Thanks for your reply! Unfortunately, at the moment I can't see the permissions on /mnt/var/log/auth.log. I'll add this information a little later. As for my configuration, you can see everything here GitHub - y34r-z3r0/elastic: Learning and testing elk-stack features
So, in this case, I decided to go the simplest way:
sudo chmod o+r /var/log/auth.log
(in the system, not in the container)
And it works
I don’t know how correct this option is in terms of interfering with the security of the system, but the main thing for me now is that I can proceed to the next steps in learning ELK.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.