Restore can only be done with the same version, same Maintenance Release.
NG: esm 10.0 <- restore 9.6.x backup files
Ok: esm 10.0 <- restore 10.0.0 backup files
Now I have deployed the ESM 9.6.0 's Virtual Machine and trying to restore the backup taken but still I am not getting the assets in the physical display of the ESM. Some how the backed up settings are not getting applied.
Have you restarted after the restore?
Rebooting after restoration is mandatory.
Of course ACE and ERC also need to be restarted.
I would recommend a tail -f /var/log/messages when you do the restore, so you would know when the restoration is finished.
The issue was identified it was a missing MR version due to which the database restore was failing.
Now I am facing a new issue that is after the database restore and SIEM system reboot I am getting the below error.
'The database is unavailable at this time. Checking for availability.'
Any idea what could have been wrong.?
This occurs either when an upgrade is occurring or the database has errors.
Look inside /usr/local/ess/data/NitroError.Log and /var/log/message.
If there are DB errors you can fix them with DBCheck (this example fixes Log table):
DBCheck -d '/usr/local/ess/data/ngcp.dfl|127.0.0.1|1111' -c
DBCheck -d '/usr/local/ess/data/ngcp.dfl' -c
DBCheck -d '/usr/local/ess/data/ngcp.dfl' -t "Log" -r
/var/log/message shows the below info:
McAfee cpservicectl: info: Waiting on dbserverd to finish starting
Assuming this took too long you can try the following.
service cpservice stop
service dbserver stop
and then run the DBCheck commands from my previous post. Fortunately this will find some table corruption and fix it.
1 of 1 people found this helpful
Ok, The Restore procedure is as follows
1. build ESM 9.6.0
2. prepair to backup file.(must to the same version to ESM/ERC/ACE..)
so 9.6.0 backup file
4. tail -f /var/log/messages
but nothing messages like "Restore has done".
5. Wait until you can login to the GUI.
This is the only restoration completion message.
6. ESM reboot.
7. ERC/ACE restore
8. Wait about 15 minutes.
9. ERC/ACE reboot.