This guide describes the recommended way to upgrade Graylog on Debian Linux 10 (Buster) and 11 (Bullseye). All links and packages are present at the time of writing.
Prerequisites
The following tasks must be completed before upgrading the Graylog server. If they are not completed, problems may occur. Once the prerequisites are satisfied, then you may proceed with the upgrade process.
-
Review the release notes of the version(s) of Graylog that you will upgrade to. You can find all stable releases under Upgrading Graylog.
-
You may also need to perform manual edits to the Graylog server.conf configuration file before restarting the Graylog server. Information on manual tasks required by a version of Graylog can be found in the changelogs and the Upgrading Graylog pages in the documentation.
-
Ensure that you back up both the MongoDB and Elasticsearch/OpenSearch database state prior to upgrading any component of the Graylog stack to create a rollback option.
-
In preparation for upgrading Graylog, you must first satisfy any software prerequisites. MongoDB and Elasticsearch/OpenSearch must be running at least the minimum required version required for the version of Graylog to which you wish to upgrade. Please refer to the following chart to determine your version compatibility requirements:
| Graylog Version | Minimum MongoDB Version | Maximum MongoDB Version | Minimum Elasticsearch Version | Maximum Elasticsearch Version | Minimum OpenSearch Version | Maximum OpenSearch Version |
|---|---|---|---|---|---|---|
| 3.3.x | 3.6 | 4.2 | 5.0 | 6.x | Not Supported | Not Supported |
| 4.0.x | 3.6 | 4.2 | 6.8 or 7.0 | 7.1 | Not Supported | Not Supported |
| 4.1.x | 3.6 | 4.4 | 6.8 or 7.0 | 7.1 | Not Supported | Not Supported |
| 4.2.x | 3.6 | 4.4 | 6.8 or 7.0 | 7.10.2 | Not Supported | Not Supported |
| 4.3.x | 3.6 | 5.0 | 6.8 or 7.0 | 7.10.2 | 1.1.x (or 1.3.x for Graylog Security) | 1.3.x |
|
5.0.x |
5.0.7 |
6.x |
7.10.2 |
7.10.2 |
1.1.x (or 1.3.x for Graylog Security) |
2.13.x |
Software Verification
In order to verify that you are running the desired version of either of the dependencies mentioned above, enter the following command, replacing the name of each application with the one you want to verify:
sudo apt list --installed | grep 'mongo\|elasticsearch\|opensearch\|graylog'Upgrading Graylog on Debian
Complete the following steps to upgrade your Graylog instance using your package manager of choice (e.x. APT_GET):
1. Shutdown the Graylog node:
sudo systemctl stop graylog-server2. Monitor the status of the Graylog node:
ps -aefww | grep graylog3. Once the Graylog node is down, update the local package cache:
sudo apt-get update4. Display available versions of Graylog:
sudo apt-cache policy graylog-server graylog-enterprise5. Use the system tools to upgrade the Graylog package(s).
-
If the version is not specified in the command, then the latest version in the repository will be installed.
-
If you have a lock on the Graylog package, you may then be prompted to remove it before allowing the upgrade to execute.
For Graylog Open:
wget https://packages.graylog2.org/repo/packages/graylog-5.0-repository_latest.deb
sudo dpkg -i graylog-5.0-repository_latest.deb
sudo apt-get update
sudo apt-get install graylog-serverFor Graylog Operations:
wget https://packages.graylog2.org/repo/packages/graylog-5.0-repository_latest.deb
sudo dpkg -i graylog-5.0-repository_latest.deb
sudo apt-get update
sudo apt-get install graylog-enterpriseTo display installed graylog-* packages:
sudo apt list --installed | grep graylog6. Make any necessary changes to Graylog configuration file(s) as indicated by version.
7. Finally, restart the Graylog node.
sudo systemctl restart graylog-server