I figured it out! I updated the YAML file and pointed kibana.log to the directory /usr/share/kibana/logs, to which user 'kibana' has full access, and it works for me now.
there's a logs directory under /usr/share/kibana and owner is kibana:
XXX@XXX:~/elastic-stack-13Jul$ sudo docker exec -it 6f7b907ea419 /bin/sh
$ pwd
/usr/share/kibana
$ ls -al
total 1832
...
drwxrwxr-x 1 kibana root 24 Jul 14 16:14 logs
...
Updated kibana.yml and point log file to this directory:
logging:
logging:
appenders:
file:
type: file
fileName: /usr/share/kibana/logs/kibana.log
layout:
type: pattern
root:
appenders: [file]
# New server settings
server:
host: "0.0.0.0"
shutdownTimeout: "5s"
# Existing Elasticsearch connection
elasticsearch.hosts: [ "http://elasticsearch:9200" ]
"docker compose up" and Now the logs appear in the Kibana container:
-rw-rw-r-- 1 kibana kibana 20001 Jul 14 16:14 kibana.log
$ cat kibana.log
[2024-07-14T16:14:19.830+00:00][INFO ][root] Kibana is starting
[2024-07-14T16:14:19.901+00:00][INFO ][node] Kibana process configured with roles: [background_tasks, ui]
[2024-07-14T16:14:27.714+00:00][INFO ][plugins-service] The following plugins ar