Anyone have any recommendations or guidance for upgrading the underlying components for Graylog? Should I just update the OS as normal, same with Java and Elasticsearch on the ES node? Obviously staying within the major revision number, but I want to make sure I’m patching the parts that need patching as cleanly as possible.
If you have all the parts installed separately then yes, you can just follow the usual upgrade path for each component. What you do want to do if you upgrade Elasticsearch is probably temporarily stop processing on Graylog so it doesn’t put load on the cluster while data nodes may be restarting.
If it’s the OVA or something like that, then I don’t know
Thanks for the confirming my suspicions… Since I’ve upgraded 2.4.6 to 2.5.1, I’m thinking Elasticsearch 5 to 6 upgrade will be part of this. In preparation for Graylog 3.0.