Graylog 3.1 upgrade failed to start with standard v3.1 plugins

Tonight I upgraded my home Graylog server from v3.0.0 to the new v3.1. I’m running it on a virtual Ubuntu 18.04.2 server, with Elasticsearch v 6.6.0, Mongo db version v4.0.12, and Open JDK v8. I followed the upgrade guide in the DEB section of:

After adjusting the new server.conf file to some specific values I had, I started up Graylog with “systemctl start graylog-server”. While it did load, it failed to listen on port 9000, and produced several curious lines in the /var/log/graylog-server/server.log:

2019-08-18T20:45:12.499-04:00 ERROR [Permissions] Error adding permissions for plugin:

2019-08-18T20:45:18.113-04:00 ERROR [CmdLineTool] Guice error (more detail on log level debug): Error injecting constructor, java.lang.IllegalArgumentException: Duplicate permission found. Permission “Permission{permission=view:create, description=Create new view}” already exists!

After attempting a number of restarts trying to get debug logging working, when I finally added “level=debug” to about every line in log4j2.xml, it was really no help on the above error. Finding an older blog post about a problem plugin, I removed all the plugins from /usr/share/graylog-server/plugin. Here are the ones I had following the upgrade:
-rw-r–r-- 1 root root 21198709 Aug 18 23:00 graylog-plugin-aws-3.1.0.jar
-rw-r–r-- 1 root root 3729809 Aug 18 22:57 graylog-plugin-collector-3.1.0.jar
-rw-r–r-- 1 root root 25155812 Aug 18 22:52 graylog-plugin-enterprise-3.1.0.jar
-rw-r–r-- 1 root root 5239350 Aug 18 22:46 graylog-plugin-threatintel-3.1.0.jar

At this point, the server was able to start. I added them back one by one, restarting each time, and each time it continue to start up fine.

At this point, no further help is needed, but I decided to post this in case anyone else has a similar issue.

1 Like


I had the exact same problem. Removed all of my plugins and then reinstalled them and it seemed to go ok.


Thanks for sharing this. I was having the same issue and these steps resolved it.

Same here… deleted all files in /usr/share/graylog-server/plugin and it came up…

And make sure you use the bind address in your previous config.

Installer should clean out plugins and backup old config ideally.

Love the product… BTW.

Installer should clean out plugins and backup old config ideally.

You really want a third party application to remove items you placed on your system automatically? What if someone configured a non default locations for plugins where Graylog is only able to read, should the upgrade fail on that?

That is nothing “easy” and many ways to shoot into other foots on that road.

I agree that we should fail nicer … but also that isn’t easy.

Glad this post has helped some others.

I have another post that I need help with, as this was a different system upgrade:

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.