search cancel

Temporarily connect to a backup copy of the Data Loss Prevention protect database


Article ID: 163423


Updated On:


Data Loss Prevention Enforce


There may be situations in which a backup of the Data Loss Prevention (DLP) database needs to be accessed to review incidents that were inadvertently deleted. Follow the steps below to do this while still maintaining the operation of the detections servers.


  1. Stop all Enforce server services in the following order:
    • Vontu Monitor Controller
    • Vontu Incident Persister
    • Vontu Manager
    • Vontu Notifier
  2. Open the file in \SymantecDLP\Protect\Config\ and edit the jdbc connection string per TECH218967 linked below in Related Articles.
  3. Start Vontu Notifier and Vontu Manager (these connect to oracle and allow you to use the Enforce console respectively). DO NOT start the other two services. Those connect to the detection servers and process incidents. We do not want incidents being persisted to the backup database.
  4. Complete your review of incidents and export to a web archive if desired (refer to the Export Web Archive section in the DLP Administrator's Guide).
  5. Stop Vontu Manager and Vontu Notifier
  6. Revert changes made in Step 2
  7. Start the Enforce Server services in the following order:
    • ​​Vontu Notifier
    • Vontu Manager
    • Vontu Incident Persister
    • Vontu Monitor Controller
    • Vontu Update