I am working on recovery scenario in case our Graylog server would fail. I am doing snapshots of data and configuration every day. I made a test:
- created new Graylog server as appliance
- mounted remote directory with snapshots and configuration
- copy key (password_secret) from /etc/graylog/server/server.conf
- restored configuration with mongorestore
- restored snapshot of the data from last day - for backup/restore I use my own scripts, but they are basically the same like https://support.cloudbees.com/hc/en-us/articles/115000592472-Managing-snapshots-of-your-Elasticsearch-indices-
- reload server
- can’t see any data in Search
Any advices, what I am doing wrong?
I should have backup of data for last two months so I am not very happy about idea, that I would need to do the same 60-times (meaning two monts). Advice, how to do better are welcome.