Veeam APIs

What are Veeam Data Integration APIs?
Veeam Data Integration API is a set of Veeam PowerShell cmdlets that allows you to represent data of backup files as a mounted Windows folder. You may want to use this option when you need an existing application to be able to access backed-up data in a read-only manner.”

"Data integration API: The Veeam Data Integration API is best consumed through PowerShell and is part of Veeam Backup & Replication. This capability allows the data of backup files to be exposed as a mounted Windows folder and it allows you access data that is available in the backup created by Veeam Backup & Replication. This capability is a great new technique as a weapon in the war against ransomware, and additional scans can be done on data that has already been backed up."

"This ransomware resiliency technique can provide additional scans of backups for threats, including using additional more-invasive tools that may not be used on production workloads. Additionally, if endpoint backups are in Veeam repositories, there is an incredible surface area to analyze for potential threat introduction."

“A cmdlet is a specialized .NET class that interacts with Microsoft .NET Framework objects. Each cmdlet acts as a single-function command that can perform multiple operations with these objects. Objects represent instances of the Veeam backup infrastructure: jobs, databases, restore sessions and so on.”

Reuse your data to drive innovation Webinar

Sample: "data integration api.ps1.txt" (Click here)

# Add the Veeam PowerShell snapin - if it is already loaded continue silently with no error

Add-PSSnapin VeeamPSSnapin -ErrorAction SilentlyContinue


# The backup variable $backup is populated by the cmdlet Get-VBRBackup which will return info regarding the backup data

$backup = Get-VBRBackup -Name "BJ-core"


# Provide the host name of the target server (where eveything will be mounted)

$targetServerName = “172.21.237.40”


# Provide the credentials to access the remote server example: lab\administrator

# These must be stored within the Credentials manager in Veeam Backup & Replication

$targetAdminCreds = Get-VBRCredentials -name "lab\administrator"


# Get-VBRRestorePoint is where you find the restore point you wish to use, -Last can be used for the amount of objects you wish to go back

# $restorepoints = Get-VBRRestorePoint -Backup $backup | Sort-Object –Property CreationTime | Select -Last 1

$restorepoints = Get-VBRRestorePoint -Backup $backup | Sort-Object –Property CreationTime



foreach ($point in $restorepoints) {

# Publish the disks for the restore points via the Publish-VBRBackupContent cmdlet

$session = Publish-VBRBackupContent -RestorePoint $point -TargetServerName $targetServerName -TargetServerCredentials $targetAdminCreds


# Obtaining information about mounted disks

$contentInfo = Get-VBRPublishedBackupContentInfo -Session $session


Write-Host "`nBackup Job Name:" $session.BackupName "`nRestore Point:" $session.RestorePoint "`nVM Name:" $session.PublicationName

# Produce a report showing what mount points were published and where

foreach ($contentType in $contentInfo) {

Write-Host "================================"

$disks = $contentType.Disks

Write-Host "Mounted Disk:" $disks.DiskName

Write-Host "Mounted At:" $disks.MountPoints

Write-Host "Mounted As:" $contentType.Mode

Write-Host "Available From:" $contentType.ServerIps "(Port:" $contentType.ServerPort ")"

Write-Host "Available Via:" $disks.AccessLink

Write-Host "================================"

}

}

"By leveraging PowerShell, you can work with the API and mount ANY virtual disk from ANY virtual machine. If you want, you can even use all your backups and present all disks at once! There is no limitation on the amount of data you mount and want to re-use."

“Instead of impacting your production environment, why not leverage your backups to scan for malware, ransomware and other security threats? This takes the burden off your environment and enables you to test your backups for harmful actors which may not trigger until a later event.”

  • "Veeam PowerShell 101 (Beginners Guide) - Handout.pdf" - Contact me

PowerShell Cmdlet Examples: Add, Clear, Connect, Convert, Copy, Deploy, Disable, Disconnect, Eject, Enable, Erase, Export, Find, Get, Import, Install, Move, New, Publish, Remove, Rescan, Reset, Restart, Restore, Save, Send, Set, Start, Stop, Sync, Test, Undo, Uninstall, Unmount, Unpublish, Update.

  • Publish-VBRBackupContent - Mounts the content of backup files using the iSCSI protocol.

  • Get-VBRPublishedBackupContentSession - Returns sessions that are running to mount the backup content to iSCSI target servers.

  • Get-VBRPublishedBackupContentInfo - Returns details on the mounted content of backup files.

  • Unpublish-VBRBackupContent - Unmounts content of backup files from iSCSI target servers.

"Once the disks are mounted, you can see them in the well-known VeeamFLR folder, however, they will also be available via Windows Disk Management."


  1. Beat ransomware: Education, Implementation and remediation with Veeam - 30 page PDF (see page 20)

  2. Veeam Data Integration API - Veeam Help Center

  3. Data Integration API - Getting started - Veeam Forums

  4. Veeam Availability Suite v10 - Data Integration API Demo - 5:09 video

  5. Veeam Backup & Replication V10: Data Integration API Examples - Neils Engelen

  6. Machine learning on your Veeam backups? Sure! via the Data Integration API - Ben Young

  7. Veeam Instant NAS Recovery in v11, Malware Detection and Machine Learning - Ben Young

  8. Accessing Linux Volumes with the Veeam Data Integration API - Anthony Spiteri

  9. Veeam Backup & Replication V10: Data Integration API Examples - "Virtual Bits and Bytes"

  10. Veeam V10 Data Re-use: Part 1- Data Classification - "Mr. IT Surgeon"

  11. Multi Engine Malware Scanning on your Backup Data? Veeam Data Integration API makes it possible with MetaDefender Cloud - Ben Young

  12. benyoungnz/getting-started.ps1 - GitHub code


Data integration API: The Veeam Data Integration API is best consumed through PowerShell and is part of Veeam Backup & Replication v10 . This capability allows the data of backup files to be exposed as a mounted Windows folder and it allows you access data that is available in the backup created by Veeam Backup & Replication . This capability is a great new technique as a weapon in the war against ransomware, and additional scans can be done on data that has already been backed up .

This ransomware resiliency technique can provide additional scans of backups for threats, including using additional more-invasive tools that may not be used on production workloads . Additionally, if endpoint backups are in Veeam repositories, there is an incredible surface area to analyze for potential threat introduction .

Due to the inherent fragmentation of ransomware threats, it is possible the encryption search may not show files that are encrypted from a threat . The possibility of Veeam Data Integration API in coordination with some of the preferred toolkits in each IT organization’s area of expertise are compelling in bolstering the visibility of threats before they are exposed at a larger scale . There is also incredible opportunity to use the Veeam Data Integration API in larger automation scenarios . Consider implementing workflows that take backups, perform SureBackup jobs and then automatically use the data integration API to perform more intensive scan tasks post-backup that may not be done on production workloads . This is an opportunity to reduce the time from threat introduction to threat exploit