar Risk Manager Migration Guide.