SteveMcGrath/sc-backup.sh

## sc-backup.sh
#!/bin/bash
## SecurityCenter Backup Script
#
# This script is intended to create backups of all of the SecurityCenter data
# on a daily/weekly/monthly/etc. basis.  This is intended to be run as a cronjob
# and expect the SysAdmin to have configured the root@localhost mail alias to
# route through their email system in-case of errors.  An example of how to run
# this as a cronjob is below:
#
# 1 45 * * * root /opt/scripts/backups/sc-backup.sh
#
# The latest version can be found at:
# https://gist.github.com/SteveMcGrath/6296691
#
# Copyright (c) 2020 Steven McGrath
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in all
# copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
# SOFTWARE.
#

#### CONFIGURATION

# This is the base path for backups.  This could be a NFS share, local storage,
# a backup LUN, etc.
BACKUP_PATH=/backup/sc

# Whats the maximum amount of time that we want to wait before timing out the
# backup?
TIMEOUT=1800

#### DO NOT EDIT BELOW THIS LINE

## Shutdown Function
#
# This function will shudown SecurityCenter and will not return back until all
# SecurityCenter related processes are completed.  If we end up having to wait
# past the TIMEOUT value, then it will drop out as well.
function shutdown_securitycenter()
{
	local is_running=1 # True
	local start_time=$(date +%s)
	local tns_process_count=1
	service SecurityCenter stop
	while [ $is_running -eq 1 ]; do
		tns_process_count=$(set -o pipefail; ps -U tns --no-headers | wc -l)
		if [ ${tns_process_count:-1} -eq 0 ]; then
			is_running=0 # False
		else
			sleep 1
			if [ $(( $(date +%s) - $start_time )) -gt $TIMEOUT ]; then
				is_running=2 # Timeout
			fi
		fi
	done
	return $is_running
}

## Backup Generator
#
# Here is where we will actually perform the backup.  The tarball that we
# generate will ONLY contain SecurityCenter data, not the binaries, scripts,
# or code that is installed along with SecurityCenter.  This makes the data more
# portable in the end as its no longer dependent on architecture, simply just
# the version of SC that it was backed up from.
function backup_securitycenter()
{
	local rc
	local sc_version=$(rpm -q --qf '%{v}' SecurityCenter)
	local bdate=$(date +%Y-%m-%d)
	local tarball="${BACKUP_PATH}/sc-backup-${bdate}.${sc_version}.tar.gz"
	local -a bfiles
	local -a excludes
	bfiles=(
		~tns/admin
		~tns/data
		~tns/orgs
		~tns/repositories
		~tns/*db
	)
	# Uncomment the lines below if you want to exclude the data from the backup
	excludes=(
	#	--exclude="VDB/*"
	#	--exclude="repositories/*"
	)

	tar -zcf "$tarball" ${excludes[@]} "${bfiles[@]}"
	rc=$?
	if [ $rc -ne 0 ]; then
		mv $tarball "${tarball/sc-backup-/sc-backup-errors-}"
	fi

	return $rc
}

## Main Loop
#
# Now lets actually perform the backup.  If there is an error with shutting
# everything down, then print out the processes that are still running.  Lastly,
# start everything back up.

if shutdown_securitycenter; then
	if ! backup_securitycenter; then
		echo 'CRITICAL: Backup had errors.'
	fi
else
	echo 'CRITICAL: Could not Shutdown SecurityCenter within specified timeout.'
	echo 'CRITICAL: Processes Still Running:'
	ps fU tns
fi

service SecurityCenter start
	#!/bin/bash
	## SecurityCenter Backup Script
	#
	# This script is intended to create backups of all of the SecurityCenter data
	# on a daily/weekly/monthly/etc. basis. This is intended to be run as a cronjob
	# and expect the SysAdmin to have configured the root@localhost mail alias to
	# route through their email system in-case of errors. An example of how to run
	# this as a cronjob is below:
	#
	# 1 45 * * * root /opt/scripts/backups/sc-backup.sh
	#
	# The latest version can be found at:
	# https://gist.github.com/SteveMcGrath/6296691
	#
	# Copyright (c) 2020 Steven McGrath
	#
	# Permission is hereby granted, free of charge, to any person obtaining a copy
	# of this software and associated documentation files (the "Software"), to deal
	# in the Software without restriction, including without limitation the rights
	# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
	# copies of the Software, and to permit persons to whom the Software is
	# furnished to do so, subject to the following conditions:
	#
	# The above copyright notice and this permission notice shall be included in all
	# copies or substantial portions of the Software.
	#
	# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
	# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
	# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
	# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
	# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
	# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
	# SOFTWARE.
	#

	#### CONFIGURATION

	# This is the base path for backups. This could be a NFS share, local storage,
	# a backup LUN, etc.
	BACKUP_PATH=/backup/sc

	# Whats the maximum amount of time that we want to wait before timing out the
	# backup?
	TIMEOUT=1800

	#### DO NOT EDIT BELOW THIS LINE

	## Shutdown Function
	#
	# This function will shudown SecurityCenter and will not return back until all
	# SecurityCenter related processes are completed. If we end up having to wait
	# past the TIMEOUT value, then it will drop out as well.
	function shutdown_securitycenter()
	{
	local is_running=1 # True
	local start_time=$(date +%s)
	local tns_process_count=1
	service SecurityCenter stop
	while [ $is_running -eq 1 ]; do
	tns_process_count=$(set -o pipefail; ps -U tns --no-headers \| wc -l)
	if [ ${tns_process_count:-1} -eq 0 ]; then
	is_running=0 # False
	else
	sleep 1
	if [ $(( $(date +%s) - $start_time )) -gt $TIMEOUT ]; then
	is_running=2 # Timeout
	fi
	fi
	done
	return $is_running
	}

	## Backup Generator
	#
	# Here is where we will actually perform the backup. The tarball that we
	# generate will ONLY contain SecurityCenter data, not the binaries, scripts,
	# or code that is installed along with SecurityCenter. This makes the data more
	# portable in the end as its no longer dependent on architecture, simply just
	# the version of SC that it was backed up from.
	function backup_securitycenter()
	{
	local rc
	local sc_version=$(rpm -q --qf '%{v}' SecurityCenter)
	local bdate=$(date +%Y-%m-%d)
	local tarball="${BACKUP_PATH}/sc-backup-${bdate}.${sc_version}.tar.gz"
	local -a bfiles
	local -a excludes
	bfiles=(
	~tns/admin
	~tns/data
	~tns/orgs
	~tns/repositories
	~tns/*db
	)
	# Uncomment the lines below if you want to exclude the data from the backup
	excludes=(
	# --exclude="VDB/*"
	# --exclude="repositories/*"
	)

	tar -zcf "$tarball" ${excludes[@]} "${bfiles[@]}"
	rc=$?
	if [ $rc -ne 0 ]; then
	mv $tarball "${tarball/sc-backup-/sc-backup-errors-}"
	fi

	return $rc
	}

	## Main Loop
	#
	# Now lets actually perform the backup. If there is an error with shutting
	# everything down, then print out the processes that are still running. Lastly,
	# start everything back up.

	if shutdown_securitycenter; then
	if ! backup_securitycenter; then
	echo 'CRITICAL: Backup had errors.'
	fi
	else
	echo 'CRITICAL: Could not Shutdown SecurityCenter within specified timeout.'
	echo 'CRITICAL: Processes Still Running:'
	ps fU tns
	fi

	service SecurityCenter start