Description |
This article describes how to resolve the elasticsearch incompatibility issue on the FortiSOAR System and reindex them.
[2023-09-29T00:00:11,228][ERROR][o.e.b.Elasticsearch] [fsr-lab003] fatal exception while booting Elasticsearch java.lang.IllegalStateException: cannot upgrade node because incompatible indices created with version [6.5.4] exist, while the minimum compatible index version is [7.0.0]. Upgrade your older indices by reindexing them in version [7.17.0] first. at org.elasticsearch.env.NodeEnvironment.checkForIndexCompatibility(NodeEnvironment.java:529) ~[elasticsearch-8.5.2.jar:?] |
Scope | FortiSOAR v7.x. |
Solution |
Step 1: Stop the elasticsearch service:
# systemctl stop elasticsearch
Step 2: Remove the Elasticsearch node and index data from the system:
# sudo rm -rf /var/lib/elasticsearch/nodes # sudo rm -rf /var/lib/elasticsearch/indices/*
Step 3: Start the elasticsearch service.
# systemctl start elasticsearch
Step 4: Reindex the indices into Elasticsearch again. It is recommended to issue the below command using off-peak hours.
# sudo -u nginx php /opt/cyops-api/bin/console app:elastic:create
However, it is strongly advised to take a snapshot of the VM before removing the nodes/indices. |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.