Alex-Devera/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-04-28 19:28:50 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
tpotce/installer/bin/backup_elk.sh
Marco Ochse 2dc676868d scripts, configs, optimizations, dashboard base
2016-02-12 22:47:19 +01:00

62 lines
1.5 KiB
Bash
Executable file
Raw Blame History

#!/bin/bash
########################################################
# T-Pot #
# ELK DB backup script #
# #
# v0.01 by mo, DTAG, 2016-02-12 #
########################################################
myCOUNT=1
myDATE=$(date +%Y%m%d%H%M)
myELKPATH="/data/elk/"
myBACKUPPATH="/data/"
# Make sure not to interrupt a check
while true
do
if ! [ -a /var/run/check.lock ];
then break
fi
sleep 0.1
if [ "$myCOUNT" = "1" ];
then
echo -n "Waiting for services "
else echo -n .
fi
if [ "$myCOUNT" = "6000" ];
then
echo
echo "Overriding check.lock"
rm /var/run/check.lock
break
fi
myCOUNT=$[$myCOUNT +1]
done
# We do not want to get interrupted by a check
touch /var/run/check.lock
# Stop ELK to lift db lock
echo "Now stopping ELK ..."
service elk stop
sleep 10
# Backup DB in 2 flavors
echo "Now backing up Elasticsearch data ..."
tar cvfz $myBACKUPPATH"$myDATE"_elkall.tgz $myELKPATH
rm -rf "$myELKPATH"log/*
rm -rf "$myELKPATH"data/elasticsearch/nodes/0/indices/logstash*
tar cvfz $myBACKUPPATH"$myDATE"_elkbase.tgz $myELKPATH
rm -rf $myELKPATH
tar xvfz $myBACKUPPATH"$myDATE"_elkall.tgz -C /
#tar xvfz $myBACKUPPATH"$myDATE"_elkbase.tgz -C /
chmod 760 -R $myELKPATH
chown tpot:tpot -R $myELKPATH
# Start ELK
service elk start
echo "Now starting up ELK ..."
# Allow checks to resume
rm /var/run/check.lock
Reference in a new issue View git blame Copy permalink