- CheckMates
- :
- Products
- :
- Quantum
- :
- Management
- :
- Re: Script to run migrate export backup
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Script to run migrate export backup
hi,
How can we schedule the migrate export backup everyday and push it to another server with the backup file name with date. Tried with job scheduler but there we find some limitation.
Regards,
Sagar Manandhar
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
hi all,
my day arrived...here my first entry into this fantastic learning-, information- and knowledge-exchange-platform...
we have a similar problem...we do use a dedicated linux machine to connect to all our outside firewall systems to execute and get the backups home (clish and migrate export)...all is working fine...also on mds systems...now since we have upgraded the mds to r80.20, we noticed that those scripts does not finish the execution.
executing the script with bash -x we see that the mds_backup command is not ended even though on the mds all system where restarted and the file was created...ssh session is still alive but hanging in this command...after more then 30min waiting, the command can be stopped by pressing ctrl-C...
this is my last output from the bash -x command:
+ bck_mdm-export_scp-lgin-wiho_pw
++ /usr/bin/ssh -oConnectTimeout=5 -nq admin@10.93.255.191 -p 22 'rm -f /var/log/CPbackup/backups/*.tgz; /opt/CPmds-R80.20/scripts/mds_backup -g -b -s -i -l -d /var/log/CPbackup/backups'
then pressing ctrl-C
^C+ send_email-on-error
++ grep -v '^=.*=$' /tmp/wit.fwbck.U1qo0uR
+ emptyLog=
+ [[ 1 -eq 0 ]]
+ delete_log-file
+ echo
+ rm -f /tmp/wit.fwbck.U1qo0uR
+ exit
function in script:
function bck_mdm-export_scp-lgin-wiho_pw() {
$($sshStart $USER@$IP -p $PORT 'rm -f /var/log/CPbackup/backups/*.tgz; /opt/CPmds-R80.20/scripts/mds_backup -g -b -s -i -l -d /var/log/CPbackup/backups' >/dev/null 2>&1 )
# $($sshStart $USER@$IP -p $PORT 'rm -f /var/log/CPbackup/backups/*.pema; touch pema.pema.pema' >/dev/null 2>&1 )
if [[ $? -eq "0" ]]
then
scp -q -P $PORT $USER@$IP:/var/log/CPbackup/backups/$(date +%-d%b%Y)*.$filenameSufix $pathFilenamePrefix.$filenameSufix >/dev/null 2>&1
if [[ $? -eq "0" ]]
then
$(tar tf $pathFilenamePrefix.$filenameSufix >/dev/null 2>&1)
if [[ $? -eq "0" ]]
then
chmod o+r $pathFilenamePrefix.$filenameSufix
fileSize=$(du -h $pathFilenamePrefix.$filenameSufix | cut -f1)
echo -e "NEW File\t$SYSTEM\t\t$IP\t$fileSize grosses neues CP-Export wurde erfolgreich gespeichert." >>$Log
else
echo -e "FAILED \t$SYSTEM\t\t$IP\tDas File ist Corrupt, fehler beim Kopieren?" >>$Log
fi
else
echo -e "FAILED \t$SYSTEM\t\t$IP\tEin Fehler beim SCP Download -Erreichbar?" >>$Log
fi
else
echo -e "FAILED \t$SYSTEM\t\t$IP\tEin Fehler beim erstellen des CP-Exports -Erreichbar?" >>$Log
fi
}
any ideas why this could happen?
thanks in advance...
Cheers
Marcos
- Tags:
- mds_backup
- script
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
please check this question and it's responses.
Although if you want to move the file to another linux machine, I would use SCP instead of FTP.
Using a SSH Key instead of password:
echo '--------------------------------------------' >>$LOG
timestamp 'Send system logs to SCP server ... ' >>$LOG
echo '--------------------------------------------' >>$LOG
timestamp 'Starting SCP session ...' >>$LOG
if [ X${BACKUP_REMOTE} != X ]; then
if [ X${BACKUP_KEY} == X ]; then
_key="${HOME}/.ssh/id_dsa"
else
_key=$BACKUP_KEY
fi
scp -Bpqvi ${_key} $MDS_BCKDIR/* $BACKUP_REMOTE_USER@$BACKUP_REMOTE:$BACKUP_REMOTE_PATH 2>&1 | grep -v debug >>$LOG
fi
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
What script did you write to try and do this?
Perhaps we can improve it?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
There is the backup script I wrote. Feel free to modify it for your needs and I if you improve it please share that with us:
#!/bin/bash
###########################################################################
BACKUP_FILE=backup_CPSMS_`date +%d-%m-%y_%H%M`.tgz
BACKUP_PATH=/var/CPbackup/backups
BACKUP_COMMAND="/opt/CPsuite-R80/fw1/bin/upgrade_tools/migrate export -n"
BACKUP_SERVER='192.168.x.x'
BACKUP_USER='ftp_user'
BACKUP_PASS='ftp_pass'
###########################################################################
source /etc/profile.d/CP.sh
echo `date +%d-%m-%yT%H%M` INFO: Backup script started
cd $BACKUP_PATH
# Run backup command
echo `date +%d-%m-%yT%H%M` "INFO: Running $BACKUP_COMMAND $BACKUP_FILE"
$BACKUP_COMMAND $BACKUP_FILE
if [ $? -ne 0 ]; then
echo `date +%d-%m-%yT%H%M` "FATAL: Backup command did not complete successfully"
exit 1
else
echo `date +%d-%m-%yT%H%M` "INFO: Backup command completed successfully"
fi
# Test backup file integrity
echo `date +%d-%m-%yT%H%M` "INFO: Testing archive integrity..."
/bin/tar -tzf $BACKUP_FILE > /dev/null
if [ $? -ne 0 ]; then
echo `date +%d-%m-%yT%H%M` "FATAL: Archive integrity test failed. Backup file is corrupt."
exit 1
else
echo `date +%d-%m-%yT%H%M` "INFO: Archive integrity test succeeded. Backup file is good."
echo `date +%d-%m-%yT%H%M` "INFO: Creating checksum file $BACKUP_FILE.MD5SUM"
/usr/bin/md5sum $BACKUP_FILE > $BACKUP_FILE.MD5SUM
echo `date +%d-%m-%yT%H%M` "INFO: Uploading archive to FTP server..."
/usr/bin/ftp -n $BACKUP_SERVER <<END_SCRIPT
quote USER $BACKUP_USER
quote PASS $BACKUP_PASS
cd CPSMS
put $BACKUP_FILE.MD5SUM
binary
put $BACKUP_FILE
quit
END_SCRIPT
if [ $? -ne 0 ]; then
echo `date +%d-%m-%yT%H%M` "ERROR: FTP upload failed."
else
echo `date +%d-%m-%yT%H%M` "INFO: FTP upload completed."
fi
fi
echo `date +%d-%m-%yT%H%M` INFO: Backup script completed
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I see error when I used contrab but manual run working fine anyone have the same error.
This utility requires the Check Point Security Management Server.
26-12-18T1041 FATAL: Backup command did not complete successfully
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Sorry mate, script was missing importing CP environment. I fixed it so try now. It should work fine from crontab.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hristo,
It is not working with R80.20 M2.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yeah, it is possible. What does it output when you run it ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Eror:
T2359 FATAL: Backup command did not complete successfully
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Please run following command:
expert# bash -x /path/to/backup_export.sh
Replace any possible confidential info in the output and paste it here.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
Thank you for you script.
I add to script:
- remove file
- Send Email.
!/bin/bash
###############################################################
BACKUP_FILE=backup_CPSMS_`date +%d-%m-%y_%H%M`.tgz
BACKUP_LOG_FILE=/var/CPbackup/log/backups/backup_log_CPSMS_`date +%d-%m-%y_%H%M`.log
BACKUP_PATH=/var/CPbackup/backups
BACKUP_COMMAND="/opt/CPsuite-R77/fw1/bin/upgrade_tools/migrate export -n"
BACKUP_SERVER='server_adress'
BACKUP_USER='ftp_user_name'
BACKUP_PASS='ftp_password'
###############################################################
MAILSERVER='mail_server_address'
SENDER_EMAIL_ADDRESS='sender_email'
RECEIVER_EMAIL_ADDRESS='receiver_email
###############################################################
#Create backup
#############################################################
source /opt/CPshrd-R77/tmp/.CPprofile.sh
{
echo `date +%d-%m-%yT%H%M` "INFO: Backup script started"
cd $BACKUP_PATH
# Run backup command
echo `date +%d-%m-%yT%H%M` "INFO: Running $BACKUP_COMMAND $BACKUP_FILE"
$BACKUP_COMMAND $BACKUP_FILE
if [ $? -ne 0 ]; then
echo `date +%d-%m-%yT%H%M` "FATAL: Backup command did not complete successfully"
exit 1
else
echo `date +%d-%m-%yT%H%M` "INFO: Backup command completed successfully"
fi
# Test backup file integrity
echo `date +%d-%m-%yT%H%M` "INFO: Testing archive integrity..."
/bin/tar -tzf $BACKUP_FILE > /dev/null
if [ $? -ne 0 ]; then
echo `date +%d-%m-%yT%H%M` "FATAL: Archive integrity test failed. Backup file is corrupt."
exit 1
else
echo `date +%d-%m-%yT%H%M` "INFO: Archive integrity test succeeded. Backup file is good."
# Creating checksum file
echo `date +%d-%m-%yT%H%M` "INFO: Creating checksum file $BACKUP_FILE.MD5SUM"
/usr/bin/md5sum $BACKUP_FILE > $BACKUP_FILE.MD5SUM
echo `date +%d-%m-%yT%H%M` "INFO: Uploading archive to FTP server..."
/usr/bin/ftp -n $BACKUP_SERVER <<END_SCRIPT
quote USER $BACKUP_USER
quote PASS $BACKUP_PASS
cd CPSMS
put $BACKUP_FILE.MD5SUM
binary
put $BACKUP_FILE
quit
END_SCRIPT
if [ $? -ne 0 ]; then
echo `date +%d-%m-%yT%H%M` "ERROR: FTP upload failed."
else
echo `date +%d-%m-%yT%H%M` "INFO: FTP upload completed."
fi
fi
wait
/bin/rm $BACKUP_FILE.MD5SUM
/bin/rm $BACKUP_FILE
if [ $? -ne 0 ]; then
echo `date +%d-%m-%yT%H%M` "ERROR: Delete backup file failed."
else
echo `date +%d-%m-%yT%H%M` "INFO: Delete backup file completed."
fi
echo `date +%d-%m-%yT%H%M` INFO: Backup script completed
} > $BACKUP_LOG_FILE
################################################################
#Send Email
################################################################
{
echo -e "from:"$SENDER_EMAIL_ADDRESS"\r\nto:"$RECEIVER_EMAIL_ADDRESS"\r\nSubject: Backup checkpoitn MGMT\r\n\r\n Backup completed. \r\n"
cat $BACKUP_LOG_FILE
} > $BACKUP_LOG_FILE.mail
sendmail --domain=domain.com -f $SENDER_EMAIL_ADDRESS -v $RECEIVER_EMAIL_ADDRESS --host=$MAILSERVER < $BACKUP_LOG_FILE.mail >> $BACKUP_LOG_FILE
{
if [ $? -ne 0 ]; then
echo `date +%d-%m-%yT%H%M` "ERROR: Send email failed."
else
echo `date +%d-%m-%yT%H%M` "INFO: Send email completed."
fi
} >> $BACKUP_LOG_FILE
/bin/rm $BACKUP_LOG_FILE.mail
if [ $? -ne 0 ]; then
echo `date +%d-%m-%yT%H%M` "ERROR: Delete mail file failed." >> $BACKUP_LOG_FILE
else
echo `date +%d-%m-%yT%H%M` "INFO: Delete mail file completed." >> $BACKUP_LOG_FILE
fi
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanx Fedor.
I usually run this script from crontab that is mailing me the output but it is a nice to have it integrated anyway.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
hi all,
my day arrived...here my first entry into this fantastic learning-, information- and knowledge-exchange-platform...
we have a similar problem...we do use a dedicated linux machine to connect to all our outside firewall systems to execute and get the backups home (clish and migrate export)...all is working fine...also on mds systems...now since we have upgraded the mds to r80.20, we noticed that those scripts does not finish the execution.
executing the script with bash -x we see that the mds_backup command is not ended even though on the mds all system where restarted and the file was created...ssh session is still alive but hanging in this command...after more then 30min waiting, the command can be stopped by pressing ctrl-C...
this is my last output from the bash -x command:
+ bck_mdm-export_scp-lgin-wiho_pw
++ /usr/bin/ssh -oConnectTimeout=5 -nq admin@10.93.255.191 -p 22 'rm -f /var/log/CPbackup/backups/*.tgz; /opt/CPmds-R80.20/scripts/mds_backup -g -b -s -i -l -d /var/log/CPbackup/backups'
then pressing ctrl-C
^C+ send_email-on-error
++ grep -v '^=.*=$' /tmp/wit.fwbck.U1qo0uR
+ emptyLog=
+ [[ 1 -eq 0 ]]
+ delete_log-file
+ echo
+ rm -f /tmp/wit.fwbck.U1qo0uR
+ exit
function in script:
function bck_mdm-export_scp-lgin-wiho_pw() {
$($sshStart $USER@$IP -p $PORT 'rm -f /var/log/CPbackup/backups/*.tgz; /opt/CPmds-R80.20/scripts/mds_backup -g -b -s -i -l -d /var/log/CPbackup/backups' >/dev/null 2>&1 )
# $($sshStart $USER@$IP -p $PORT 'rm -f /var/log/CPbackup/backups/*.pema; touch pema.pema.pema' >/dev/null 2>&1 )
if [[ $? -eq "0" ]]
then
scp -q -P $PORT $USER@$IP:/var/log/CPbackup/backups/$(date +%-d%b%Y)*.$filenameSufix $pathFilenamePrefix.$filenameSufix >/dev/null 2>&1
if [[ $? -eq "0" ]]
then
$(tar tf $pathFilenamePrefix.$filenameSufix >/dev/null 2>&1)
if [[ $? -eq "0" ]]
then
chmod o+r $pathFilenamePrefix.$filenameSufix
fileSize=$(du -h $pathFilenamePrefix.$filenameSufix | cut -f1)
echo -e "NEW File\t$SYSTEM\t\t$IP\t$fileSize grosses neues CP-Export wurde erfolgreich gespeichert." >>$Log
else
echo -e "FAILED \t$SYSTEM\t\t$IP\tDas File ist Corrupt, fehler beim Kopieren?" >>$Log
fi
else
echo -e "FAILED \t$SYSTEM\t\t$IP\tEin Fehler beim SCP Download -Erreichbar?" >>$Log
fi
else
echo -e "FAILED \t$SYSTEM\t\t$IP\tEin Fehler beim erstellen des CP-Exports -Erreichbar?" >>$Log
fi
}
any ideas why this could happen?
thanks in advance...
Cheers
Marcos
- Tags:
- mds_backup
- script
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
For using it with crontab, I have changed 'sendmail line' to '/usr/sbin/sendmail'
This way, I have resolved crontab + mailing issues in R80.30.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @Sagar_Manandhar,
You can also use the following script from me:
Easy Backup Tool - (migrate export + all GAIA configs)
This tool creates a backup of all GAIA gateway configurations with one CLI command "ebackup"
- Only one CLI command "ebackup"
- Backup of all Gaia gateway configurations (Check Point appliances, Open Server, SMB appliances 11xx, 14xx)
- Migrate export on SMS
- Migrate-server on MDS
- Backup all files to one TGZ file
- FTP upload support backup file
- CP upload support for backup file via cprid_util