Network Compatibility

The migration process involves starting an rsync server on the Destination server listening on port 8730 that the Source server connects to, to transfer the required files across. As part of this process the port is opened in the UFW firewall on the Destination server for the duration of the migration process.

The recommended network layout is for the Source and Destination servers to be connected to the same network with no firewalls or proxies between them. This allows the communications between the two servers to work without any problems. If it is not possible for the servers to exist on the same network and a firewall or proxy must be used, then problems may be experienced during the migration process. At a minimum the Source server needs to be able to directly connect to the Destination server on port 8730.

For help troubleshooting complex network configurations and issues with the migration process, please contact your Snare Support Representative.

Manual Event Archive Importer

Summary

In addition to the Migration process, there is also a helper script on the Snare Central which allows you to import only Snare Event Archive data from a Source server to a Destination server. This script uses SSH from the Destination server to login to the Source server and rsync the files across. It then wipes out the metadata to force a full regeneration with the new data. Since it uses rsync to copy the data, it can be run multiple times with the same Source with no negative impacts and minimal time spend on repeated imports. It can also be run against multiple Source servers to import data into a single Destination.

It does not copy any of the objective configuration or user data from the Source server. If this information is required, then the Migration process outlined in this document should be followed instead of this script.

The only requirement for this script is that the Destination server needs to be able to SSH into the Source server. Once this is working, the script can be run. Authentication can be done either via SSH Keys, or via a password which will be prompted for as part of the process.

How to run the script

SSH into the Destination server, and exit the Administration Menu.

Run this command to launch the script:

sudo /data/Snare/Supporting/System/ImportSnareArchives.php

Follow the prompts provided, and the script will update you with its progress. You can interrupt the script at any point using the key combination CTRL-C (hold control, and hit the C button). The script will resume from where it terminated, the next time it is executed. 

Once the script has completed, it will perform several tasks to integrate the newly acquired data into the destination server. This process may take several hours, depending on the volume of data received. The script will output a period/full stop (.) to your screen, for every 30 days of data that it processes. Note that the audit collection service on the destination machine will be disabled during this process, in order to preserve data integrity.