1 Reply Latest reply on Feb 3, 2014 9:24 AM by rth67





      We're about to do a SIEM full backup for the whole database of the ESM. This will cover approximately 6TB.


      Will there be a compression for this?


      Another thing we are concerned is the backup time period. Can it reach more than 3 days?


      I understand that all events will be coming in to the Receiver and until the ESM is available, it will consume hard drive space. How can I monitor this? Will the df -h command suffice?

        • 1. Re: SIEM BACKUP

          It depends partially on what you are backing up to, a Redundant SIEM, SAN Storage (SSD, Fiber Channel, iSCSI, SATA), NFS or CIFS Share, DAS? Speed of the network / switches backing up over (LAN or WAN)?


          We replaced our Primary ESM last year, did a Full Backup to the Redundant, then did a copy to the new / replacement X3, at the time we had over 4TB of data on the ESM itself (did not have to backup / copy the data on the attached DAS as the new ESM would be attached to same).


          As I recall it took a little over a day for each copy / backup.


          You can use the df - h to monitor the space on your Receiver's.