Simultaneous support of Data Node (Opensearch) and elasticsearch_hosts (Elasticsearch)

Hello. Question is about last Graylog - 6.1. Self-managed Elasticsearch 7.10.2 connected to it (elasticsearch_hosts). I’m going to leave Elasticsearch “as is” for read-only logs and add Opensearch 2.12 as Data Node for writing new GELF-logs. Is such configuration supported option?

No, Graylog can only be connected to one search backend cluster. You would either have to migrate/upgrade the cluster, or run two graylogs each conneted to their own backend.