Elasticsearch 7.17.8 with error update

Hello,

First of all, thank you to those who will take the trouble to help me with this problem and forgive my English.

I have an Ubuntu 22.04.01 LTS server which hosts all

• Graylog-server 4.3.11-1
• MongoDB 6.0.3
• Elasticsearch 7.17.8

It currently hosts over 760 GB of data which I of course don’t want to lose

Those who are paying attention will have already understood the issue. During an update by mistake, Elasticsearch was updated to version 7.17.8 while the last supported version is 7.10.

I notice a problem with the Index rotation not running anymore.

My question is how to upgrade Graylog without loss of data to version 5 and why not switch to Opensearch if that is the Graylog roadmap

Thank you and have a nice day

Translated with DeepL Translate: The world's most accurate translator (free version)

there are a few possibilites to go from an higher elastic version than 7.10 to opensearch.

• install a fresh graylog with opensearch on the side of the old one, and run both until no data is left on your old graylog due to data retention
• dump the elastic database and import it to opensearch / reindex the whole thing on opensearch
• get rid of the extra indices build by elastic which prevent the migration to opensearch. This is quite difficult.

all of them are painful, but I have not found a better solution. :-/

It seems to me that the best solution would be to set up an OpenSearch server and then migrate the data.

But I’m starting from scratch at the moment. Do you have a manual for this?

Yes, I’m looking into it on my side on Google

Maybe this helps to install Graylog with OpenSearch:
https://go2docs.graylog.org/5-0/downloading_and_installing_graylog/ubuntu_installation.html

For migrating data, hmm… I do not have a link, but I am sure there is one.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.