How to backup Graylog
Graylog
Files
Copy both files somewhere safe:
/etc/graylog/server/server.conf/etc/default/graylog-server
Configuration (MongoDB)
Backup:
mongodump --out graylog_backup_$(date "+%Y-%m-%d")/mongodbThen copy the generated file somewhere safe.
Restore (not tested yet):
mongorestore graylog_backup_xxx
Elasticsearch (DB)
Configurations
Copy both files somewhere safe:
/etc/elasticsearch/elasticsearch.yml/etc/elasticsearch/jvm.options
Logs
Source: Snapshot module | Elasticsearch Guide [7.10]
These Steps has to be done only once
-
Create a backup folder (in this example: /home/backup)
-
In
/etc/elasticsearch/elasticsearch.ymladdpath.repo: /home/backup
can be done using the command:echo 'path.repo: /home/backup' >> /etc/elasticsearch/elasticsearch.yml -
register a snapshot repository:
curl -X PUT "localhost:9200/_snapshot/es_backup?pretty" -H 'Content-Type: application/json' -d' {"type": "fs","settings": {"location": "es_backup"}}' -
retrieve information about a registered repository: (Optional)
curl -X GET "localhost:9200/_snapshot/es_backup?pretty"
These Steps has to be done every time
-
Create a snapshot:
curl -X PUT "localhost:9200/_snapshot/es_backup/%3Csnapshot-%7Bnow%2Fd%7D%3E?wait_for_completion=true&pretty"
Or if you want the process to run in the background:
curl -X PUT "localhost:9200/_snapshot/es_backup/%3Csnapshot-%7Bnow%2Fd%7D%3E?pretty" -
List all snapshots
curl -X GET "localhost:9200/_snapshot/es_backup/_all?pretty" -
Restore a snapshot:
curl -X POST "localhost:9200/_snapshot/es_backup/snapshot-xxx/_restore?pretty" -
Delete a snapshot:
curl -X DELETE "localhost:9200/_snapshot/es_backup/snapshot-xxx?pretty"