search

SecurityRiskAdvisors / VECTR

VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities across different attack scenarios
1.36k stars 161 forks source link

Restore Database? #148

Closed geodaftw closed 2 years ago

geodaftw commented 2 years ago

I cannot find anywhere in the documentation that shows how to restore a database that was backed up through the VECTR GUI. Databases > Backup Databases. I see that it is placed into the /opt/vectr/resources/backup/ directory.

Is there a way to import or restore a database that is backed up through the above method?

Currently, I am using docker + mongodump/mongorestore to conduct the backup and restore of the database. Is this the preferred method?

SRAPSpencer commented 2 years ago

The Databases > Backup Databases is actually some legacy functionality that was never fully completed. It does make a backup but there is no restore functionality for this at this time.

Using mongodump/mongorestore is a fine way to handle backups. We do have functionality built in to check the /opt/vectr/user/mongo (or relative path wherever VECTR is run from) to restore any mongodump found IF there is no database present at container startup.

geodaftw commented 2 years ago

Understood. Thank you. I was searching around and was confused on what exactly Databases > Backup Databases was used for, as all import ability is either json/yaml (mitre and atomic red team) or taxii server. The reason I asked is that I was looking at ways to migrate databases in case we wanted to move our data to another instance of VECTR.

I will continue using mongodump/mongorestore. Thank you!

SRAPSpencer commented 2 years ago

There's currently no functionality for moving completed data between VECTR instances.

If you do spin up a new instance before doing the "docker-compose up" simply place the extracted .tgz into the user/mongo folder. The structure should have all the DBs as subdirectories. For example

$ pwd /opt/vectr/user/mongo $ ls -la drwxr-xr-x 14 root root 4096 Oct 19 02:52 . drwxr-xr-x 4 root root 4096 Oct 19 02:52 .. drwxr-xr-x 2 root root 4096 Oct 19 02:52 AuditBackup drwxr-xr-x 2 root root 4096 Oct 19 02:52 DEMO_PURPLE_CE drwxr-xr-x 2 root root 4096 Oct 19 02:52 GoldStandard drwxr-xr-x 2 root root 4096 Oct 19 02:52 MigrationSystem drwxr-xr-x 2 root root 4096 Oct 19 02:52 SRAUSERDB drwxr-xr-x 2 root root 4096 Oct 19 02:52 SystemConfig