How to migrate live Data (ES data) from one location to another | Linux

How to migrate live Data (ES data) from one location to another | Linux

Objective 

This article provides a detailed step-by-step guide to migrate EventLog Analyzer live data or data stored in Elasticsearch (ES) to a different location or server.

 Prerequisites

  • Access to the EventLog Analyzer console as an admin
  • Access to the EventLog Analyzer directory with root/sudo or high privilege access to move files and execute .sh files.
  • The remote folder location should be accessible from the Linux server on which EventLog Analyzer is installed. 

Steps to follow

Step 1: Stop EventLog Analyzer.
If running as a service:
  1. Navigate to <EventLog Analyzer Home>\bin and execute the sh configureAsService.sh -t command
If running as an application:
  1. Navigate to the <EventLog Analyzer Home>\bin directory. Execute shutdown.sh file in the terminal.
NOTE: <EventLog Analyzer Home> refers to EventLog Analyzer installation directory. Default location: /opt/ManageEngine/EventLog

Step 2: Execute shutdown.sh, stopDB.sh, and stopSEC.sh from the <EventLog Analyzer Home>/bin directory to stop the product from the installation directory.
Step 3: Copy the ES live data, archive, and repo folders to a new location. The default locations of the ES live data, archive, and repo folders are:
  1. /opt/ManageEngine/EventLog Analyzer/ES/data
  2. /opt/ManageEngine/EventLog Analyzer/ES/repo
  3. /opt/ManageEngine/EventLog Analyzer/ES/archive

    Note: Do not move the files directly. It is recommended to copy the files instead. Once the instance is successfully up and running, you may delete the original files if needed.
Step 4: Navigate to <EventLog Analyzer Home>/ES/config and open elasticsearch.yml in a text editor, and update the path.data and path.repo values accordingly.
Step 5: Execute initES.sh from the <EventLog Analyzer Home>\ES\bin directory.
Step 6: Navigate to <EventLog Analyzer Home>\bin and execute the below command to start the service:
sh configureAsService.sh -s
Step 7: The migration is now complete.

For more details, refer to data migration in EventLog Analyzer 

Tips

  1. Do not delete any files or folders from the current EventLog Analyzer/ES folder until the migration is confirmed to be successful.
  2. It is always recommended to set live logs in the local path or directly attached storage, as network connectivity issues in remote setups might disrupt the connection, which leads to CachedRecord creation.
  3. Set low live log retention based on your frequently searched duration in Settings > Admin settings > Retention settings to manage the storage effectively.

Related topics and articles

  1. How to migrate the EventLog Analyzer Standalone edition to a different server or drive: Linux to Linux


      New to M365 Manager Plus?
      New to M365 Manager Plus?
        New to RecoveryManager Plus?
        New to RecoveryManager Plus?
          New to Exchange Reporter Plus?
          New to Exchange Reporter Plus?
            New to SharePoint Manager Plus?
            New to SharePoint Manager Plus?
                See all integrations
                New to ADManager Plus?
                See all integrations
                New to ADManager Plus?

                  New to ADSelfService Plus?

                  Start your free trial
                  Start your free trial

                      Related Products