Upgrade ElasticStack from 2.X to 5.4.3-1 not showing old logs

talis · July 7, 2017, 6:47pm

EDIT: looking through the documentation some more, it looks like I should have used the migration tool to reindex when I was still in verison 2.4.5. Is there any way to do this after already upgrading?
The migration helper says it will run on Elasticsearch versions 2.3.x and 2.4.x only.

I just upgraded to the newest version of Elastic Stack. New data is coming in from all my machines but now I do not have access to any of the data from before the upgrade.

The old versions I upgraded from were:
Elasticsearch 2.4.5
Kibana 4.5.4
Logstash 2.3.4

and they are now all at 5.4.3-1.
I read through the breaking changes but didn't see any instructions for importing data from older versions.
Is it possible to integrate the old data into the new version of Elastic Stack?

warkolm · July 8, 2017, 12:54am

Is there anything in the logs that might explain what is happening?

talis · July 10, 2017, 5:04pm

It appears to have resolved itself... I can now see all the past logs in Kibana.

EDIT: It appears Kibana version 5.4.3 cannot access the old logs. Updating to Kibana 5.5.0 allows me to see old logs, but Wazuh does not have a compatible plugin for Kibana 5.5.0

EDIT2: It looks like wazuh is working on getting their plugin working with 5.5.0 within the next day or two.

system · August 7, 2017, 5:05pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Versions pre 5.x Elasticsearch	9	877	September 1, 2017
How to migrate from Kibana 4.5.0 to Kibana 5.0.0? Kibana	11	2066	December 15, 2016
How to upgrade from an older Elasticsearch 1.X ELK stack to a recent one 6.X Elasticsearch	15	546	February 27, 2019
Upgrading ELK stack Kibana	2	778	July 6, 2017
Old ElasticSearch Data & Upgrading Major Versions? Elasticsearch	4	1200	July 5, 2017

Upgrade ElasticStack from 2.X to 5.4.3-1 not showing old logs

Related topics