ElasticSearch Errors after Upgrade to 6.6 - Graylog sends aggregation request

Mr.Error · March 21, 2019, 8:38am

Hello Community,

I’ve upgraded our ES Cluster from 5.6 to 6.6 . Everything seems to work fine, messages are processed and searching works fast and smooth.

But when querying a certain Stream, which only queries one Index set (logs_*) I am getting the following Errors on my ES nodes:

But no Errors in Graylog. All other indexes work fine…

It looks to me like GL is telling ES to do an aggregation on the source field, which of course doesn’t work…

Any help is highly appreciated!!

jan · March 21, 2019, 8:43am

Did you rotate your index after the upgrade manually once?

Mr.Error · March 21, 2019, 8:45am

Yes, I did

system · April 4, 2019, 8:45am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Elasticsearch 7.15.0 accidental update Graylog Central (peer support) elastic	4	561	February 15, 2022
Index error after one ES node crashed Graylog Central (peer support)	7	1814	October 19, 2021
Indexer Failures after upgrade to 2.3.1 Graylog Central (peer support)	3	720	September 12, 2017
Post Upgrade (Graylog 3.0.2 / Elasticsearch 6.7.2) Index problems Graylog Central (peer support)	5	1180	June 3, 2019
Graylog does not search! Graylog Central (peer support)	15	3498	July 4, 2019