Update 2.4.7 to 4.0

Hello, Is it possible to update version 2.4.7 to 4.0 directly or it is necessary to install the other updates (3.0.0, 3.0.1 …)

How to retrieve the logs processed by graylog and sent to elasticsearch (if we are creating a new environment and want to import the old logs)

Thank you



Yes, couple thing to keep in mind before upgrading.
Breaking changes

Next beware of what needs to be installed for Graylog 4 and make your own accessment.


@aaronsachs explains this well.

To be honest since you have much older version it almost would make sence to create a new graylog server if you can.

There are a couple ways to deal with this issue.
One way we done this was, since were using a Virtual machine we created another Graylog server and pointed all our clients to the new server. Since we only retain logs for 90 days we kept our old graylog server until the 90 days were up. Then just turned off the virtual machine, NOTE: we didnt delete it, just turned it off and archived the whole server.

Second way would be is elasticsearch snapshot, and mongodb dump then transfer to the new server.

Correct me if I’m wrong, but I believe that when you transfer Elasticsearch snapshot to the new server they have to be the same version.

This is time consuming and issues might occur, and all I can say is make sure you have Backups :slight_smile:

Those are the two basic ways I know how, maybe someone here has a different way of doing it.

Hope that helps

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.