Before you post: Your responses to these questions will help the community help you. Please complete this template if you’re asking a support question.
Don’t forget to select tags to help index your topic!
1. Describe your incident:
upgrading from elasticsearch to opensearch…broken streams
2. Describe your environment:
- OS Information:
unbuntu - Package Version:
Graylog 5.0.13+ - Service logs, configurations, and environment variables:
While retrieving data for this widget, the following error(s) occurred:
3. What steps have you already taken to try and solve the problem?
repaired graylog db
4. How can the community help?
ran the process to move from elasticsearch to opensearch
followed directions here, Guide Index
opensearch seems to running fine, on indices page i see, Elasticsearch cluster opensearch is green. Shards: 81 active, 0 initializing, 0 relocating, 0 unassigned
i see records being processed in indices
however if i go to streams all streams including the default all messages stream get error, While retrieving data for this widget, the following error(s) occurred:
- OpenSearch exception [type=index_not_found_exception, reason=no such index [graylog_98256]].
the index mentioned “graylog_98256” is not a valid index, if i revert back to elasticsearch i do see that index…seems that opensearch start naming indices over starting at 0,
i ran
rsync -avP /var/lib/elasticsearch/* /var/lib/opensearch/
to sync up data between elastic search and opensearch, and it appears to be the index names are just different, however the stream still look for the elasticsearch names, wondering where streams gets the index name from?
determined that if i deleted the mongodb table for indexes and then recalculated seemed to be working but i then had issues with missing gl failure template…
Helpful Posting Tips: Tips for Posting Questions that Get Answers [Hold down CTRL and link on link to open tips documents in a separate tab]