Problem after upgrade to Graylog 2.5

Hi everyone,

I upgrade my cluster Graylog 2.4.6 to 2.5.1 and since I have one error on the first server upgrade :
WARN [ProxiedResource] Unable to call on node <583172bd-ac88-4d18-8e7d-3374caaf4812>, result: Bad Request

I have this error on SRV-GRAYLOG01.

For the moment I just upgrade SRV-GRAYLOG02 to 2.5.1. Is it normal ? Can I upgrade all server to 2.5.1 for to resolv my proble ?


You have to upgrade all your nodes to the same version :slight_smile:

1 Like

No just one !:wink:


You have to update all your nodes and also check all third party components that are calling the API because in 2.5 there is a change requiring a header in all API calls otherwise they end with error 400.

Here is an extract from the documentation about this

Protecting against CSRF, HTTP header required

Using the Graylog server API requires all clients sending non-GET requests to include a custom HTTP header ( X-Requested-By ). The value of the header is not important, but it’s presence is, as all requests without it will be ignored and will return a 400 error.

1 Like


I’m sorry but I don’t understand.
I must to modify configuration on server.conf ?

Hi again.
No you do not have to change your server.conf. You must upgrade ALL your Graylog nodes to 2.5.
The error you see is due to the fact that with 2.5, Graylog expects that all requests to its API contains the header X-requested-by. In that version Graylog code has been modified to include this header for all calls (remember that Graylog also uses API calls to himself).
If you use nodes with an older version, the header is not injected and thus provoking the error.
So upgrade ALL your nodes.

And by the way, I wish you a happy new year.


Thanks guy and happy new year.

Should i backup my mongodb before upgrade 2.4 to 2.5 ?
And what are steps to upgrade it ?

  1. Graceful Shutdown
  2. dpkg --remove graylog
  3. download new graylog repository
  4. dpkg install new graylog repository
  5. apt update and apt upgrade

good ?

why not following the documentation?

in addition, create a backup before you update is never a bad idea.


I think if you administrate a system, you should do backup regularly. So if you do backup eg. every day about the full graylog infrastructure, you don’t need do another one. But if could be useful if hard to access the regularly backup (eg tape).
But one thing is more important than the backup, the restore!
Do restore test regularly!
A successful backup not guaranty for the successful restore.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.