Could not restore archive - CSRF protection header missing


I’m currently running Graylog 2.5.2 and our system has been making archives for a while now.

We are coming up to our PCI audit, where we must be able to demonstrate 3months of data on the live system and 1 year of historical data.
We have all of this recorded, but when I try and restore an archive back to the system we get the message:

“Could not restore archive: graylog_number.
Index restore failed: CSRF protection header is missing. Please add a “X-Requested-By” header to your request.”

I’ve tried searching but can’t find much related, and I don’t even understand the message’s meaning (except that it needs a header which it cant see, but where, what and how, I don’t know).

Does anyone know how to resolve this? I’m happy to provide any information needed.



you need to upgrade your archive plugins to the same version that your Graylog server has - e.g. make all enterprise plugins the same version as the server.

Thanks Jan - that makes sense.

Is there any command to check the current plugin versions?


Many thanks for your advice Jan - correct as always, it’s working again.


This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.