I want upgrade Elasticsearch to the version 7.
I upgraded all index and it works but when I want search in my logs on Graylog, nothing is displayed.
By checking my index, I have this information : " Time range of index is unknown, because index range is not available. Please recalculate index ranges manually."
When I try to recalculate index ranges, I have an error message :
If I try to recalculate with an index which has been reindexed because Graylog has create it automaticaly with the rotation period, it works and the datas in Graylog are read.
I searched on the web and in my logs, I don’t interesting informations.
Ok I thank you.
Otherwise, in my case the index are been reindexed in version 6 by Kibana and with an Elasticsearch 6, it doesn’t works also (cf: Screenshot in my first message).
Impossible to recalculate index ranges and search old logs in the search.
Check your elasticsearch first. And Try to recalculate index range after.
I’m not sure you can downgrade from elasticsearch 7 to 6 without problem.
What is your cluster’s state?
Do you see all indexes in elasticsearch?
What is the index version?
What do you see in ES and GL’s logs?
etc…
To the base, we were in the version 5 to go on the version 6 by following the process.
We have reindexing all indices by Kibana and we see them in Graylog just only in the indice section but we have this message "Time range of index unknow etc… (cf my screenshot in my first post)
When I try to search old logs in the search section, I find only my new logs.
My finality is to can search the old logs, how can I do ?
If it’s not possible, I will give up the idea to reindexed my datas because they can be read in the version 6.
when you are in the Graylog UI, go to System > Indices > INDEX_NAME and click maintenance > recalculate index range. This will re-read the min/max timestamp from all available indices and you will be able to search.
