NetBackup IT Analytics Data Collector Installation and Configuration Guide for Veritas NetBackup

Last Published:
Product(s): NetBackup IT Analytics (11.5)
  1. Introduction
    1.  
      Overview
    2.  
      Distributed Data Collector (recommended for NetBackup)
    3.  
      Centralized Data Collector
    4.  
      Collection of backup and restore data
    5.  
      Data Collection Policies
  2. Configure a NetBackup IT Analytics Distributed Data Collector on a NetBackup Primary Server
    1.  
      Overview
    2. Configure Data Collector on non-clustered NetBackup 10.4 and later primary server
      1.  
        Manage Data Collector installation on NetBackup primary server
    3.  
      Configuration workflow for NetBackup 10.1.1, 10.2, 10.2.01, 10.3 or 10.3.0.1 on a non-clustered NetBackup primary server
    4. Configure Data Collector on non-clustered NetBackup 10.1.1, 10.2, 10.2.01, 10.3 or 10.3.0.1 primary server
      1.  
        Manage Data Collector installation on NetBackup (install/remove)
    5.  
      Configuration workflow for NetBackup versions lower than 10.1.1
    6.  
      Configure Data Collector on NetBackup primary with version lower than 10.1.1
  3. Configure a Veritas NetBackup Data Collector Policy
    1.  
      Veritas NetBackup Data Collector policy configuration prerequisites
    2.  
      Create NetBackup Data Collector Role, Service Account, and API Key
    3.  
      Add a Veritas NetBackup Data Collector policy
    4.  
      Add/Edit NetBackup Primary Servers within the Data Collector policy
    5. Configuring file analytics in NetBackup Data Collector policy
      1.  
        Prerequisites to configure File Analytics for NetBackup
      2.  
        Data Collector and Portal sizing guidelines for File Analytics
      3.  
        Configure File Analytics
      4.  
        Export File Analytics data
  4. Installing the Data Collector software
    1.  
      Introduction
    2.  
      Considerations to install Data Collector on non-English systems
    3.  
      Install Data Collector Software on Windows
    4.  
      Install Data Collector software on Linux
    5.  
      Deploy Data Collector in native Kubernetes environment
    6.  
      Configure Data Collector manually for Veritas NetBackup
    7.  
      Install Data Collector binaries on Windows (without configuration)
    8.  
      Install Data Collector binaries on Linux host (without configuration)
    9.  
      Override default Java Heap memory (XMX) value for Data Collector utilities
  5. Configure SSL
    1.  
      SSL/TLS certificate configuration
    2.  
      SSL implementation overview
    3.  
      Obtain an SSL certificate
    4.  
      Update the web server configuration to enable SSL on the Portal server
    5.  
      Enable / Disable SSL for a Data Collector
    6.  
      Enable / Disable SSL for emailed reports
    7.  
      Test and troubleshoot SSL configurations
    8.  
      Keystore file locations on the Data Collector server
    9.  
      Import a certificate into the Data Collector Java keystore
    10.  
      Keystore on the portal server
    11.  
      Add a virtual interface to a Linux server
    12.  
      Add a virtual / secondary IP address on Windows
  6. Centralized Data Collector for NetBackup - Prerequisites, Installation, and Configuration
    1.  
      Overview
    2. Step-1: Choose operating system and complete prerequisites
      1.  
        Factors impacting Data Collector performance and memory requirements
      2.  
        Data Collector supported operating systems
      3.  
        Data Collector server memory and CPU guidelines
      4.  
        Additional prerequisites
      5.  
        Linux Data Collector Prerequisites: Changing the Linux Temporary Directory for Collection
    3.  
      Step-2: HTTPS requirement
    4.  
      Step-3: Add Data Collector on NetBackup IT Analytics Portal
    5.  
      Step-4: Create NetBackup Data Collector Role, Service Account, and API Key
    6. Step-5: SSH/WMI
      1.  
        Linux Centralized Data Collector: SSH
      2. Windows Data Collector: WMI Connectivity
        1.  
          Testing WMI connectivity
        2.  
          Installing the WMI Proxy Service (Windows Host Resources only)
    7.  
      Step-6: Install the Data Collector
    8.  
      Step-7: Configure Data Collector
    9.  
      Step-8: Verify the Data Collector is online from the Portal
    10.  
      Step-9: Confirm that the Data Collector is updated
    11.  
      Step-10: Configure the data collection policy
    12.  
      Step-11: Confirm that the NetBackup data collection policy is collecting data
  7. Upgrading Data Collector Locally
    1.  
      Overview
    2.  
      Verification of upgrade bundle available on Data Collector server
    3.  
      Upgrade the Upgrade Manager component
    4.  
      Upgrade the Data Collector component which is the aptare.jar file
    5.  
      Upgrade the Upgrade Manager and Data Collector components together
    6.  
      Upgrade logs and upgrade related database views
    7.  
      Resolve file lock issue on Windows host during Data Collector upgrade
  8. Clustering Data Collectors with VCS and Veritas NetBackup (RHEL)
    1.  
      Clustering Data Collectors with VCS and Veritas NetBackup (RHEL)
    2.  
      Prerequisites
    3.  
      Getting started with Data Collector clustering
    4.  
      Configuring the Data Collector
    5.  
      Upgrading a clustered Data Collector
    6.  
      Considerations when Data Collector is pointing to Alta Domain Management
  9. Clustering Data Collectors with VCS and Veritas NetBackup (Windows)
    1.  
      Clustering Data Collectors with VCS and Veritas NetBackup (Windows)
    2.  
      Prerequisites
    3.  
      Getting Started with Data Collector Clustering
    4.  
      Main.cf
    5.  
      Upgrading a Clustered Data Collector
    6.  
      Manage cluster configuration during NetBackup upgrade (Windows)
    7.  
      Uninstall cluster Data Collector
  10. Install and configure NetBackup IT Analytics Data Collector on MSCS environment
    1.  
      Cluster Data Collectors with MSCS on Windows
    2.  
      Perform cluster configurations
    3.  
      Upgrade NetBackup IT Analytics Data Collector in MSCS
    4.  
      Uninstall NetBackup IT Analytics Data Collector
    5.  
      Steps to perform before and after NetBackup upgrade
  11. Data Collector Policy Migration
    1.  
      Migrate NetBackup data collection policy from centralized to distributed Data Collector
  12. Pre-Installation setup for Veritas NetBackup appliance
    1.  
      Overview
    2.  
      Prerequisites for adding Data Collectors (Veritas NetBackup appliance)
    3.  
      Installation Overview (Veritas NetBackup Appliance)
    4.  
      Adding a Veritas NetBackup Appliance Data Collector policy
  13. Pre-installation setup for Veritas Flex Appliance
    1.  
      Pre-Installation setup for Veritas Flex Appliance
    2.  
      Prerequisites for adding Data Collectors (Veritas Flex Appliance)
    3.  
      Installation overview (Veritas Flex Appliance)
    4.  
      Add a Veritas Flex Appliance policy
    5.  
      Troubleshoot Veritas Flex Appliance policy configuration
  14. Data Collector Troubleshooting
    1.  
      Resolving Data Collectors connections issues - Linux specific
    2.  
      Resolving Data Collectors connections issues - Windows specific
    3.  
      Portal upgrade performance issues
    4.  
      Configuring web proxy updates
    5.  
      Host resources troubleshooting
    6.  
      Host resources: Check the status of the WMI proxy server
    7.  
      Host resources: Post-Installation verification
    8. Host resources: Check host connectivity using standard SSH
      1.  
        Checking Paths for SSH
      2.  
        Environment setting for bash users
    9.  
      Host resources: Check host connectivity
    10.  
      Host resources: Check host connectivity using Host Resource Configuration file
    11. Host resources: Generating host resource configuration files
      1.  
        Sample lines in an input file
    12.  
      Host resources: Check the execution of a command on a remote server
    13.  
      Host resources Data Collection
    14.  
      Host resources: Collection in stand-alone mode
    15. Configuring parameters for SSH
      1.  
        Configure channelWaitTime
      2.  
        Configure singleChannelSession
      3.  
        Configure sudoWithPassword
    16.  
      Identifying Windows file system access errors (File Analytics)
    17.  
      Collect from remote shares (File Analytics)
    18.  
      Adding a certificate to the Java keystore
    19.  
      Override default Java Heap memory (XMX) value for Data Collector utilities
  15. Appendix A. Configure Appliances
    1.  
      Configure NetBackup Appliances for Data Collection
    2.  
      Configure NetBackup Flex Appliances for Data Collection
  16. Appendix B. Load historic events
    1.  
      Introduction
    2.  
      Load Commvault Simpana events
    3.  
      Load EMC Avamar events
    4.  
      Load EMC NetWorker events
    5.  
      Load HP Data Protector events
    6.  
      Load IBM Spectrum Protect (TSM) events
    7.  
      Load Oracle Recovery Manager (RMAN) events
    8.  
      Load Veeam Backup & Replication events
    9. Load Veritas NetBackup events
      1.  
        Load events for individual NetBackup clients
      2.  
        Load events for a group of NetBackup clients
    10.  
      Load Veritas Backup Exec events
    11.  
      Corrections in duplication of clients
    12.  
      Cohesity
    13.  
      Dell EMC NetWorker Backup & Recovery
  17. Appendix C. Firewall configuration: Default ports
    1.  
      Firewall configuration: Default ports
  18. Appendix D. CRON Expressions for Policy and Report Schedules
    1.  
      CRON expressions for policy probe schedules
    2.  
      CRON expressions for scheduling reports
  19. Appendix E. Maintenance Scenarios for Message Relay Server Certificate Generation
    1.  
      Regenerate authentication certificate nearing expiry (or already expired)
    2.  
      Recover inadvertently deleted aptare.ks file
    3.  
      Authenticate new database with existing SSL certificates
    4.  
      SSL certificate authentication for a new data collector

Obtain an SSL certificate

Obtain a third-party certificate from a certificate authority (CA) such as VeriSign, Thawte, or GeoTrust. The methods for obtaining a certificate vary. Therefore, refer to the vendor's web site for specific instructions.

You may, for testing purposes or as a permanent solution, use a self-signed certificate. This is not recommended as it makes the implementation slightly more complex and may limit access to NetBackup IT Analytics to some of your users.

The following outlines the process for creating a Subject Alternative Name (the certificate covers more than one hostname under a single certificate) self-signed certificate on a Linux operating system. Steps will be similar on Windows. This certificatesecures communication for both the portal and data receiver web instances.

cd /tmp 

vi san.cnf

Sample san.cnf file - use this faile as a template and modify this for your environment. The san.cnf file will be an input parameter during certificate generation. Note the use of an example domain name of example.com; change this to own your environment's domain name.

Under the v3 section, in addition to the portal name, also provision the data receiver under this same certificate. 

[ req ] 
default_bits = 4096 
prompt = no	 
default_md = sha256 
distinguished_name = req_distinguished_name 
x509_extensions = v3_req 

[ req_distinguished_name ] 
C = US 
ST = New York 
L = New York City 
O = Veritas 
OU = ITA 
emailAddress = aReal.emailaddress@yourdomain.com 
CN = itanalyticsportal.example.com   

[ v3_req ] 
subjectAltName = @alternate_names   

[alternate_names] 
DNS.1 = itanalyticsportal.example.com 
DNS.2 = itanalyticsagent.example.com
Generate Certificate using the san.cnf file created above

The following command results in the private key name of server.key, and certificate name of server.crt. These names will be used through the remainder of this chapter. You are free to use different names for the certificate and private key files if desired. With this command, we are also creating a self-signed certificate for 3650 days, or 10 years. 

openssl req -x509 -newkey rsa:4096 -sha256 -days 3650 -nodes -keyout server.key -out server.crt -config /tmp/san.cnf 

Generating a RSA private key 
......................................++++ 
..........................................................................................................................................................................................................................................................................................................................................++++ 
writing new private key to 'server.key' 
----- 
 tmp]# ll 
total 276 
-rwxrwxrwx 1 root   root      513 Dec 11 01:03 san.cnf 
-rw-r--r-- 1 root   root     2187 Dec 11 01:25 server.crt 
-rw------ 1 root   root     3272 Dec 11 01:25 server.key