I've noticed this strange behaviour where let's say my original
.sincedb-foo file was created by logstash under user A - i.e. the
.sincedb-foo file is owned by user A.
Now if I stop then start logstash up again but as user B, then even if
.sincedb-foo is given global write permissions, logstash will start creating these "children" .sincedb files in this format:
.sincedb-foo.2064.18329.863496 for example.
And there will be many many of these "children" .sincedb files (up to many hundred thousands even) created depending on how many logs there are and how many rotations happen which uses up a lot of space (tens of GB).
I couldn't find documentation around this and was wondering what this behaviour is?
Is there a way to configure logstash file input plugin to not behave like this? I.e. to just fail quickly for example if the .sincedb files are owned by a different user and to not spawn any children .sincedb files because it might fill up all the space.