Upgrade Kibana out of lockstep with Elasticsearch (to patch bug)

Hey folks,

Hope all is well. I have a query to run by you please.

We are running Opendistro for Elasticsearch v 1.6.0 (Elasticsearch/Kibana 7.6.1). I have recently noticed that some users are triggering a bug in Kibana. When opening a single document (by expanding a document in Discover view and clicking ‘View single document’) , this results in a flood of POSTs until the browser tab is closed. Have seen some people rack up over 20 million requests by leaving a browser tab open.

This bug appears to have been fixed in Kibana 7.6.2 according to this Github issue -

Just checking if its feasible to bump the Kibana version without upgrading the Elasticsearch version across the cluster ? I expect this may not be recommended, but wanted to hear that straight from the horse.

Cheers

Normally changing patch versions in software isn’t a big deal, but ES and Kibana didn’t really follow these practices and it was suggested to always upgrade in lockstep even with patches. So, you have compatibility between ES and Kibana to deal with first. Additionally, you have another vector of compatibility with the Open Distro plugins. In short: I don’t think there was testing in doing what you want to do but it could work.

All this being said, your version of ES/Kibana has been End-of-Lifed since August, so you’re due for an upgrade anyway (think about going to OpenSearch which will give you a longer time of support).

No problem, thanks for the advice, I’ll take it under consideration.

Cheers