Showing results for 
Search instead for 
Did you mean: 

SIEM Backups

Due to NERC requirements we are being asked to validate our SIEM backups.  Is there a way to validate that we have good backups other than doing an actual restore?

I can view the backup.txt files in the ESMbackups folders to see that the jobs did complete successfully.

3 Replies

Re: SIEM Backups

You would need to actually restore the backup files to a SIEM of the same version that the backup files were created in.

Level 9
Report Inappropriate Content
Message 3 of 4

Re: SIEM Backups

Just in case here the SIEM best practices including backups of course:

Re: SIEM Backups

This article shows you how to validate the backups

How to restore a backup to the SIEM ESM Technical Articles ID:  KB80025

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community