We have ELK stack version 7.11.2 with Enterprise license.. Planning to upgrade and I wish to know what should be ELK version we need to upgrade into.
Since, we have customers with ELK features, SSO, ElastAlert, Visualization, Scripted fields etc., what should be the next version to move into ?
Also, I am sure that it is not just a click to upgrade.. it should be like install latest or stable version and below activities as manually ..
Manually ingest the data
Import the Kibana config / Dashboard / Visualization
Enable ElastAlert
Enable MFA / SSO
Last but not least, We already have Enterprise license for version 7.11.2 which will expire in 2025. If we opt 8.x.x then do we need to buy new license or we can reuse the existing license ?
Pls share your inputs to us to get clarity on this version upgrade !
Thanks in advance
Which version of ElastAlert are you using? Keep in mind that ElastAlert is a third-party tool that is not made nor supported by Elastic.
There are 2 versions, the first one is the original ElastAlert by Yelp, this version is not mantained anymore and I don't think that it supports Elasticsearch 8, and there is the fork called ElastAlert2, this one is still active and you supports Elasticsearch 8, but you need to check their documentations to change somethings.
ElastAlert uses a deprecated mapping format for the date types called dateOptionalTime that does not exist in version 8, and if you do not change this mapping in your template you can break your entire cluster.
If you are not using ElastAlert2, you will need to upgrade it before you upgrade your Elastic cluster.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.
