Updating Logstash from an older version


I have an unsupported operational Logstash I was required to update due to the Log4j2 vulnerability. The service was implemented long ago without documentation by crew already out of the company. Looking around the files I see the service is version 2.4.0 from August 2016.

Could anyone give me a direction on how to upgrade it to latest recommended versions 6.8.21 or 7.16.1? Is it even possible to upgrade from such an old version or would have to start again from scratch with the new version?

It is not impossible that you could drop in the new version and have everything just work. It is also possible that you drop in a new version and spend many hours finding out how to adjust the configuration to deal with breaking changes introduced in the last five years. (And Elastic are certainly not afraid of breaking changes when they think them necessary.) It will very much depend on what your configuration looks like.

I suggest you try it and see what happens.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.