Check to see if your sources support queueing, my guess is they don’t.
Spin up a very simple syslog server, probably something on Windows, that just put the data to .txt files. Run your upgrade and import the into Graylog when done.
I don’t think any of this is a good idea and probably won’t work. I’m not sure you’ll be able to upgrade on a single node w/o downtime. This would be the case on any single node system, Graylog or otherwise.
If it’s that critical, it really need to be multi-node/highly available.
What version of ES and MongoDB do you have? If you have the latest of ES 3.x and MongoDB 4.2 on your Graylog 3.x the upgrade to Version 4 should be very quick. I had ES 6.8 ( latest) and MongoDB 4.2 with my Graylog 3.x and all I did was apply the new repo and installed graylog-server 4. This took less then 2 minutes. There were logs in my journal that had to be processed from restarting my graylog service but that didnt take long which all depends on your server setup.
If thats not feasible, judging from what you want to do,
As @dickinsonzach suggested
Create a another graylog server and point all your graylog client there and when you done adjust your client/s back. On your temporary Graylog server, send the stored log back to your origanal Graylog server. This seams labor intensive to me, but it could work.