Graylog isn't working after upgrade


(Crisley Linhares) #1

Today we updated our version of Graylog to 2.3. However, she stopped receiving messages. When I try to perform a search, the following message is displayed:

"Error Message:
Unable to perform search query.
Details:
Search status code:
500
Search response:
Can not GET http://200.129.163.12:12900/search/universal/relative?query=*&range=300&limit=150&sort=timestamp%3Adesc (500)

According to the graylog-server log, the message:

“ERROR [Cluster] could not read cluster health for indices [graylog_ *] (could not connect to http://127.0.0.1:9200)”

Followed by several errors. I noticed that it tries to connect to the elasticsearch cluster through localhost, however the cluster is available on another server and through our tests it is available. The graylog-server and elasticsearch configuration files are apparently normal. I would like help solving this problem since Graylog stopped working at our institution.


(João Ciocca) #2

I’m struggling with the same problem, it seems… sorry I couldn’t help =(


(Crisley Linhares) #3

Somebody with the same problem that could help me, please? :frowning:


(João Ciocca) #4

so, my initial problem was server.conf using elasticsearch native port instead of http port. You checked that?
Take a look at the details I’ve posted and see if anything resonates…


#5

Unfortunately I’ve been hitting the same problem, on my dockerized instance. When running the v2.2.3-1, all is good. When upgrading to v2.3.1-1, the container does not get past the mentioned logged error:

“ERROR [Cluster] could not read cluster health for indices [graylog_ *] (could not connect to http://127.0.0.1:9200)”

Not sure how to proceed either…(sticking to v2.2 for now).


(Nimol) #6

What’s the content of /etc/graylog/graylog-services.json inside the your machine?

if like this
{
“etcd”: {
“enabled”: true
},
“nginx”: {
“enabled”: true
},
“mongodb”: {
“enabled”: true
},
“elasticsearch”: {
“enabled”: true
},
“graylog_server”: {
“enabled”: true
}
}
then is fine just input

sudo graylog-ctl enable-all-services


(Jochen) #7

Please read the upgrade notes for Graylog 2.3.x: http://docs.graylog.org/en/2.3/pages/upgrade/graylog-2.3.html#graylog-switches-to-elasticsearch-http-client


(system) #8

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.