Could not restore archive - CSRF protection header missing

(Matt Dobson) #1


I’m currently running Graylog 2.5.2 and our system has been making archives for a while now.

We are coming up to our PCI audit, where we must be able to demonstrate 3months of data on the live system and 1 year of historical data.
We have all of this recorded, but when I try and restore an archive back to the system we get the message:

“Could not restore archive: graylog_number.
Index restore failed: CSRF protection header is missing. Please add a “X-Requested-By” header to your request.”

I’ve tried searching but can’t find much related, and I don’t even understand the message’s meaning (except that it needs a header which it cant see, but where, what and how, I don’t know).

Does anyone know how to resolve this? I’m happy to provide any information needed.



(Jan Doberstein) #2

you need to upgrade your archive plugins to the same version that your Graylog server has - e.g. make all enterprise plugins the same version as the server.

(Matt Dobson) #3

Thanks Jan - that makes sense.

Is there any command to check the current plugin versions?


(Matt Dobson) #4

Many thanks for your advice Jan - correct as always, it’s working again.