ERROR: org.graylog2.storage.versionprobe.VersionProbe - Unable to retrieve version from Elasticsearch node: Received fatal alert: handshake_failure. - Received fatal alert: handshake_failure.
Hello @Vinosh && Welcome
That would be a configuration issue. If you need more help then this please look at this post.
Thanks for reply @gsmith
graylog version is 4.3.2
elastic version 7.10.2
mongo db 3.6
And how can we update TLS for host from TLS1.1 to 1.2
Hey, @Vinosh
Did a quick search on the error log for your version. I would suggest checking out Graylog configuration file and your Elasticsearch file to ensure Graylog can connect to it.
It seams you do have the right versions needed so that gives me and idea that your configuration might be wrong.
These lines are needed to a connections between the two services.
Elasticsearch configuration file.
network.host: 127.0.0.1
http.port: 9200
action.auto_create_index: false
discovery.type: single-node
Graylog configuration file
elasticsearch_hosts = http://localhost:9200
As for this question…
You will find you answer near the bottom of this documentation.
port is 9100 we are using and
we commented the #action.auto_create_index: false
this we don’t mention in elastic config file discovery.type: single-node
we are using one master and 2 data node in your cluster.
with the older version graylog 3.1.3 it is working fine but with update only we are having issue.
Thanks,
Vinosh
hey,
That’s fine, like I stated those are the connection needed. If Graylog cant connect to ES then you may have problems
Wish you could post that also, Like i said it probably a configuration issue, but if it was working before Im not sure what happen.
Yes, now Graylog check for version/s in 4.3.
Perhaps showing the Graylog full log file would be nice if possible.
@gsmith graylogServer.log
2022-11-10 21:33:24,747 INFO : org.graylog2.featureflag.ImmutableFeatureFlagsCollector - Following feature flags are used: {}
2022-11-10 21:33:27,346 INFO : org.graylog2.bootstrap.CmdLineTool - Loaded plugin: AWS plugins 4.3.2 [org.graylog.aws.AWSPlugin]
2022-11-10 21:33:27,349 INFO : org.graylog2.bootstrap.CmdLineTool - Loaded plugin: Collector 4.3.2 [org.graylog.plugins.collector.CollectorPlugin]
2022-11-10 21:33:27,351 INFO : org.graylog2.bootstrap.CmdLineTool - Loaded plugin: Threat Intelligence Plugin 4.3.2 [org.graylog.plugins.threatintel.ThreatIntelPlugin]
2022-11-10 21:33:27,351 INFO : org.graylog2.bootstrap.CmdLineTool - Loaded plugin: Elasticsearch 6 Support 4.3.2+313b6bc [org.graylog.storage.elasticsearch6.Elasticsearch6Plugin]
2022-11-10 21:33:27,352 INFO : org.graylog2.bootstrap.CmdLineTool - Loaded plugin: Elasticsearch 7 Support 4.3.2+313b6bc [org.graylog.storage.elasticsearch7.Elasticsearch7Plugin]
2022-11-10 21:33:27,413 INFO : org.graylog2.bootstrap.CmdLineTool - Running with JVM arguments: -Xms2g -Xmx16g -Dlog4j2.formatMsgNoLookups=true -Djavax.net.ssl.trustStore=/apps/disk2/https-common-certs/prod01-75/cacerts.jks -Djavax.net.ssl.trustStorePassword= password -Djava.net.preferIPv4Stack=true -Duser.timezone=Loaction -Dcom.sun.management.jmxremote.port=9507 -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false -Djava.rmi.server.hostname= hostname -Dhost=hostname -Dcom.sun.management.jmxremote
2022-11-10 21:33:29,430 INFO : org.mongodb.driver.cluster - Cluster created with settings {hosts=[hostname:27017, hostname:27017], mode=MULTIPLE, requiredClusterType=REPLICA_SET, serverSelectionTimeout='30000 ms', maxWaitQueueSize=5000, requiredReplicaSetName='rsNew'}
2022-11-10 21:33:29,430 INFO : org.mongodb.driver.cluster - Adding discovered server hostname:27017 to client view of cluster
2022-11-10 21:33:29,542 INFO : org.mongodb.driver.cluster - Adding discovered server hostname:27017 to client view of cluster
2022-11-10 21:33:29,639 INFO : org.mongodb.driver.cluster - No server chosen by com.mongodb.client.internal.MongoClientDelegate$ from cluster description ClusterDescription{type=REPLICA_SET, connectionMode=MULTIPLE, serverDescriptions=[ServerDescription{address=hostname:27017, type=UNKNOWN, state=CONNECTING}, ServerDescription{address=hostname:27017, type=UNKNOWN, state=CONNECTING}]}. Waiting for 30000 ms before timing out
2022-11-10 21:33:29,723 INFO : org.mongodb.driver.connection - Opened connection [connectionId{localValue:1, serverValue:801}] to hostname
2022-11-10 21:33:29,723 INFO : org.mongodb.driver.connection - Opened connection [connectionId{localValue:2, serverValue:55838}] to hostname
2022-11-10 21:33:29,766 INFO : org.mongodb.driver.cluster - Monitor thread successfully connected to server with description ServerDescription{address=hostname:27017, type=REPLICA_SET_PRIMARY, state=CONNECTED, ok=true, version=ServerVersion{versionList=[3, 6, 5]}, minWireVersion=0, maxWireVersion=6, maxDocumentSize=16777216, logicalSessionTimeoutMinutes=30, roundTripTimeNanos=20825235, setName='rsNew', canonicalAddress=hostanme:27017, hosts=[hostname:27017, hostname:27017], passives=[], arbiters=[], primary='hostname:27017', tagSet=TagSet{[]}, electionId=id, setVersion=2, lastWriteDate=Thu Nov 10 21:33:25 PST 2022, lastUpdateTimeNanos=19010262962248998}
2022-11-10 21:33:29,766 INFO : org.mongodb.driver.cluster - Monitor thread successfully connected to server with description ServerDescription{address=hostanme:27017, type=REPLICA_SET_SECONDARY, state=CONNECTED, ok=true, version=ServerVersion{versionList=[3, 6, 5]}, minWireVersion=0, maxWireVersion=6, maxDocumentSize=16777216, logicalSessionTimeoutMinutes=30, roundTripTimeNanos=26389872, setName='rsNew', canonicalAddress=hostname:27017, hosts=[hostname:27017, hostname:27017], passives=[], arbiters=[], primary='hostname:27017', tagSet=TagSet{[]}, electionId=null, setVersion=2, lastWriteDate=Thu Nov 10 21:33:25 PST 2022, lastUpdateTimeNanos=19010262965987841}
2022-11-10 21:33:29,773 INFO : org.mongodb.driver.cluster - Setting max election id to id from replica set primary hostname:27017
2022-11-10 21:33:29,774 INFO : org.mongodb.driver.cluster - Setting max set version to 2 from replica set primary hostname:27017
2022-11-10 21:33:29,774 INFO : org.mongodb.driver.cluster - Discovered replica set primary hostname:27017
2022-11-10 21:33:29,838 INFO : org.mongodb.driver.connection - Opened connection [connectionId{localValue:3, serverValue:55839}] to hostname:27017
2022-11-10 21:33:29,934 INFO : org.mongodb.driver.connection - Closed connection [connectionId{localValue:3, serverValue:55839}] to hostname:27017 because the pool has been closed.
2022-11-10 21:33:29,942 INFO : org.graylog2.bootstrap.preflight.MongoDBPreflightCheck - Connected to MongoDB version 3.6.5
2022-11-10 21:33:30,663 ERROR: org.graylog2.storage.versionprobe.VersionProbe - Unable to retrieve version from Elasticsearch node: Received fatal alert: handshake_failure. - Received fatal alert: handshake_failure.
2022-11-10 21:33:30,666 INFO : org.graylog2.storage.versionprobe.VersionProbe - Elasticsearch is not available. Retry #1
2022-11-10 21:33:35,693 ERROR: org.graylog2.storage.versionprobe.VersionProbe - Unable to retrieve version from Elasticsearch node: Received fatal alert: handshake_failure. - Received fatal alert: handshake_failure.
2022-11-10 21:33:35,693 INFO : org.graylog2.storage.versionprobe.VersionProbe - Elasticsearch is not available. Retry #2
2022-11-10 21:33:40,714 ERROR: org.graylog2.storage.versionprobe.VersionProbe - Unable to retrieve version from Elasticsearch node: Received fatal alert: handshake_failure. - Received fatal alert: handshake_failure.
2022-11-10 21:33:40,714 INFO : org.graylog2.storage.versionprobe.VersionProbe - Elasticsearch is not available. Retry #3
2022-11-10 21:33:45,733 ERROR: org.graylog2.storage.versionprobe.VersionProbe - Unable to retrieve version from Elasticsearch node: Received fatal alert: handshake_failure. - Received fatal alert: handshake_failure.
2022-11-10 21:33:45,734 INFO : org.graylog2.storage.versionprobe.VersionProbe - Elasticsearch is not available. Retry #4
2022-11-10 21:33:50,751 ERROR: org.graylog2.storage.versionprobe.VersionProbe - Unable to retrieve version from Elasticsearch node: Received fatal alert: handshake_failure. - Received fatal alert: handshake_failure.
2022-11-10 21:33:50,752 INFO : org.graylog2.storage.versionprobe.VersionProbe - Elasticsearch is not available. Retry #5
2022-11-10 21:33:55,766 ERROR: org.graylog2.storage.versionprobe.VersionProbe - Unable to retrieve version from Elasticsearch node: Received fatal alert: handshake_failure. - Received fatal alert: handshake_failure.
Hello @Vinosh
Thanks you for the logs, Hope you don’t mind I edited your post so its easier to read. perhaps check it out here
From what I see the issue is that Graylog is probing for the ES version used on startup. It goes through the list of configured nodes and gives up if none of them are up. Can you make sure that ES is available before GL is starting up? If not, you can set the elasticsearch_version configuration setting to 7.
If that doesn’t work then here are some more suggestions you could use to troubleshoot this issue.
Have you tried curl command to check Elasticsearch cluster? You may have to adjust it to your environment.
ES Health check
curl -XGET http://es_node:9200/_cluster/health?pretty
Check Nodes
curl -XGET http://es_node:9200/_nodes?pretty
curl -XGET http://es_node:9200/_cat/nodes?v
If so what do you see?
how can we keep the setting configuration as es 7 ?
and Es is working fine. Cluster is up and running and status is green.
@gsmith
we figure it out now it is working fine. the issue is with jdk version and os level as well.java we need to use the jdk-8u45 and Os is like 8.5 red hat. but what we are using is os 7.9 version.
is their any dependence to be like java version and os version ?
thanks,
Vinosh
Awesome, Thank you posting your resolve 
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.