I hope You all are doing great. and I really appreciate all your support
My use case is I have two Graylog server one is running with Graylog 3.0.2+1686930 which is the old one with Elastic search version 6.4 and other which is a new one which is running with the latest version Graylog 3.1.2+9e96b08 followed by Elastic search version 6.8
So basically we want to kill the older one but before that need to move some index to a new one
So what my ticket says is like we need to move a specific index which consists of some important documents, which we need to move to the new Graylog.
Ps. I already moved the indices to New Elastic search using Elastic-search Dump (https://github.com/taskrabbit/elasticsearch-dump) and I also Recalculate the indices in New Graylog and it matched the Document size exactly as in the old one
Also, all the new data are coming into the new Graylog
Issue: When I am trying to Query for Older messages which Are there in indices but It doesn’t show up in search query it says no data.
I restarted the Graylog Nothing worked
I am not quite sure is it an Elasticsearch issue or Graylog as both logs are not showing anything suspicious
Any suggestion/guidance would be really appreciated
Thanks in advance