Graylog Upgrade Path
  • 14 Sep 2022
  • 1 Minute to read
  • Dark

Graylog Upgrade Path

  • Dark

Moving from older versions of Graylog can be a challenge, so it is especially important that users update their Graylog instances in a timely manner. When performing an update from an older version, the following is the recommended incremental upgrade path.


Graylog can be upgraded heterogeneously (i.e. not all servers must be on the same version). However, they do need to be within one upgrade step of each other, as in one server can be at 3.3 with the others at 3.0. It is recommended to upgrade the leader node first before the follower nodes can be completed.

Upgrading from 1.x

A rebuild is generally recommended. The efforts to upgrade a 1.x deployment to a current version far outweigh the effort of building a fresh deployment and migrating the data.

Upgrade Path from 2.0

If you are upgrading from an older version of Graylog, here is the generally recommended path to follow in order to update your instance to the latest version. This is a gradual approach, meaning that incremental updates from previous versions to recommended versions is strongly advised rather than moving from an older version of Graylog directly to the most recent version.

Previous Version Upgrade To Notes
2.0-2.3 2.4.6
2.4.6 3.0 Several settings in server.conf will need to be updated before moving to 3.0. In 3.x, the REST and UI components were merged, as were their settings.
3.0 3.3 3.3 requires ElasticSearch 6.0 or later.
3.3 4.0
4.0 4.3 4.3 supports both the is_master and is_leader settings.

Was this article helpful?