I upgrade my cluster Graylog 2.4.6 to 2.5.1 and since I have one error on the first server upgrade :
WARN [ProxiedResource] Unable to call http://192.168.253.42:12900/system/metrics/multiple on node <583172bd-ac88-4d18-8e7d-3374caaf4812>, result: Bad Request
I have this error on SRV-GRAYLOG01.
For the moment I just upgrade SRV-GRAYLOG02 to 2.5.1. Is it normal ? Can I upgrade all server to 2.5.1 for to resolv my proble ?
Hi,
You have to update all your nodes and also check all third party components that are calling the API because in 2.5 there is a change requiring a header in all API calls otherwise they end with error 400.
Here is an extract from the documentation about this
Protecting against CSRF, HTTP header required
Using the Graylog server API requires all clients sending non-GET requests to include a custom HTTP header ( X-Requested-By ). The value of the header is not important, but it’s presence is, as all requests without it will be ignored and will return a 400 error.
Hi again.
No you do not have to change your server.conf. You must upgrade ALL your Graylog nodes to 2.5.
The error you see is due to the fact that with 2.5, Graylog expects that all requests to its API contains the header X-requested-by. In that version Graylog code has been modified to include this header for all calls (remember that Graylog also uses API calls to himself).
If you use nodes with an older version, the header is not injected and thus provoking the error.
So upgrade ALL your nodes.
I think if you administrate a system, you should do backup regularly. So if you do backup eg. every day about the full graylog infrastructure, you don’t need do another one. But if could be useful if hard to access the regularly backup (eg tape).
But one thing is more important than the backup, the restore!
Do restore test regularly!
A successful backup not guaranty for the successful restore.