Hi Mostafa, as outlined above by Paul and myself, the short answer is they (data) wont be migrated by any single method.
1st of all: domain and (multi)Tenant configs are stored in postgres db as you probably know already, not ariel db which is data only. Thats why rsyncing wont help. Dont focus on that. In the end your tenants config will run in the tenant containers which need to be created anyway, i.e. pls create your domains and tenants manually using your imported logsources and networks. Your main problem is getting the config data moved from deployment 1 to deployment 2. That requires export and import of all tenant specific config data, which will create new database ids for the different object types when being created. The script I have mentioned is outdated so not sure if it still works. But the new export/import functions will cover at least 80% of your migration steps.
Good luck!
Karl
------------------------------
[Karl] [Jaeger] [#ibmchampion]
[QRadar Specialist]
[cnag]
[Siegen] [Germany]
------------------------------
Original Message:
Sent: Sat March 08, 2025 08:19 AM
From: Mostafa Abdelshafay
Subject: Migrating tenants from an AIO to another existing AIO multi-tenant appliance
Hi Karl,
Can you please advise how data will be migrated from a certain tenant in deployment 1 to another tenant in deployment 2 or how data will be migrated from the Qradar console AIO to a certain tenant in Multiant deployment?
if we create a domain and tenant for new deployment and use rsync to transfer data from the store ariel folder in the old deployment to the store ariel folder that is related to new deployment tenant, will it work or what should i do.
Thanks,
Mostafa
------------------------------
Mostafa Abdelshafay
Original Message:
Sent: Fri May 05, 2023 08:45 AM
From: Karl Jaeger
Subject: Migrating tenants from an AIO to another existing AIO multi-tenant appliance
Hi Stephen,
Paul is quite right regarding config talking backup and CMT. Both approaches are limited and will create new dependencies based on your migration scenario. Won't help you, as your domain IDs and everything else will use different number on both systems to be merged.
As Qradar offers multiple export options now using CSV files (e.g. mutit tenant net hierarchy, multi tenant logsources etc) I would rather go this way. The exported files are much easier to handle. For those resources that do not offer CSV export right away please use API calls. Merge your CSV files before import. For your log sources use bulk import and add your domain ID where needed as well as other attribute fields. Use copy and paste when using GUI functions. Logsource group IDS and other attributes can easily be added manually. For net hierarchy use Ralphs script for export to make CSV files and merge them before import. Don't hesitate to ask for details as we have done migration projects from non multi tenant to multi tenant as well as multi tenant to multi tenant plus multi tenant special training.
https://community.ibm.com/community/user/security/blogs/ralph-belfiore1/2022/11/10/network-hierarchy-management?CommunityKey=f9ea5420-0984-4345-ba7a-d93b4e2d4864
Regards
Karl
------------------------------
[Karl] [Jaeger] [Business Partner]
[QRadar Specialist]
[pro4bizz]
[Karlsruhe] [Germany]
[4972190981722]
Original Message:
Sent: Thu May 04, 2023 08:01 AM
From: Stephen Woods
Subject: Migrating tenants from an AIO to another existing AIO multi-tenant appliance
Hi,
We have an AIO console with 7 tenants which is going EOL. We want to migrate the 7 tenants to another multi-tenant environment which currently hosts 23 tenants.
Is it possible to do this by using the config backup? I'm thinking there might be a clash with tenant ids, domain ids etc.
Has anyone done this before? or can advise on the best approach to merging the 2 AIO appliances
Regards
Stephen
------------------------------
Stephen Woods
------------------------------