Please enter search query.
Search <book_title>...
NetBackup IT Analytics System Administrator Guide
Last Published:
2025-02-03
Product(s):
NetBackup IT Analytics (11.4)
- Introduction
- Preparing for updates
- Backing up and restoring data
- Best practices for disaster recovery
- Oracle database backups
- File system backups
- Oracle database: Cold backup
- Oracle database: Export backups
- Scheduling the oracle database export
- Oracle database: On demand backup
- Restoring the NetBackup IT Analytics system
- Import the Oracle database
- Manual steps for database import / export using data pump
- Monitoring NetBackup IT Analytics
- Accessing NetBackup IT Analytics reports with the REST API
- Defining NetBackup estimated tape capacity
- Automating host group management
- About automating host group management
- Task overview: managing host groups in bulk
- Preparing to use PL/SQL utilities
- General utilities
- Categorize host operating systems by platform and version
- Identifying a host group ID
- Move or copy clients
- Organize clients by attribute
- Move host group
- Delete host group
- Move hosts and remove host groups
- Organize clients into groups by backup server
- Merge duplicate backup clients
- Bulk load utilities
- Veritas NetBackup utilities
- Automate NetBackup utilities
- Organize clients into groups by management server
- Set up an inactive clients group
- Set up a host group for clients in inactive policies
- Set up clients by policy
- Set up clients by policy type
- IBM Tivoli storage manager utilities
- Set up clients by policy domain
- Set up clients by IBM Tivoli storage manager instance
- Scheduling utilities to run automatically
- Attribute management
- Attribute bulk load utilities
- Attribute naming rules
- Rename attributes before upgrading
- Load host attributes and values
- Load attributes and values and assign to hosts
- Load array attributes and values and assign to arrays
- Overview of application attributes and values
- Load application database attributes and values
- Load MS Exchange organization attributes and values
- Load LUN attributes and values
- Load switch attributes and values
- Load port attributes and values
- Load Subscription attributes and values
- Importing generic backup data
- Backup job overrides
- Managing host data collection
- System configuration in the Portal
- System configuration in the Portal
- System configuration: functions
- Navigation overview
- System configuration parameter descriptions: Additional info
- Anomaly detection
- Data collection: Capacity chargeback
- Database administration: database
- Host discovery: EMC Avamar
- Host discovery: Host
- Events captured for audit
- Custom parameters
- Adding/editing a custom parameter
- Portal customizations
- Configuring global default inventory object selection
- Restricting user IDs to single sessions
- Customizing date format in the report scope selector
- Customizing the maximum number of lines for exported reports
- Customizing the total label display in tabular reports
- Customizing the host management page size
- Customizing the path and directory for File Analytics database
- Configuring badge expiration
- Configuring the maximum cache size in memory
- Configuring the cache time for reports
- Performance profile schedule customization
- LDAP and SSO authentication for Portal access
- Change Oracle database user passwords
- Integrate with CyberArk
- Tuning NetBackup IT Analytics
- Working with log files
- About debugging NetBackup IT Analytics
- Turn on debugging
- Database logging
- Portal and data collector log files - reduce logging
- Database SCON logging - reduce logging
- Refreshing the database SCON log
- Logging user activity in audit.log
- Logging only what a user deletes
- Logging all user activity
- Data collector log files
- Data collector log file organization
- Data collector log file naming conventions
- General data collector log files
- Find the event / meta collector ID
- Portal log files
- Database log files
- Installation / Upgrade log files
- Defining report metrics
- SNMP trap alerting
- SSL certificate configuration
- SSL certificate configuration
- SSL implementation overview
- Obtain an SSL certificate
- Update the web server configuration to enable SSL
- Configure virtual hosts for portal and / or data collection SSL
- Enable / Disable SSL for a Data Collector
- Enable / Disable SSL for emailed reports
- Test and troubleshoot SSL configurations
- Create a self-signed SSL certificate
- Configure the Data Collector to trust the certificate
- Keystore file locations on the Data Collector server
- Import a certificate into the Data Collector Java keystore
- Keystore on the portal server
- Add a virtual interface to a Linux server
- Add a virtual / secondary IP address on Windows
- Portal properties: Format and portal customizations
- Introduction
- Configuring global default inventory object selection
- Restricting user IDs to single sessions
- Customizing date format in the report scope selector
- Customizing the maximum number of lines for exported reports
- Customizing the total label display in tabular reports
- Customizing the host management page size
- Customizing the path and directory for file analytics database
- Configuring badge expiration
- Configuring the maximum cache size in memory
- Configuring the cache time for reports
- Configuring LDAP to use active directory (AD) for user group privileges
- Data retention periods for SDK database objects
- Data retention periods for SDK database objects
- Data aggregation
- Find the domain ID and database table names
- Retention period update for SDK user-defined objects example
- SDK user-defined database objects
- Capacity: default retention for basic database tables
- Capacity: default retention for EMC Symmetrix enhanced performance
- Capacity: Default retention for EMC XtremIO
- Capacity: Default retention for Dell EMC Elastic Cloud Storage (ECS)
- Capacity: Default retention for Windows file server
- Capacity: Default retention for Pure Storage FlashArray
- Cloud: Default retention for Amazon Web Services (AWS)
- Cloud: Default retention for Microsoft Azure
- Cloud: Default retention for OpenStack Ceilometer
- Configure multi-tenancy data purging retention periods
- Troubleshooting
- Appendix A. Kerberos based proxy user's authentication in Oracle
- Appendix B. Configure TLS-enabled Oracle database on NetBackup IT Analytics Portal and data receiver
- About Transport Layer Security (TLS)
- TLS in Oracle environment
- Configure TLS in Oracle with NetBackup IT Analytics on Linux in split architecture
- Configure TLS in Oracle with NetBackup IT Analytics on Linux in non-split architecture
- Configure TLS in Oracle with NetBackup IT Analytics on Windows in split architecture
- Configure TLS in Oracle with NetBackup IT Analytics on Windows in non-split architecture
- Configure TLS in user environment
- Appendix C. NetBackup IT Analytics for NetBackup on Kubernetes and appliances
Configure TLS in Oracle with NetBackup IT Analytics on Windows in non-split architecture
In a non-split architecture, the database and portal are on the same system.
Step 1: Configure Oracle wallet on the server side.
- Create a directory on the server system to store the server wallet as
server_wallet. Run the make directory command below atC:\opt\oracle\network\folder.mkdir C:\opt\oracle\network\server_wallet
- Create an empty wallet for the Oracle server with auto login enabled.
orapki wallet create -wallet "C:\opt\oracle\network\server_wallet" -pwd <password> -auto_login
- Add a self-signed certificate in the wallet (a new pair of private/public keys is created).
orapki wallet add -wallet "C:\opt\oracle\network\server_wallet" -pwd <password> -dn "CN=<server_machine_name>" -keysize 2048 -self_signed -validity <# of Days>
- Check the contents of the wallet. Notice the self-signed certificate is both a user and trusted certificate.
orapki wallet display -wallet "C:\opt\oracle\network\server_wallet" -pwd <password>
- Export the certificate so it can be loaded into the client wallet later.
orapki wallet export -wallet "C:\opt\oracle\network\server_wallet" -pwd <password> -dn "CN=<server_machine_name>" -cert C:\opt\oracle\network\client_wallet\<server-certificate-name>.crt
- Check whether the certificate has been exported to the above directory.
- Make sure the Oracle service user can access the wallet file
cwallet.sso(READ permission).
Step 2: Configure Oracle wallet for client application.
- Login as oracle user.
su - aptare
- Create a directory on the client system to store the client wallet. Call it
client _wallet. Create it under the/opt/aptare/oracle/networkfolder.mkdir C:\opt\oracle\network\client_wallet
- Create a wallet of the oracle client. Create an empty wallet with auto login enabled.
orapki wallet create -wallet "C:\opt\oracle\network\client_wallet" -pwd <password> -auto_login
Step 3: Load server certificate into the client wallet.
- Load the server certificate into the client wallet
orapki wallet add -wallet "C:\opt\oracle\network\client_wallet" -pwd <password> -trusted_cert -cert C:\opt\oracle\network\client_wallet\<server-certificate-name>.crt
- Check the contents of the client wallet. Note that the server certificate is now included in the list of trusted certificates.
orapki wallet display -wallet "C:\opt\oracle\network\client_wallet" -pwd <password>
Step 4: Configure the Oracle database to listen for TCPS connection: Configure the listener.ora, tnsnames.ora, and sqlnet.ora files on the database server using the following steps. In these steps, host is the oracle server IP address and the server wallet location is /opt/aptare/oracle/network/server_wallet.
- Stop the Oracle listener before updating the files.
lsnrctl stop
- Modify the
listener.ora(C:\opt\oracle\network\admin\listener.ora)LISTENER = (DESCRIPTION_LIST = (DESCRIPTION = (ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC)) (ADDRESS = (PROTOCOL = TCPS)(HOST = xx.xx.xx.xx)(PORT = 2484)) ) )Add below line at the end of file:
SSL_CLIENT_AUTHENTICATION = FALSE SECURE_PROTOCOL_LISTENER=(IPC) WALLET_LOCATION = (SOURCE = (METHOD = FILE) (METHOD_DATA = (DIRECTORY = C:\opt\oracle\network\server_wallet) ) ) C:\opt\oracle\network\server_wallet - Modify the
tnsnames.ora(C:\opt\oracle\network\admin\tnsnames.ora).SCDB = (DESCRIPTION = (ADDRESS= (PROTOCOL=TCPS) (HOST=xx.xx.xx.xx) (PORT=2484) ) (CONNECT_DATA=(SERVICE_NAME=scdb)(SID=SCDB)) ) - Start the Oracle listener.
lsnrctl start
- Check the listener status
lsnrctl status
- Test the Oracle connection using sqlplus.
sqlplus username/password@service_name
Step 5: Load oracle server wallet certificate to the portal and upgrader Java KeyStore.
- Add server certificate in portal Java.
cd C:\opt\jre\bin keytool -import -trustcacerts -alias ora_server_cert -file C:\opt\oracle\network\server_wallet\server-cert-db.crt -keystore C:\opt\jre\lib\security\cacerts cd C:\opt\jdk\bin keytool -import -trustcacerts -alias ora_server_cert -file C:\opt\oracle\network\server_wallet\server-cert-db.crt -keystore C:\opt\jdk\lib\security\cacerts password: changeit
- Add server certificate in upgrader Java
cd C:\opt\aptare\upgrade\jre\bin keytool -import -trustcacerts -alias ora_server_cert -file C:\opt\oracle\network\server_wallet\server-cert-db.crt -keystore C:\opt\aptare\upgrade\jre\lib\security\cacerts password: changeit
Step 6: Modify connection URL in the portal and receiver property file.
- Stop portal and agent services.
- Modify database URL in
C:\opt\aptare\portalconf\portal.properties.db.url=jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS=(PROTOCOL=TCPS) (HOST=xx.xx.xx.xx)(PORT=2484))(CONNECT_DATA=(SERVICE_NAME=SCDB)))
- Modify database URL in
C:\opt\aptare\datarcvrconf\datrarcvrproperties.xml.<URL>jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS=(PROTOCOL=TCPS) (HOST=xx.xx.xx.xx)(PORT=2484))(CONNECT_DATA=(SERVICE_NAME=SCDB)))</URL>
- Start portal and agent services.