7.6 Export Import Tool

The Export Import tool is used to export policies from a single source forwarder to one or more destination forwarders. The tool is bundled with the Policy Editor package.

NOTE:Before running the Export Import tool, ensure to create a policy in the source forwarder.

This section provides the following information:

7.6.1 Prerequisites

  • Download Policy Editor. To install the Policy Editor, see Installing Policy Editor.

  • Download and install .Net Core Runtime Framework 5.0 in the same machine where Policy Editor is installed. To install the framework, download the pe_prerequisite.zip file.

  • Add the IP address of the installed Policy Editor in the below file location of the source and destination forwarders:

    /opt/arcsight/connectors/changeguardian/var/opt/novell/sentinel/3rdparty/postgresql/data/pg_hba.conf in the format:

    host all all <PE windows box IP>/32 md5

  • Update the Postgress configuration file path and properties in the source and destination forwarders to the following:

    /opt/arcsight/connectors/changeguardian/var/opt/novell/sentinel/3rdparty/postgresql/data/postgresql.conf.

    • Listen_address = '*'

    • Port = 5432

    • standard_conforming_strings = on

  • NOTE:Instead of the Postgress Configuration Property under listen_address, you can also provide the IP address of the servers from where the policy needs to be imported.

  • After adding the configuration, restart the db with the below commands:

    rcsentinel force_stopdb

    rcsentinel startdb

7.6.2 Exporting and Importing Policies

To export and import policies from source forwarder to different destination forwarders, perform the following procedure:

  • Navigate to the location <installedfolder>\NetIQ\ChangeGuardianPolicyEditor\ExportImportTool.

  • Open the command prompt and perform the following steps:

    • If there is a single source forwarder and a single destination forwarder, run the below command:

      ExportImportTool.exe Connect --sh <Source Forwarder IP Address> --su dbauser --dh <Destination Forwarder IP Address> --du dbauser.

    • If there is a single source forwarder and multiple destination forwarders, run the below command:

      ExportImportTool.exe Connect --sh <Source Forwarder IP Address> --su dbauser --dh <Destination Forwarder 1 IP Address>#<Destination Forwarder 2 IP Address> --du dbauser.

  • Enter the source forwarder and destination forwarder passwords.

NOTE:When you provide multiple destinations to a single source forwarder, ensure to set the same password to all destination forwarders.