The default script for log restoration restores all type of logs for selected tenant/appliance. The default method is not useful if only search logs are lost or a specific log is needed to be restored, as it will also restore all stats logs which can cause duplicate records for stats.

 In case the requirement is to restore specific logs or all search logs only then we can use attached script.

Usage of this script is as follows:

[versa@Analytics: ~] $ sudo python3 search_log_restore.py

[sudo] password for versa:

Please select if logs needs to be restored for a specific tenant or all tenants:

1. Specific tenant

2. All tenants

Enter your choice (1 or 2): 1    <<<<< Choose this option to restore logs for single tenant or all tenants

Enter Tenant: Org1                  <<<<< Enter org name if a single tenant is selected in previous option

Please select if a specific log type need to be restored or all logs:

1. Specific log type

2. All log types

Enter your choice (1 or 2): 1  <<<<< Select this option to restore a single log type or All Search logs.

Available log types:

1. cgnatLog

2. dnsfLog

3. dosThreatLog

4. fileFilterLog

5. accessLog

6. flowIdLog

7. idpLog

8. ipfLog

9. urlfLog

10. avLog

11. alarmLog

12. lteStatsLog

13. dhcpRequestLog

14. lteEventLog

15. saseWebLog

16. sslSessionLog

Select one log type from above list (Choose from 1-16): 11     <<<<< Select the log type (For ex here alarmLog are selected)

Enter Start Date (yyyy-mm-dd): 2024-01-01                             <<<<< Enter Start Date

Enter Start Time (HH:MM): 00:00                                               <<<<< Enter Start Time

Enter End Date (yyyy-mm-dd): 2024-06-30                               <<<<< Enter End Date

Enter End Time (HH:MM): 00:00                                                 <<<<< Enter End time

Base directory /var/tmp/archive/tenant-Org1 does not exist.

Filtered logs have been written to /var/tmp/log/.