Hi,
I migrated between same version graylog / opensearch environments.When I restore the backup I took from the previous Graylog in the new Graylog environment, I cannot view it in the stream. I couldn’t find it in all the messages. The restore was done properly. It didn’t give any errors. I ask for your support in this matter.
Graylog version: 5.0.2 community
Opensearch version: 2.9.0 community
Can you clarify what you backed up (and how) and how you restored it?
I restore the index backup taken in the old graylog environment in the new graylog environment. When I check, the logs I restored go into the default stream. Log is not coming to the correct stream. I also reviewed it for the template. There is no difference. I moved Stream from the old environment to the new environment with a content pack. Stream id is the same.
Restore command: (elasticvue)
POST http://ip:9200/_snapshot/apim_mwservices_prod_40/15dec2023/_restore
{
“rename_pattern”: “apim_mwservices_prod_40”,
“rename_replacement”: “restore_2024010302”,
“index_settings”: {
“index.number_of_replicas”: 0
}
}
Understood. Graylog maintains metadata on the indices (in its mongo db) that is required when migrating data or doing a backup/restore. To my knowledge I don’t believe the _snapshot functionality (of elasticsearch?) is officially supported for use with graylog.
Did you restore the mongodb as well?
I did not take a mongo backup. I created streams by switching. If I take a backup now and restore it to the same environment, won’t it crush the existing indexes?
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.
