8. Application Maintenance

8.1. Backup and Recovery

It’s important to make sure your Cyber Triage® data is backed up. This section outlines the key concepts for that. The procedures outlined in this section assume that the backed up data will be restored to the same versions of Cyber Triage and, if applicable, PostgreSQL.

8.1.1. Data Directory

All versions save a lot of data to the “data directory”, which by default is the AppData\Local\cybertriage folder for the user that Cyber Triage® is running as. This directory should be backed up.

You can see the specific path in the General tab of the Options panel.

Cyber Triage Logo

Note that it is possible to change the data directory (as outlined in Changing Where Data is Stored). If you do that, ensure the new directory is also backed up.

The “SessionFiles” folder in the “Data Directory” will contain copies of previously imported hosts. You can exclude these from the backup to save space.

8.1.2. PostgreSQL

If you have a Team deployment with PostgreSQL, then refer to its standard procedures for backing up the PostgreSQL databases.

8.2. Reducing Data Directory Size

Cyber Triage stores copies of previously imported hosts in the “SessionFiles” folder in the “Data Directory”. These exist to ensure that you can reload data that comes in from over the network in case of corruption or crash. You can periodically delete old copies of these files.