I’m currently using graylog 3.3 and I’d like to upgrade to version 4.0.
It looks like I need to upgrade elasticsearch first ( currently using version 5.6).
I’ve done research online but I can’t seem to find how to re-index my indexes. Any help is appreciated.
Hello && Welcome
I’m unsure how you performed ES upgrade. Have you tried to Recalculate/Rotate you indices firsts?
Below I have commands to help you troubleshoot your issue along with the documentation for re-indexing.
To find unassigned shards you can execute this command.
curl -XGET http://localhost:9200/_cat/shards
Or you can use this command which should tell you which shards are unassigned, and why:
curl -XGET localhost:9200/_cat/shards?h=index,shard,prirep,state,unassigned.reason| grep UNASSIGNED
I found the documentation that may help.
@vivir so the way I’m reading this is that you have 2 issues:
- The upgrade (and subsequent reindexing)
- The cluster status.
For the cluster status, you might want to consider running an “Explain” call to see why the shards are unassigned:
curl -X GET "localhost:9200/_cluster/allocation/explain?pretty"
As far as reindexing, you’ll want to use the reindex API endpoint in Elasticsearch after upgrading to 6.X.