Hi ,
I have by mistake deleted API keys (while doing some manipulations following a test to add a Linux server on the SIEM).
I would like to know if it is possible to restore his keys?
I have Veeam backups .
I would like to know where his keys are stored and wich agent restore ?
there is no key history?
You would need to restore the security index from a recent snapshot, but you can't do that from a Veeam backup. From the docs:
Taking a snapshot is the only reliable and supported way to back up a cluster. You cannot back up an Elasticsearch cluster by making copies of the data directories of its nodes. There are no supported methods to restore any data from a filesystem-level backup. If you try to restore a cluster from such a backup, it may fail with reports of corruption or missing files or other data inconsistencies, or it may appear to have succeeded having silently lost some of your data.
thank you for answering me if I don't have snapshots included in my Elasticsearch it won't be possible for me to recover them? is that what you are telling me?
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.