Re: [security-onion] Backing-up SO Databases

161 views
Skip to first unread message

Doug Burks

unread,
May 20, 2013, 5:18:38 PM5/20/13
to securit...@googlegroups.com
Hi Harvii,

To ensure a consistent database, you'll want to stop all services as follows:

sudo service nsm stop
sudo service syslog-ng stop
sudo service apache2 stop
sudo pkill autossh
sudo pkill perl

Hope that helps!

Thanks,
Doug

On Sun, May 19, 2013 at 9:33 AM, Harvii Dent <harvi...@gmail.com> wrote:
> Hello Everyone,
>
> I'm having a problem with the ibdata1 file under "/var/lib/mysql/" which is rapidly growing and has reached 16 GBs on the master SO server and on one of the sensors.
> This is a common problem with InnoDB tables and the fix is basically to drop and then restore the database (after adding innodb_file_per_table), as described here:
>
> http://stackoverflow.com/questions/3927690/howto-clean-a-mysql-innodb-storage-engine
>
> Before attempting the method described above I want to backup the databases, are there any specifics that should be taken in consideration (i.e. mysqldump options)?
>
> I've never backed up a MySQL DB before so I'm wondering how SO users handle it? what processes services need to be stopped? etc.
>
> Thanks
>
> --
> You received this message because you are subscribed to the Google Groups "security-onion" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to security-onio...@googlegroups.com.
> To post to this group, send email to securit...@googlegroups.com.
> Visit this group at http://groups.google.com/group/security-onion?hl=en-US.
> For more options, visit https://groups.google.com/groups/opt_out.
>
>



--
Doug Burks
http://securityonion.blogspot.com

Doug Burks

unread,
May 21, 2013, 2:03:39 PM5/21/13
to securit...@googlegroups.com
On Tue, May 21, 2013 at 5:34 AM, Harvii Dent <harvi...@gmail.com> wrote:
> I also have a question regarding restoring the database in the case of a complete disaster; which sequence is correct:
> Run SO setup on master server >> Run SO setup on remote sensors >> restore the databases

That's probably the better strategy but, as with all things
backup-related, you should fully test your backup and recovery method
to make sure it is going to work for you.

Doug
Reply all
Reply to author
Forward
0 new messages