GUI: Configure Agent Settings



This article discusses the functions of the Configure Agent Settings tab of the Datto appliance GUI.


  • Datto SIRIS
  • Datto ALTO


To configure the settings for an agent after pairing it with the device, access the Datto device's GUI, click the Protect tab, choose the protected machine that you want to configure, and click the Configure Agent Settings link.



Pause Backups

This option allows administrators to pause local backups. This is of particular use if you are reconfiguring settings and do not want a backup to begin.

Figure 1: Pause Backups interface

If you attempt to enable backups that have been paused by a Rescue Agent, you will see the warning shown in Figure 2.

Figure 2: Rescue agent alert 

Pause Cloud Backups

Here, you can pause and resume offsite synchronization to the cloud.

Cloud management options are not available on appliances with local-only billing plans.

 Figure 3: Pause Cloud Backups interface 

Local Backup & Retention

In this section, you set the interval and schedule for local backups. The default is to run hourly backups from 9 am to 6 pm, Monday through Friday, which results in 55 backups per week.

Figure 4: Local Backup Interval and Schedule, default settings

You can change the settings that are underlined in the UI. To do so, click on the setting, and you will see a drop-down menu. If you want to keep the same schedule on the weekends, click Monday through Friday, and change it to every day. If you would like a different schedule on the weekends, check the box that says In addition, Saturday and Sunday backups should be performed at. You will then see available times for Saturday and Sunday backups. You must click Apply or Apply to All to save your changes. Apply to All will change the settings for all protected machines.

For a customized schedule, click the Custom settings link.

Figure 5: Local Backup Interval and Schedule, custom settings

In the custom schedule, you can select a custom schedule and interval for your backups. To save your changes, click Apply or Apply to All.

The default retention keeps local backups on the device for 3 months. You can change this by clicking on the underlined option.

Figure 6: Local Retention, default settings

By default, intra-daily backups are retained for 7 days. After 7 days, it keeps daily backups for 1 week. After 1 week, it keeps weekly backups for 1 month. After that, monthly backups are kept for 3 months.

To set custom retention settings, click on the Custom settings link.

Figure 7: Local retention, custom settings

To learn more about how retention works, see the article Understanding The Retention Process.

Cloud Backup & Retention

Cloud management options are not available on appliances with local-only billing plans.

Figure 8: Cloud Backup Interval and Schedule, default

By default, your backups replicate to the Datto Cloud once per day. To change this, click the Custom settings link. Remember that offsite replication consumes bandwidth. You can set a sync priority for the agent to determine which agent's backups get sent to the Cloud first.

Figure 9: Cloud Backup Interval and Schedule, custom

Remember to click Apply or Apply to All to save your changes.

By default, backups are kept in the cloud for 6 months. You can change this by clicking the underlined option ("6 months").

Figure 10: Cloud Backup Retention, default

By default, the Cloud retains all intra-daily backups for 7 days. After that, it keeps daily backups for 1 week. After that, it keeps weekly backups for 1 month. And then after 6 months, the monthly backups are deleted. To change these settings, click Custom settings.

Figure 11: Cloud Backup Retention, custom

For more details about the retention process, see the article Understanding The Retention Process.

Backup Engine Options

Application Aware VSS w/ STC fallback

This option allows you to pick which backup engine the agent will use for backups. The Datto device will attempt to first do a Microsoft Shadow Copy Provider or Datto Windows Agent VSS backup (depending on the type of agent installed). If this fails, then it will attempt a crash consistent state backup using the Storage Craft (STC) or Datto Backup Driver (DBD) VSS Provider (depending on which agent is installed).

  • On ShadowSnap-protected devices, the Application Aware VSS with fallback option will fallback to STC
  • On Datto Windows Agent-protected devices, the Application Aware VSS option will fallback to DBD

Figure 12: Backup Engine Interface Showing the ShadowSnap Agent's fallback to STC option

Figure 13: Backup Engine Interface Showing the Datto Windows Agent's fallback to DBD option

Application Aware VSS & STC/DBD Backup Engine

The Application Aware VSS refers to the use of the VSS Provider. which interacts with supported applications to provide backups as the the applications are running. Unlike the Microsoft Shadow Copy Provider, the backup provided by the STC or DBD Backup Engine is not application-aware as it simply provides a backup equal to that of a crash-consistent state. A crash-consistent state backup can be compared to the state that the system will be in directly after a hard reboot, such that data in processing may not be saved properly. To learn more about VSS writers, see this article.

Volume Level Backup Control

This option allows you to exclude backups on a volume-by-volume basis for the agent.

Figure 14: Volume Level Backup Control

Warning: By choosing to exclude volumes that contain system or boot information from your regular backups, you may inadvertently disable the ability to perform screenshot verification on all snapshots. If you decide to re-include the volume, it will be forced to take another full.


Screenshot Verification

This feature boots and screenshots recovery points created by the agent. This way, it can be ensured that the agent will boot successfully in a restore. By default, a screenshot is performed on the latest recovery point of the day. It can be configured for screenshots on the first recovery point of the day or on custom schedule. Normally screenshots are taken at the moment the VM launches the login screen. If the login screen is not showing in screenshots, increasing the additional wait time can allow the system more time to boot fully.

To learn more about configuring screenshot verification, see this article.

Backup Verification Scripts

This feature allows you to use scripts allow you to perform advanced verification of the quality of your backup. For example, a script could open a SQL Server database and validate that a particular table existed. At the schedule defined, the system will execute your scripts in the order they are uploaded below and return positive or negative results. In the event that a script returns a negative result, this will trigger a warning notice.

To learn more about configuring backup verification scripts, see this article.

Reporting & Alerting

Ransomware Detection

Ransomware Detection tests your backup for signs of ransomware. This can detect early stages of ransomware infection, and allow you to intervene before it spreads. In the event that potential ransomware is found, this will trigger a warning notice email, so ensure that warning notices are monitored.

To learn more about ransomware detection, see this article.

Weekly Backup Report

The Weekly Backup Report is an emailed report that gives you a summary of an agent's backups for the week.

To learn more about configuring this report, see this article.

Critical Error Alerts

If configured, this option allows the Datto appliance to send alerts regarding critical error states where local snapshots for an agent are no longer occurring, and are unable or unlikely to resume.

Warning Notices

If configured, this option allows the Datto appliance to send alerts regarding an error condition where a warning state has occurred. A single snapshot for an agent may have been missed, but future snapshots are likely to resume.

Log Digests

The Log Digests option sends a midnight log digest of the last 24 hours of activity for an agent. Note: These digests can be quite long and are very verbose.

See this article for more information about setting up critical error alerts, warning notices, and log digests.


Secure File Restore & Export

Ensures that while Recovery Point File Restores and VMDK/VHD exports are mounted on the SIRIS that they are not accessible to anyone else on the local network. The dropdown box lists available users that can be set to have access credentials for the share when data is being mounted on the SIRIS. Users are added through the Local Users/Contact page of the SIRIS Web Console.

By default this option is set to disabled which means that the Recovery Points will be shared on the network but will not be browsable if someone browses the Datto, ie: \\DattoHostname\

Figure 15: Secure File Restore & Export

VSS Writer Exclusion

This feature allows you to exclude specific VSS writers from being used by the Datto appliance during the agent's backup. See this article for more information about excluding VSS writers.

Share Compatibility Mode

Enabling this option makes a tradeoff between security and compatibility. Selecting this feature changes the SIRIS Samba share to be persistent and available on the LAN. In some legacy Domain environments, you may need to enable this option to successfully transfer data across the network on a consistent basis.

Enabling Share Compatibility can resolve many common connectivity issues for older Windows systems. It should only be enabled if you are experiencing network connectivity or transfer errors on the agent page.

Virtualization Storage Controller

This setting changes the Storage Controller to use when virtualizing the protected system in VirtualBox, KVM, or ESXi. AHCI SATA is the default setting, because the SIRIS injects this SATA Controller driver into the boot configuration of the backup.

Virtualization Network Controller

This option selects the type of NIC driver to use in the virtual environment. This generally is only needed during disaster recovery situations as well as for purposes of testing the network functionality of a backup VM. There are options for VirtualBox, KVM, and ESXi virtualization.

Virtualization Video Controller

This option allows you to choose between the default VGA driver and the legacy Cirrus video driver on Ubuntu 16.04 devices running the KVM virtualization platform. 

Virtualization Core Components

This option helps to determine the use of USB or PS/2 drivers for the mouse and keyboard in the virtual environment.

The default is Modern Virtualization Environment, which uses drivers for the virtual USB mouse and keyboard. The Legacy Virtualization Environment uses drivers for the virtual PS/2 mouse and keyboard.

If a virtual machine experiences trouble with control of the keyboard or mouse, stop the VM, and switch to the Legacy Virtualization Environment.

See this article for more information regarding configuring virtualization options.

Snapshot Timeout

The snapshot timeout option determines the time allotted to the Volume Shadow Copy service before it times out. The default setting is set to 15 minutes. If an agent requires more than 15 minutes for VSS to return information to the SIRIS, then there is usually an issue with communications between one or more of the agent services on the protected machine and the SIRIS. There may also be an issue with the backup agent software installation, or a problem with the protected machine. You can learn more about this feature here.

Force Differential Merge

Forcing a differential merge forces a re-association of backup increments. With this option selected, the agent's next backup traverses all protected volumes, and only create a backup consisting of the changes since the last backup. It will take the time of a full backup, but it will not take the space of a full backup. See this article for additional information about forcing a differential merge.

Force Retention

Clicking the Force Retention button immediately applies the device's retention policies for the agent to its local backups. Learn more here.

Repair Agent Communications

Clicking the Repair Agent Communications button instructs the Datto appliance to attempt to recreate the secure key pair between the agent and the device. This can fix common agent communication errors. You can find more information about this feature here.

Rename Agent

The Agent Rename feature allows an operator to change the IP address or FQDN that a Datto appliance uses to connect to a protected system. This is useful in situations where a protected system has a new IP address or hostname. Learn more here.

Destroy Live Dataset

This function immediately destroys a backup agent's live dataset from your Datto appliance. It will stop any backups in progress, and delete the agent's live disk images, but it will leave the snapshot chain intact. Using this feature will result in the agent taking a new full backup, which will take up the space of a new full image on the device. Only use this option if this protected machine's disks have been re-sized or the protected machine's disk image is irreparably corrupt. Review this article before using the Destroy Live Dataset feature.

Archive Agent

The Archive Agent feature allows an operator to convert an agent's backup chain to a read-only archive, stopping future backups from being written to it, and permitting the protected system to (optionally) re-pair with the Datto appliance to start a new backup chain. Archived datasets count against device agent limits, and any offsite data for the archived agent will count against your appliance's total offsite data quota. Any device on per-agent billing will continue to be billed for the archived dataset until you delete the agent locally and offsite.

You can control the display of archived agents on the Protect tab of the Datto appliance GUI by using the Hide / Show Archived toggle. Learn more here.

Archiving an agent is irreversible. Only use this option if you have no need to add additional snapshots or screenshots to the backup chain in the future. An archived agent will retain all of the restore functionality that it had when it was an active dataset.

Was this article helpful?

2 out of 3 found this helpful

You must sign in before voting on this article.

Calling all Partners! We want to hear your feedback! Please participate in this quick survey and help us build a better, more-relevant Knowledge Base!

Want to talk about it? Head on over to our Community Forum!