- 25 May 2022
- 2 Minutes to read
-
Print
-
DarkLight
Upgrading to Graylog 3.1.x
- Updated on 25 May 2022
- 2 Minutes to read
-
Print
-
DarkLight
Overview
- Upgrading to Graylog 3.1.x
- Views & Extended Search
- HTTP API Changes
- Configuration File Changes
- Alerts
- Alarm Callback Plugins
- Alert Condition Plugins
- Deprecated HTTP API Endpoints
- Configuration File Changes
- Views & Extended Search
3.1.x Compatability
Elasticsearch Version Compatability
GRAYLOG VERSION | MINIMUM ES VERSION | MAXIMUM ES VERSION |
---|---|---|
3.1.X | 5.x | 6.x |
MongoDB Version Compatability
GRAYLOG VERSION | MINIMUM MONGO VERSION | MAXIMUM MONGO VERSION |
---|---|---|
3.1.X | 3.6 | 4 |
Views & Extended Search
The Views and Extended Search feature has been open-sourced in this version (except the support for parameters). It was only accessible in Graylog Operations in Graylog 3.0.
HTTP API Changes
The following Views related HTTP API paths changed due to the migration to open source:
Old Path | New Path |
---|---|
|
|
|
|
Configuration File Changes
The following views related configuration file settings changed due to the migration to open source:
Removed Setting | New Setting |
---|---|
|
|
Alerts
The old Alerts system has been replaced by an Alerts & Events system in Graylog 3.1.
Existing alerts will be automatically migrated to the new system when the Graylog 3.1 server starts for the first time. The migration will log the number of migrated legacy alert conditions and alarm callbacks:
2019-08-05T10:36:06.404Z INFO [V20190722150700_LegacyAlertConditionMigration] Migrated <2> legacy alert conditions and <2> legacy alarm callbacks
Alarm Callback Plugins
The new Alerts & Events system is supporting the execution of legacy Alarm Callback plugins for now. We recommend to switch event definitions over to event notifications, though. At some point in the future support for legacy Alarm Callback plugins will be removed. More information for plugin developers can be found on the Event Notifications page.
Please note, that the data sent via a legacy Alarm Callback might be slightly different than via the old Alerts system. If you’ve built automation on top of alerts, you might want to check that everything still works after the migration.
Alert Condition Plugins
The new Alerts & Events system is not supporting the execution of legacy Alert Condition plugins. Old alerts using the internal alert conditions are automatically migrated to new event definitions (message count, field value and field content value conditions). Custom alert condition plugins cannot be migrated and need to be rewritten as event definitions in the new system.
Deprecated HTTP API Endpoints
The following HTTP API endpoints are deprecated and will be removed in a future release:
Deprecated API Endpoints |
---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
The deprecated API endpoints don’t have a one to one mapping to new ones, but the following Endpoints can be used to manage Event Definitions and Event Notifications as well as search for events:
New Events API Endpoints |
---|
|
|
|
|
Configuration File Changes
The following alerting related configuration file settings changed in this release:
Setting | Status | Description |
---|---|---|
| removed | Was part of the old and now removed alerts system. |
| added | Related to the new alerts system. |
| added | Related to the new alerts system. |
| added | Related to the new alerts system. |
| added | Related to the new alerts system. |
| added | Related to the new alerts system. |
See server configuration page for details on the new settings.