tpotce/installer/bin/backup_elk.sh

#!/bin/bash

########################################################
# T-Pot                                                #
# ELK DB backup script                                 #
#                                                      #
# v16.10.0 by mo, DTAG, 2016-05-12                     #
########################################################
myCOUNT=1
myDATE=$(date +%Y%m%d%H%M)
myELKPATH="/data/elk/"
myBACKUPPATH="/data/"

# Make sure not to interrupt a check
while true
do
  if ! [ -a /var/run/check.lock ];
    then break
  fi
  sleep 0.1
  if [ "$myCOUNT" = "1" ];
    then
      echo -n "Waiting for services "
    else echo -n .
  fi
  if [ "$myCOUNT" = "6000" ];
    then
    echo
    echo "Overriding check.lock"
    rm /var/run/check.lock
    break
  fi
  myCOUNT=$[$myCOUNT +1]
done

# We do not want to get interrupted by a check
touch /var/run/check.lock

# Stop ELK to lift db lock
echo "Now stopping ELK ..."
systemctl stop elk
sleep 10

# Backup DB in 2 flavors
echo "Now backing up Elasticsearch data ..."
tar cvfz $myBACKUPPATH"$myDATE"_elkall.tgz $myELKPATH
rm -rf "$myELKPATH"log/*
rm -rf "$myELKPATH"data/elasticsearch/nodes/0/indices/logstash*
tar cvfz $myBACKUPPATH"$myDATE"_elkbase.tgz $myELKPATH
rm -rf $myELKPATH
tar xvfz $myBACKUPPATH"$myDATE"_elkall.tgz -C /
chmod 760 -R $myELKPATH
chown tpot:tpot -R $myELKPATH

# Start ELK
systemctl start elk
echo "Now starting up ELK ..."

# Allow checks to resume
rm /var/run/check.lock
scripts, configs, optimizations, dashboard base 2016-02-12 21:47:19 +00:00			`#!/bin/bash`

			`########################################################`
			`# T-Pot #`
			`# ELK DB backup script #`
			`# #`
very basic installation stuff 2016-05-12 17:26:06 +00:00			`# v16.10.0 by mo, DTAG, 2016-05-12 #`
scripts, configs, optimizations, dashboard base 2016-02-12 21:47:19 +00:00			`########################################################`
			`myCOUNT=1`
			`myDATE=$(date +%Y%m%d%H%M)`
			`myELKPATH="/data/elk/"`
			`myBACKUPPATH="/data/"`

			`# Make sure not to interrupt a check`
			`while true`
			`do`
			`if ! [ -a /var/run/check.lock ];`
			`then break`
			`fi`
			`sleep 0.1`
			`if [ "$myCOUNT" = "1" ];`
			`then`
			`echo -n "Waiting for services "`
			`else echo -n .`
			`fi`
			`if [ "$myCOUNT" = "6000" ];`
			`then`
			`echo`
			`echo "Overriding check.lock"`
			`rm /var/run/check.lock`
			`break`
			`fi`
			`myCOUNT=$[$myCOUNT +1]`
			`done`

			`# We do not want to get interrupted by a check`
			`touch /var/run/check.lock`

			`# Stop ELK to lift db lock`
			`echo "Now stopping ELK ..."`
very basic installation stuff 2016-05-12 17:26:06 +00:00			`systemctl stop elk`
scripts, configs, optimizations, dashboard base 2016-02-12 21:47:19 +00:00			`sleep 10`

			`# Backup DB in 2 flavors`
			`echo "Now backing up Elasticsearch data ..."`
clean up, update readme 2016-03-09 13:05:06 +00:00			`tar cvfz $myBACKUPPATH"$myDATE"_elkall.tgz $myELKPATH`
scripts, configs, optimizations, dashboard base 2016-02-12 21:47:19 +00:00			`rm -rf "$myELKPATH"log/*`
			`rm -rf "$myELKPATH"data/elasticsearch/nodes/0/indices/logstash*`
			`tar cvfz $myBACKUPPATH"$myDATE"_elkbase.tgz $myELKPATH`
			`rm -rf $myELKPATH`
clean up, update readme 2016-03-09 13:05:06 +00:00			`tar xvfz $myBACKUPPATH"$myDATE"_elkall.tgz -C /`
scripts, configs, optimizations, dashboard base 2016-02-12 21:47:19 +00:00			`chmod 760 -R $myELKPATH`
			`chown tpot:tpot -R $myELKPATH`

			`# Start ELK`
very basic installation stuff 2016-05-12 17:26:06 +00:00			`systemctl start elk`
scripts, configs, optimizations, dashboard base 2016-02-12 21:47:19 +00:00			`echo "Now starting up ELK ..."`

			`# Allow checks to resume`
			`rm /var/run/check.lock`