Backup verification script
backup_tool_script is a script to check backup sanity on the server.
backup_tool_script can verify a given number of backups for each client. It can
run verify operations in parallel, interleaving different client backups in
order to prevent performance bottlenecks on backend storage.
* Run verify operations, but stop after a given amount of time, leaving the
system ready for backup operations.
* List clients that have outdated backups. It uses two different methods to
list clients in order to detect rogues.
* Ensure that the server service is running properly, relaunch it if needed,
on a scheduled basis.
* Summarise all most recent backups containing warning messages.
* Send a warning / error when problems are found, even while operating.
* Check disk quotas and send a warning when quotas are exceeded.
* Launch vss_strip for each file found in a given directory.
* Show a calendar of successful backups (Thanks to https://github.com/hakong)
You will find the script here:
Even though it is installed on both client(s) and server, it is intended
for use by a system administrator on the host running the burp server, as it
needs access to the backup storage backend, the server process and its
configuration files. In a standard installation, it needs elevated (root)
privileges (e.g. sudo backup_tool_script ...).
To begin with, modify the script and configure the following variables:
Some unique string to identify the instance of the script, given
that you may run multiple versions with different settings.
The warning / error email subject.
Amount of time for each verification process (in seconds), after which a
warning message is sent.
Amount of time for each verification process (in seconds), after which the
process is forcefully stopped.
Amount of global time (in seconds), after which a warning message is sent.
Amount of global time (in seconds), after which all verification operations
are forcefully stopped.
If client isn't idle, should we postpone it's verification (YES/NO).
Amount of time (in seconds) after which a postponed verification is tried
Number of times a postponed verification is retried.
Path to the burp executable.
Which service system your are using. Can be set to "initv" or "systemd".
How many simultaneous verify operations will be launched.
The path given to backup_tool_script must be the path that leads to every
client directory, regardless of protocol 1 or 2 usage (for protocol 2, you'll
have to dive into dedup group directory).
Check for clients that don't have backups newer than 3 days:
backup_tool_script -d /path/to/clients/backups/dir -o 3
Launch backup verification for last 7 backups for each client:
backup_tool_script -d /path/to/clients/backups/dir -v 7
Run with a different client configuration file (default is /etc/burp/burp.conf)
and check for clients that don't have backups newer than 5 days:
backup_tool_script -c /etc/burp/burp-client.conf \
-d /path/to/clients/backup/dir -o 5
Run vss_strip for all files in /tmp/burp_restore:
backup_tool_script -s /tmp/burp_restore
Check that the burp service is running:
backup_tool_script -j burp
Check for warnings in most recent backups:
backup_tool_script -d /path/to/clients/backups/dir -w
Check for exceeded quotas in most recent backups:
backup_tool_script -d /path/to/clients/backups/dir -q
Example of full configuration, which checks the service health, checks for
outdated clients, verifies the most recent 5 backups, checks for warning in the
most recent backups, and sends a report to an email address specifying a
trivial instance name:
backup_tool_script -d /path/to/clients/backup/dir -o 3 -v 5 -j burp \
-c /etc/burp/burp.conf -w --firstname.lastname@example.org \
Show calendar of successful backups:
You can check the full syntax simply by running the script without any
Client inclusions and exclusions
You may want to include / exclude some clients on the checks.
backup_tool_script uses grep compatible regular expressions to do so.
Inclusions are evaluated before exclusions.
Example - Include all clients which names begin with "servers", and exclude
backup_tool_script -i servers.* -e ".*" -d /path/to/clients/backup/dir
Example - Exclude all clients which names begin with customerX:
/usr/local/share/burp/scripts/backup_tool_script -e customerX.* \
Once you have found the right settings for your usage, you may schedule the
script by adding a cron entry.
Example - On RHEL / CentOS, add the following line to /etc/crontab in order to
run the script every day at 10am:
00 10 * * * root /usr/local/share/burp/scripts/backup_tool_script <args here>
On Ubuntu, you'll need to remove the "root" username on the crontab line.
The tool can detect that a backup is currently running and will postpone
verifications, but considering that backups may occur nightly depending on your
configuration, it would make more sense to run verifications out of the backup
Be aware that if you run the verifications while performing backups, backup
numbers may change, so verifications may fail.
This is especially true when trying to check more backups than the actual
Example - keeping 7 daily backups with 'keep 7':
If you launch backup_tool_script with -v 7, if the verification happens while
backing up, the 7th backup may be deleted after successful creation of the new
up to date backup, and backup_tool_script will fail verifying the 7th backup it
listed on script start.
In order to avoid this, verify the last 6 backups when having 7 rotating
copies, or simply let backup_tool_script run only when no backups are currently
You may want to send an email directly whenever no recent backups are found or
disk quotas exceed.
In this case, you have to add an email address to the client configuration
Exmaple in /etc/burp/clientconfdir/test.local:
label = email_address : email@example.com
With this additional information, the script can send an email directly to the
In order to send an alert on exceeded quota, add the '-A' parameter or
In order to send an alert on outdated backups, add the '-a' parameter or
Additionally, you may want to customize the messages sent. Please see the
configuration header in the file in order to customize the emails.
You may use placeholders for clientname, disk quotas statistics and outdated
By default, backup_tool_script logs to:
If /var/log is not writable, it will log to:
Customisation and development
As of today, the script should work on all linux platforms.
Some work is needed to make some regular expressions work on *BSD.
Feel free to fork and help. :)
Orsiris de Jong