Upgrade Graylog on Red Hat
This guide describes the recommended way to upgrade Graylog on RHEL/CentOS 7, 8, and 9. All links and packages are present at the time of writing.
Prerequisites
The following tasks must be completed before upgrading the Graylog server. If they are not completed, problems may occur. Once the prerequisites are satisfied, then you may proceed with the upgrade process.
-
Review the release notes of the version(s) of Graylog that you will upgrade to. You can find release notes for Graylog 6.1 in the documentation.
-
You may also need to perform manual edits to the Graylog server.conf configuration file before restarting the Graylog server. Information on manual tasks required by a version of Graylog can be found in the changelogs and the Upgrading Graylog pages in the documentation.
-
Ensure that you back up both the MongoDB and OpenSearch database states prior to upgrading any component of the Graylog stack to create a rollback option.
-
In preparation for upgrading Graylog, you must first satisfy any software prerequisites. MongoDB and OpenSearch must be running at least the minimum required version for the version of Graylog to which you wish to upgrade. Please refer to the following chart to determine your version compatibility requirements:
Graylog Version | Minimum MongoDB Version | Maximum MongoDB Version | Minimum Elasticsearch Version | Maximum Elasticsearch Version | Minimum OpenSearch Version | Maximum OpenSearch Version |
---|---|---|---|---|---|---|
4.0.x | 3.6 | 4.2 | 6.8 or 7.0 | 7.1 | Not Supported | Not Supported |
4.1.x | 3.6 | 4.4 | 6.8 or 7.0 | 7.1 | Not Supported | Not Supported |
4.2.x | 3.6 | 4.4 | 6.8 or 7.0 | 7.10.2 | Not Supported | Not Supported |
4.3.x | 3.6 | 5.0 | 6.8 or 7.0 | 7.10.2 | 1.1.x (or 1.3.x for Graylog Security) | 1.3.x |
5.0.x |
5.0.7 |
6.x |
7.10.2 |
7.10.2 |
1.1.x (or 1.3.x for Graylog Security) |
2.13.x |
5.1.x |
5.0.7 |
6.x |
7.10.2 |
7.10.2 |
1.1.x (or 1.3.x for Graylog Security) |
2.13.x |
5.2.x |
5.0.7 |
6.x |
7.10.2 |
7.10.2 |
1.1.x (or 1.3.x for Graylog Security) |
2.13.x |
6.0.x |
5.0.7 |
7.x |
7.10.2 |
7.10.2 |
1.1.x (or 1.3.x for Graylog Security) |
2.15.x |
6.1.x |
5.0.7 |
7.x |
7.10.2 |
7.10.2 |
1.1.x (or 1.3.x for Graylog Security) |
2.15.x |
Upgrading Multiple Versions of Graylog
Do not skip a major version when upgrading Graylog. For example, to upgrade from 3.3 to 4.3, first upgrade to the major version 4.0 and then to 4.3. See Upgrade Path for more information on this process.
Additionally, when upgrading through multiple versions of Graylog, ensure that you restart the Graylog service each time an upgrade is performed. You can confirm your new version has installed successfully by verifying the ServerBootstrap message indicates a successful start up in the server.log file:
2024-08-25T00:01:50.883Z INFO [ServerBootstrap] Graylog server up and running.
Software Verification
In order to verify that you are running the desired version of either of the dependencies mentioned above, enter the following command, replacing the name of each application with the one you want to verify:
sudo yum list installed | grep 'mongo\|opensearch\|graylog'
Upgrading Graylog on Red Hat
Complete the following steps to upgrade your Graylog instance using your package manager of choice (e.x. YUM or RPM):
1. Shutdown the Graylog node.
sudo systemctl stop graylog-server
2. Monitor the status of the Graylog node.
ps -aefww | grep graylog
3. Once the Graylog node is down, update the local package cache.
sudo rpm -Uvh https://packages.graylog2.org/repo/packages/graylog-6.1-repository_latest.rpm
sudo yum clean all
sudo yum update
4. Display available versions of Graylog.
For Graylog Open:
sudo yum list graylog-server --showduplicates
For Graylog Enterprise:
sudo yum list graylog-enterprise --showduplicates
5. Check for locks placed on the currently installed Graylog software package:
sudo yum versionlock list graylog-server
If you have a lock on the Graylog package, remove the lock so the package can then be upgraded:
sudo yum versionlock delete graylog-server
6. Use the system tools to upgrade the Graylog package(s).
For Graylog Open:
sudo yum upgrade graylog-server-6.1
For Graylog Enterprise:
sudo yum upgrade graylog-enterprise-6.1
Hint: If the version is not specified in the command, then the latest version in the repository will be installed.
To display installed graylog-*
packages:
sudo yum list installed | grep graylog
7. Make any necessary changes to Graylog configuration file(s) as indicated by version.
8. Mark the package on-hold so that package updates do not accidentally upgrade the Graylog server.
For Graylog Open:
sudo yum versionlock add graylog-server-6.1
For Graylog Enterprise:
sudo yum versionlock add graylog-enterprise-6.1
9. Finally, restart the Graylog node.
sudo systemctl restart graylog-server