ELK Stack upgrade to version 9.1.5

Hi All,

We planned to upgrade the ELK Stack to the latest version (9.1.5) and encountered an issue where logs disappeared.

After upgrading Elasticsearch and Kibana to version 9.1.5, the system continued to function. However, when Logstash, Filebeat, and Elastic Agent were also upgraded to 9.1.5, the logs were no longer ingested into Elasticsearch.

On the other hand, after rolling back Logstash, Filebeat, and Elastic Agent to version 8.17.4, log ingestion resumed and worked normally.

Behavior
Upgrade Elasticsearch/Kibana 8.17.4 => 8.19.5 => 9.1.5
Upgrade Logstash, Filebeat, and Elastic Agent 8.17.4 => 9.1.5 (Using helm)

Helm chart: v8.5.1 (Current use)
https://github.com/elastic/helm-charts/tree/v8.5.1(external, opens in a new tab or window)

Why the logs cannot ingested into the Elasticsearch while pods are running without errors?

BR,

Hi @KS_Tomar ,

As I understand, the helm chart that I currently using is the official one

(https://artifacthub.io/packages/helm/elastic/elasticsearch)

I am not sure, can you check on this?

BR,

the helm chart that I currently using is the official one

Yes I think that’s right. The previous post looked to be AI-generated, please disregard.

Hi @DavidTurner,

Do you have any ideas?

BR,

Nothing obvious, sorry. I’d be surprised if the agents just silently stopped doing anything, it seems more likely they’d be logging some messages that help you move forwards, but you didn’t share any logs in your post so I have nothing to suggest. You might be better off asking in Elastic Agent - Discuss the Elastic Stack or Logstash - Discuss the Elastic Stack since Elasticsearch itself seems to be working ok here.