- 25 May 2022
- 1 Minute to read
Upgrading to Graylog 4.1.x
- Updated on 25 May 2022
- 1 Minute to read
- Upgrading to Graylog 4.1.x
- TLS Changes
- Breaking Changes
- Changes to the Elasticsearch Support
- Configuration file changes
Please make sure to create a MongoDB database backup before starting the upgrade to Graylog 4.1!
Graylog is now using only ciphers that considered secure (at this time of writing) when TLS v1.2 or greater is enabled. (see #10653 and #10985 ) Only TLSv1.2 and TLSv1.3 are enabled in the default Graylog configuration.
This could lead to problems with legacy TLS implementations connecting to Graylog. (e.g. older Syslog daemon versions connecting to a Graylog Syslog input)
To enable older ciphers again and work around problems with legacy TLS implementations, the
enabled_tls_protocolsoption can be adjusted to include TLS v1.1.
enabled_tls_protocols = TLSv1.1,TLSv1.2
The semantics of the limit parameter in the legacy search API (
/search/universal/(absolute|keyword|relative)) have changedto fix an inconsistency introduced in
4.0: prior to
0meant “no limit”, with
4.0this changed to
0for “empty result”. With 4.1 this has been fixed to work again like in the past but the underlying
Searches#scrollmethod has been tagged as
Changes to the Elasticsearch Support
Prior to v4.0 and in v4.0 without version probing for the Elasticsearch version, Graylog continues connecting to ES until it is successful. When you have version-probing for the used Elasticsearch version enabled, and Graylog starts up but can not connect to ES, the startup stopped immediately with v4.0. Starting from 4.1 the default behaviour is, that Graylog retries connecting with a delay until it can connect to Elasticsearchmaking the behaviour consistent again. See the Elasticsearch configuration page for details.
Elasticsearch Version Compatability
|GRAYLOG VERSION||MINIMUM ES VERSION||MAXIMUM ES VERSION|
MongoDB Version Compatability
|GRAYLOG VERSION||MINIMUM MONGO VERSION||MAXIMUM MONGO VERSION|
Configuration file changes
The system stats collector has been reimplemented using OSHI instead of SIGAR. The configuration option disable_sigar has been renamed to disable_native_system_stats_collector.