Configuration Recovery - SL RestorePoint
Hello all, I just had this question posed to our team regarding config recovery. "Do you have any way of retrieving the configs for switches that have been deleted from SLRP please?" Is there a way to retrieve a backup of RestorePoint (and maybe restore to a temp location) from a specific point in time? If anyone has any advice or previous experience with this SL RestorePoint scenario, your input would be greatly appreciated!Restorepoint
Restorepoint is a Disaster Recovery and Secure Configuration Management appliance for network devices such as routers, switches, proxies, and firewalls. Restorepoint can automatically retrieve your network device configurations, detect changes and compliance violations, and report these automatically to network administrators. In this Powerhour session we will share with you how to add devices into Restorepoint, why having backups collected is useful in an autonomic IT environment, and how to leverage the SL1 platform in support of key workflows. Additionally, we will present the benefits of Governance, Risk and Compliance (GRC). Within the ScienceLogic Network Change and Configuration Management (NCCM) platform you will be backup over 100 different types of network equipment including firewalls to a central repository. Once the backup is collected then you can track change over time for auditing purposes as well as day to day operational needs to manage effective change control. Integration to the monitoring and automation platform adds layers of value which we will discuss during our session. When your organization is tasked with managing GRC then Restorepoint will apply your rules to assist in real time awareness of compliance. When configuration drift occurs then an alert will be sent to the SL1 platform for execution of automations in support of your defined workflow. For instance if you need to collect the difference of the last two configurations to compare an unplanned change while opening an incident into your IT Service Management (ITSM) product that can be completed so your operations team only need to receive the enhanced information set and begin resolutions steps. Often the best step is to revert the change and of course that’s supported from SL1 to allow for reduction in your Mean Time to Repair (MTTR). At the end of the June PowerHour you will have learned how to add devices into Restorepoint, why having backups collected is valuable and how to leverage the SL1 platform in support of key workflows. Additionally, we will present the benefits of Governance, Risk and Compliance (GRC). While blending into the overall SL1 platforms workflow operational needsAccess to SL1 and RP AMI's to automate AWS Provisioning
We're in the process of developing pipelines to provision and configure all our resources in AWS on a per client basis. Among these resources are the SL1 collector and RP agent. Right now in order to request the AMI for SL1 we need to fill out the form at https://support.sciencelogic.com/s/request-amazon-ami after authenticating via the webpage. Because of the login flow this has proven difficult to pass through the right information to authenticate and access the AMI request form where we can pass the form data to request the AMI on our AWS account. I understand this is probably not a common case, but has anyone come across a way to accomplish anything similar? The best I've been able to do so far is use Selenium to manage a browser logging in and navigating to the form page, but it doesn't lend itself well to the pipelines. For RestorePoint it seems like we still need to submit a case and request the AMI from support. Is there any plans to add this to the same request form for the SL1 AMI's? For now we're alright sticking to the manual effort of requesting AMI's, but it would be nice to be able to click a button and be done with provisioning :).Welcome to the Restorepoint Discussion Forum
We would like to welcome you to this forum where you can participate in open collaboration and meaningful discussion about all things Restorepoint. The purpose of this area is to foster collaboration about network configuration backup, recovery, compliance, and change management topics and for you to find solutions. As a community of IT professionals, we're always eager to learn new things and improve our skills. In this forum you can find people with similar ideas and challenges who can help you learn and be inspired. We hope you look forward to participating in these discussions and contributing to the community. Cheers to fostering connections, sharing insights, and driving the future of AIOps together. The ScienceLogic Community TeamSkylar Compliance MR 5.6 20251022 Released
Hello - We are pleased to announce the release of Skylar Compliance 5.6 20251022, which was shipped to appliances that allow online updates today. NOTE: Restorepoint has undergone a corporate rebrand and is now known as Skylar Compliance. Going forward, these maintenance release notes will document the most recent updates for Skylar Compliance 5.6. Improved the Skylar Compliance Support Server to enhance operational security and communication with appliances. Renamed the ObjectName field to DeviceName on the Configuration Changes Summary report (Report > Add). Addressed an issue which prevented backups and command tasks from running and caused the Backup Now process to hang and to display a Loading message. (Case 00556250) Addressed an issue that caused a Disk is Full error message and prevented users from viewing Device Control outputs. (Case: 00565908) Addressed an issues that caused device plug-in fields, including credential fields, to clear when the Device page loaded. (Cases: 00562307, 00562318, 00562338) Thank you, Release ManagementRemediation with Restorepoint (Part I)
The Basics It’s important to understand that remediation options are part of the compliance rule definition, not the policy. That means a single policy can contain rules with different remediation options. To see the remediation options, go to Compliance --> Device Policies, open up a policy, and bring up the rule editor by either creating a new rule or selecting an existing one. You will see the “Remediation” drop-down menu: 1 - Remediation Type "Manual" The first and simplest remediation type is “Manual”. This is simply a text string providing instructions to an operator who is responding to a compliance alert. For example, a simple rule that checks for the existence of a default “public” SNMP community on a Cisco IOS device could have these very simple instructions: When a device is in violation of this rule, the remediation text will be included in the alert that gets generated. Here, in an email alert: 2 - Remediation Type "Automatic" The second remediation type, “Automatic”, lets you specify a series of commands to execute on the device. For example, to enable auto-remediation of our example “No Public SNMP Community” rule, you could run the “no snmp-server community public” IOS command: When a device is in violation of this rule, the specified commands are automatically executed on the device, bringing it back into compliance. 3 - Remediation Type "Command" The final remediation type, “Command”, is similar to “Automatic” except that, instead of entering the commands to run on the device, you can specify a previously saved Device Control script to run. In our example: Here, the "Remove Public SNMP Community" script has previously been saved and contains the same commands we used in the "automatic" example: Since device controls can be created as Lua scripts instead of simple lists of commands, using the “command” remediation type allows for more complex actions. Summary The goal of this article was to introduce the different Remediation options in Restorepoint. Remember: You don't have to add remediation steps to every rule in a policy -- and the ones you do add don't have to be of the same type. Even if you are not ready to enable automatic reconfiguration of devices in your environment, don’t be afraid to add a “manual” Remediation action to your compliance rules. Coming soon, I’ll post a follow-up article about using variables and Lua scripting to improve on the simple remediations we used today.Restorepoint 20240814
Reminder: Restorepoint v5.5 is EOL on August 31, 2024. Enhancements: Enabled option to disable SSH strict host key validation between Strict (current) and None (logging when the key changed) on the global and device levels. (5.6) Implemented a retry mechanism for the archive process so that users can configure the number of retries and the retry interval, both set at 0 default. If configured, any archive process step that fails will be retried set number of times and the archive process will fail completely only if all the retries fail. (5.6) Bug fixes: Addressed an issue in which users were unable to export single-selected .tgz files for configurations. These filetypes are now extracted to a directory so that when users attempt to export a single-selected file they are successful. (Case: 00445520) (5.6) Addressed an issue so that SSH key owners and permissions work properly when restoring an archive from CentOS6 to OL8. (Case: 00443673) (5.6) Addressed an issue in which SNMP fingerprint output tiles exposed security data. (Case: 00418761) (5.6) Updated startup logic so that backup sizes are calculated in the background, ensuring the user interface is instantly available. The Storage Data Usage page displays the message "Back up data size calculation in progress..." until it completes. (RES-3467)(5.6) (5.6) Improved the TCP Dump enumeration so that appliances with multiple NICs will determine which interface to dump with, trying until an interface provides dumping capability. Also improved error handling so that the TCP dumps that fail to start will issue error reports. (Case: 00427074) (5.6)Restorepoint 20241121 Release Notification
We are please to announce that Restorepoint 20241121 has been released with the following updates: Addressed issues in which: the Device Control Action Names were displaying as "Unknown", existing command outputs did not display for users in the Test Rule modal, the "Select All" options on the Device table did not operate when the "Disabled=True" filter was applied, users received an error message when clicking the Test Connection button on any device, restoring appliance backups required additional checks to ensure both their integrity and handling of legacy database dump formats were intact from CentOs 6.8-based appliances to an OL8-based one. Updated the Restorepoint API to enforce specificheaders. Updated the appliance backup process so that users now receive verification messages in conjunction with additional checks of the archive and backups within the archive. Update the API call logs to include user information, such as User ID, Username, and User address.
