What Is an Automated Storage System?
Today, information systems have become more and more indispensable in our work, just like power, transportation, and communication systems. It is imminent to attach importance to the security and stability of information systems, otherwise a small failure or human error will often cause major losses. In modern society, more and more businesses are seeking to implement business continuity solutions to ensure that the business can continue to operate in any state. This is where automated storage can help. Automatic storage is the automatic storage of integrated information under the premise of business continuity to protect information from being lost, while managing complex information and reducing costs.
- Today,
- An unstable and unprotected infrastructure will hinder the agency's ability to successfully escape from various types of outages. Just restoring information systems does not solve the problemthey need to restore business operations. It is generally considered that 50% or less of it is important. Recently, it has been found that the interdependence of data and applications has increased the proportion of important data to 80%.
- EMC Automated Network Storage helps governments / enterprises protect critical assetsthe interdependence of data makes all applications critical. Integration can achieve comprehensive protection, can make multiple local or remote copies of data when needed, and can perform protection processes while the business is accessing the data normally.
- With automated network storage, customers can completely eliminate troublesome and unreliable
- In the realization of automatic backup of system logs, we must consider the security of the server. The server is usually placed behind a firewall. By default, all the ports of the firewall are closed. What port the server needs, what port is opened on the firewall. Generally, we just open a few ports such as 80, 20, 21, and so on. The fewer ports open, the more secure the system. From the perspective of security, the use of folder sharing and other methods to achieve automatic backup of system logs will use ports such as 139, which will have serious security risks. Although opening port 139 can provide shared services, it is often used by attackers to attack. For example, using port scanning tools such as streamer and SuperScan, you can scan port 139 of the target computer. If a vulnerability is found, you can try to obtain a user name and password. This is very dangerous. Port 21 is the default port used to implement FTP file transfers, so you can use FTP to remotely back up logs [2] .
Windows Automatically store Windows system log backups
- For servers using the Windows operating system, automatic and regular backup of system logs is achieved through FTP transfer, and WSH (Windows Script Host) is required for script programming. WSH is script host software provided by Microsoft Corporation and is included in the WScript.exe and Cscript.exe files. Wscript.exe is currently used as the script host. Microsoft provides two languages, VBScript and Jscript (the Microsoft version of JavaScript) as scripting engines. The so-called script is actually a plain text file with the file extension VBS or JS. Wscript.exe uses different scripting engines to execute the corresponding script files. WSH contains two files, SCRRUN.DLL and WSHOM.OCX.
- The operating system log files cannot be copied directly. You must manually package the event logs in the event viewer or use special software tools. We install a tool called Microsoft Product Support Reporting Tool on each server. This software records information about many operating systems after each run. This includes system logs. The system log is saved in * .evt file format. After the software is installed, there is a file named MPSRpt.cmd, which is placed in the scheduled task. Considering that the log transmission will affect the performance of the server, it is assumed that it is set to execute at 2:00 every day. The event log is automatically backed up to the local machine, and then a script ftpbak.txt that uploads the system log to the specified FTP space is written, the code is as follows:
open 10.10.2.23 / log in to the specified FTP server syslog / FTP username putlog / FTP password binarylcd C: \ WINDOWS \ MPSReports \ Setup \ Reports / Specify the local upload directory put WZDX-CMET_Application.evt / upload "Application" event put WZDX-CMET_System.evt / upload "System" event bye / exit FTP
- Put the script ftpbak.txt in the c: \ directory, and write a batch script startup-ftp.bat to start the FTP command and call the ftpbak.txt file. code show as below:
C: \ WINDOWS \ system32 \ ftp.exe -s: c: \ ftpbak.txt
- Add the script start-ftp.bat to the scheduled task and set it to execute at 2:30. In this way, the generated log file is automatically transferred to the specified FTP space [2] .
Linux Automatically store Linux system log backups
- For servers using the Linux operating system, automatic and regular backups of system logs can also be implemented via FTP transfer. Various logs of Linux systems are usually placed in the / var / log directory. The scheduled tasks of Linux are used here to realize the automatic transfer of log files. In Linux systems, cron tasks are usually undertaken by cron, and cron can be set to start automatically at boot time. After cron starts, it reads all of its configuration files (global configuration file / etc / crontab, and each user's scheduled task configuration file), and then cron invokes work tasks on time according to commands and execution time. After opening crontab with vi, you can see the following information:
SHELL = / bin / bash PATH = / sbin: / bin: / usr / sbin: / usr / bin MAILTO = root HOME = / # run-parts 01 * * * * root run-parts /etc/cron.hourly 30 15 * * * root run-parts /etc/cron.daily 22 4 * * 0 root run-parts /etc/cron.weekly 42 4 1 * * root run-parts /etc/cron.monthly
- According to this, we can know that there are four directories under / etc /: cron.hourly, cron.daily, cron.weekly and cron.monthly. Just put the scripts that need to be executed hourly, daily, weekly, and monthly according to the plan You can do it in the corresponding directory. The cron configuration schedule task is written in the format: minutes hour day month week [user name] command. The first field should define: minutes, which means the minute of each hour to execute, the range is 0-59; the second field should define: hours, which means to execute from the first few hours, the range is 0 -23; the third field should be defined as: date, which means to execute from the day of each month, range 1-31; the fourth field should be defined: month, which means to execute on the first few months of each year, range 1-12; The fifth field should be defined as: week, which indicates the day of the week to execute, ranging from 0-6, where 0 represents Sunday; every six field should be defined: the username, which is the execution program Which user to execute through, this can be omitted; the seventh field should define: the command and parameters to be executed.
For example, set the transmission time of the system log to 15:30 every day, and put the script ftpbak.sh to send the log in the /etc/cron.daily/ directory. The code of Ftpbak.sh is as follows:
#! / bin / shecho "open 10.10.2.23 / * Connect log server with open * / user syslog putlog / * Enter username and password * / binary / * Transfer in binary * / hash / * When there is data transmission, show ## * / lcd / var / log / * Change to the directory where the log is located * / put messages.1 / * Upload log information * / bye "| ftp -n / * Execute ftp command * /
- In this way, the Linux server will automatically transfer its own log to the log server at the specified time. At this time, there is still a problem. According to the script program we wrote, the log file names uploaded daily are the same. In this way, the logs uploaded today in the log server will overwrite the logs uploaded yesterday. So you need to write a script rename.vbs to rename the log files in the log server. code show as below:
dim time
'Convert today's date to a string time = CStr (Date ())
Set objFSO = CreateObject ("Scripting.FileSystemObject")
'Append date to application event file name objFSO.MoveFile "e: \ log \ WZDX-CMET_Application.evt", time & "-" & "WZDX-CMET_
Application "&" .evt "
'Add the date objFSO.MoveFile "e: \ log \ WZDX-CMET_System.evt" to the system event file name, time & "-" & "WZDX-CMET_System"
& ".evt"
'Add date to the Linux system log objFSO.MoveFile "e: \ log \ messages.1", time & "-" & "messages.1"
- Add the rename.vbs script to the scheduled task of the log server and set it to run automatically at 3:00 every day. This completes the remote automatic backup of the system's logs via port 21 [2] .