Configuring apps running on an integration server
The Disaster Recovery system works with apps that run on an integration server, which is
a remote system - not on the receiver or master systems. To configure your apps to work when you run
the Disaster Recovery playbooks, you must update the
app.config file on the
integration server to point to the active SOAR instance.
You do not need to complete this configuration if you have configured the client to use an FQDN for which the DNS record has been updated. You only need to complete the following configuration if the address (IP address or host name) used by the apps needs to be updated.
Complete the following steps to configure your apps when running the DR playbooks to promote the receiver or to swap the master and receiver.
For information about the integration server, see the Integration Server Guide.
Before running the Disaster Recovery playbooks, stop Resilient Circuits on the remote
integration server. If the integration server is on a Linux system, the command is:
sudo systemctl stop resilient_circuitsIf the integration server is on a Windows system, the command is:
resilient-circuits.exe service stop
- Run the DR Ansible playbook to promote the receiver or to swap the master and receiver, as described in Running Disaster Recovery Ansible playbooks.
- Update the
app.configfile on the integration server to specify the IP address or FQDN of the newly active SOAR appliance.
- If you want the SOAR server certificate to be verified, complete the following
- Open the
- Check that the host parameter is correct, for
- Comment out the following line:
- Add the following line:
- Save the changes to the
- Copy the cert from the appliance by running a command similar to the
openssl s_client -connect <IP_Address> -showcerts < /dev/null 2> /dev/null | openssl x509 -outform PEM > ~/.resilient/cert.cer
Refer to the Integration Server Guide for more information about managing the SSL certs.
- Open the
resilient-circuitson the remote host.Note: If you did not make copies of the example integration configuration on your appliance, such as example rules or workflow, but instead updated these examples to get them working with your setup, if you run
resilient-circuits customizeagain and agree for the setup to be pushed to the appliance, it overwrites the changes that you made with the default integration values.