I'm looking at configuring the database backup for Stealthwatch. I have managed to configure and establish a connection to an SMB share, however, when I click on 'Create Backup' Stealthwatch immediately backs up and there doesn't seem to be an option to set a schedule. I've tried looking for the backup configuration in the user guides but its very limited.
How can a scheduled backup be configured?
Thank you for the response.
If thats the case, do we need to manually backup the database only on the SMC or do we need to do this for the other devices as well such as on the FCs?
In backup scenario, the most important is FlowData and next one is host group configuration in Stealthwatch products. FlowData is stored in FC and host group configuration are in FC. So both are important for normal environment. FlowData can’t restored once it broken without back up. Host group configuration needs many time to recover without backup. Of course SMC back up is also important.
If you are interested in another scenario of FlowData backup, please check below thread. Stealthwatch has an API to export FlowData from FC to 3rd party products such as SIEM.