After you have configured a sensor or console with customizations such as bundles, triggers, and dashboards or administrative changes such as adding new users, ExtraHop recommends that you periodically create system backups to make it easier to recover from a system failure. This guide explains how to automate system backups through the ExtraHop REST API with a Python script.
Before you begin
- You must log in to the sensor or console with an account that has unlimited privileges to generate an API key.
- You must have a valid API key to make changes through the REST API and complete the procedures below. (See Generate an API key.)
- Familiarize yourself with the ExtraHop REST API Guide to learn how to navigate the ExtraHop REST API Explorer.
The ExtraHop GitHub repository contains an example Python script that creates a backup file on a sensor or console and then downloads the backup file to the local machine. To automate system back ups, you can run this script periodically through a job scheduling application, such as cron.
|Note:||Because you cannot download a file through the REST API Explorer, you must create backups through the REST API with a command or script.|
|Important:||The example python script authenticates to the sensor or console through an API key, which is not compatible with the Reveal(x) 360 REST API. To run this script with Reveal(x) 360, you must modify the script to authenticate with API tokens. See the py_rx360_auth.py script in the ExtraHop GitHub repository for an example of how to authenticate with API tokens.|
- Go to the ExtraHop code-examples GitHub repository and download the create_backup/create_backup.py file to your local machine.
In a text editor, open the create_backup.py file and
replace the following configuration variables with information from your
HOST: The IP address or hostname of the sensor or console.
API_KEY: The API key.
BACKUP_NAME: The name of the backup. The current timestamp is appended to this name when a backup is created. For example, if BACKUP_NAME is set to Test, a backup created on May 4th might be named Test 2020-05-04 12-51-46.643813.
Run the following command:
Note: If the script returns an error message that the SSL certificate verification failed, make sure that a trusted certificate has been added to your sensor or console. Alternatively, you can add the verify=False option to bypass certificate verification. However, this method is not secure and not recommended. The following code sends an HTTP GET request without certificate verification:
requests.get(url, headers=headers, verify=False)