Article Number: 000187594
PowerProtect Cyber Recovery: Analyze operation in Cyber Recovery takes longer after upgrading to version 19.8.x, along with Include or Exclude filter.
Summary: After updating to PowerProtect Cyber Recovery 19.8, an analyze operation runs longer than expected. This problem applies to Cyber Recovery customers who use the CyberSense include/exclude filter. ...
Article Content
Instructions
Expected Behavior
As of Cyber Recovery 19.8, the CyberSense include and exclude files only work by using Cyber Recovery. Existing include and exclude files used with CyberSense are not affected.Resolution
As of Cyber Recovery 19.8, you must use the Cyber Recovery command-line interface (CRCLI) to include or exclude files for an analyze operation.On-demand analyze operation:
Use the newly introduced include and exclude options. You can specify individual files or a file that contains a list of files.
Analyze schedules:
If you have created a schedule and want to include or exclude files, you must update all your analyze schedules that specify include or exclude files.
NOTE: After updating the schedules, there is no option to determine if the schedules are updated with an include/exclude list. When you run an analyze operation, verify the updates in the CyberSense UI or by viewing the CyberSense logs.
Examples
Adding the exclude file path to the exclude list of an analyze schedule:
[root@cr-host ]# crcli schedules modify --schedulename CR-Host-Analyze-Schedule --excludefilepath "/scripts/exclude.txt"
Adding exclude files to the exclude list of an analyze schedule:
[root@cr-host ]# crcli schedules modify --schedulename CR-Host-Analyze-Schedule --excludefiles main,.zip,*abc
Adding the include file path to the include list of an analyze schedule:
[root@cr-host ]# crcli schedules modify --schedulename CR-Host-Analyze-Schedule --includefilepath "/scripts/include.txt"
Adding files to the include list for an analyze schedule:
[root@cr-host ]# crcli schedules modify --schedulename CR-Host-Analyze-Schedule --includefiles .tar,.key
Adding files to the include/exclude list for an analyze schedule with both CLI options:
[root@cr-host ]# crcli schedules modify --schedulename CR-Host-Analyze-Schedule --excludefilepath "/scripts/exclude.txt" --excludefiles main,.zip,*abc --includefilepath "/scripts/include.txt" --includefiles .tar,.key
This is to add the Excludes / Includes via the CLI of Cyber Recovery.
Example of an include / exclude text file content: [.tar .key include1.file include2.file include3.file]
By default we exclude the following from Avamar and this should be set on all Avamar deployments:
GSAN/
DELETED/
STAGING/
VALIDATED/
If a specific client is excluded then you will use the following syntax:
cur/<UID>/
Here is the process I have been using to set this:
1. Login to the Cyber Recovery Server as admin
2. change to root with su -
3. cd /opt/dellemc/cr
4. create a file for the exclusion list.
Example:
#vi exclusions.txt
Note: Add all of the exclusions that are needed for the customer. By default all 4 of the above should be added at minimum for all clients.
5. Log into the crcli
Example:
#crcli login --username crso
6. Run crcli schedules list
7. crcli schedules modify --schedulename <Schedule Name> --excludefilepath "/opt/dellemc/cr/exclusions.txt" 🡨 Make sure you have quotes around the path.
Note: As of right now the only way to see that the list has been applied properly is to query the mongo Database.
To validate that the exceptions are set in the schedule you can run the following from the cli of the CR server
docker exec -it cr_mongo-auth_1 mongo cr --username crdbadmin --eval 'db.schedulesv6.find({"id":"<Schedule id – Get this from the gui in the above screenshot>"}).pretty()'
when you press return it will ask for a password use the mondoDB password. You should see the following:
"includefiles" : [ ],
"excludefiles" : [
"GSAN/",
"STAGING/",
"VALIDATED/",
"DELETED/"
],
"mtreecontentformat" : null
}
If you don’t see the exclude list in the output the exclusions did not make it into the schedule.
CyberMasterU:/opt/dellemc/cr # docker exec -it cr_mongo-auth_1 mongo cr --username crdbadmin --eval 'db.schedulesv6.find({"id":"60ffb2b870ec150001b81ef3"}).pretty()'
MongoDB shell version v4.0.23
Enter password:
connecting to: mongodb://127.0.0.1:27017/cr?gssapiServiceName=mongodb
Implicit session: session { "id" : UUID("15dc8b88-08fb-43a2-9915-ee33eca9084f") }
MongoDB server version: 4.0.23
{
"_id" : ObjectId("60ffb2b8d620dbff0a6dc8a1"),
"id" : "60ffb2b870ec150001b81ef3",
"name" : "test2",
"policyid" : "5f0391d394422f00012ae018",
"policyname" : "test",
"frequency" : {
"hours" : 0,
"days" : 1
},
"description" : "",
"enabled" : true,
"createdby" : "5e7bdaf09bc65c0001274ecc",
"createdbyrole" : "security-officer",
"creationdate" : "1627370168",
"modifieddate" : "1627370630",
"lastrun" : "",
"nextrun" : "2021-07-27T23:00:00.000Z",
"request" : "sync-copy-lock",
"appid" : "",
"copyid" : "",
"retlockduration" : "12h",
"synctill" : "",
"continuoussync" : null,
"recoverymtree" : "",
"recoveryethport" : "",
"copiesexpirationtime" : 0,
"jobsexpirationtime" : 0,
"alertsexpirationtime" : 0,
"eventsexpirationtime" : 0,
"backupdrexpirationtime" : 0,
"includefiles" : [ ],
"excludefiles" : [
"GSAN/",
"DELETED/",
"STAGING/",
"VALIDATED/"
],
"mtreecontentformat" : null
}
CyberMasterU:/opt/dellemc/cr #
To start a CyberSense scan manually in Cyber Recovery via CLI:
1. Login to a puttty session for the Cyber Recovery Server as admin.
2. Switch users to root su - then the password
3. Login to the crcli as the crso user syntax on next step
4. crcli loging --usernname crso
5. crcli poilcy list (make a note of the Policy Name)
15:37:33.890 DellExample:/opt/dellemc/cr # crcli policy list
15:37:34.001
15:37:34.001 Policy-ID Policy Name Recent Job Enabled Status
15:37:34.001 --------------------------------------------------------------------------------------------------------
15:37:34.001 60aded2194422f00019797d7 BackupExample sync-copy-lock_610 true
6. crcli policy list-copy -n BackupExample (Take a note of the Copy Name)
15:38:55.199 DellExample:/opt/dellemc/cr # crcli policy list-copy -n AvamarDC
15:38:55.321
15:38:55.322 Copy id Copy name Created on Locked until Lock Status
15:38:55.322 ---------------------------------------------------------------------------------------------------------------------------------------------------------
15:38:55.322 50e9c56994422f0001979884 cr-copy-BackupExample-20210710120531 2021.07.10 12:05:32 2021.07.13 12:06:04 Locked
15:38:55.322 50e87d1c94422f0001979875 cr-copy-BackupExample-20210709124441 2021.07.09 12:44:42 2021.07.12 12:45:20 Locked
15:38:55.322 50e7297294422f0001979872 cr-copy-BackupExample-20210708123529 2021.07.08 12:35:30 2021.07.11 12:36:05 Locked
15:38:55.322 50e5db7d94422f000197986d cr-copy-BackupExample-20210707125035 2021.07.07 12:50:36 2021.07.10 12:51:12 Unlocked
15:38:55.323 50e4918b94422f0001979868 cr-copy-BackupExample-20210706132206 2021.07.06 13:22:07 2021.07.09 13:23:38 Unlocked
7. crcli apps list
DellExample:/opt/dellemc/cr # crcli apps list
15:44:07.788
15:44:07.788 Application-ID Nickname Hostname
15:44:07.788 ---------------------------------------------------------------------------------------
15:44:07.801 50adff149a6dd200011b1352 CyberSense x.x.x.185
8. crcli policy run -n BackupExample -a analyze --copyname cr-copy-BackupExample-20210710120531 -i CyberSense --excludefilepath /opt/dellemc/cr/exclusions.txt
15:45:54.074 DellExample:/opt/dellemc/cr # crcli policy run -n BackupExample -a analyze --copyname cr-copy-BackupExample-20210710120531 -i CyberSense --excludefilepath /opt/dellemc/cr/exclusions.txt
15:46:20.482 Exclude []
15:46:20.482 Exclude File Contents: [GSAN/ DELETED/ STAGING/ VALIDATED/]
15:46:20.606 Running Job @: 2021.08.17 14:45:55
15:46:20.606 Policy : BackupExample
15:46:20.606 Action : analyze
15:46:20.606
15:46:20.606 JobID : 50f9eae394422d0001979884
15:46:20.606 Jobname : analyze_245
15:46:20.606 Job status : Ready
15:46:20.606
Article Properties
Affected Product
CyberSense
Product
Cyber Recovery Series
Last Published Date
01 Feb 2022
Version
4
Article Type
How To