You might find this useful: Frequently asked questions — Graylog 4.0.0 documentation. I’ll also note that we only release security and bug fixes for a year after a version is released. That said, 3.3.0 is EOL and many of the point releases are approaching EOL. So while you can continue running 3.2.6, the 3.2.X releases aren’t receiving any bug fixes or security releases. I’d highly recommend getting on the 4.0.X branch, as it’s actively receiving bug fixes and security fixes when they arise.