Logstash runs as a container.logstash version 8.11.0
Logstash input looks like the below
input {
file {
path => "/common/logs/parser-server-tasks-application/app.log"
start_position => "beginning"
sincedb_path => "/common/logs/.sincedb"
type => "parser-server-tasks-application"
codec => multiline {
pattern => "^%{TIMESTAMP_ISO8601}"
negate => true
what => previous
max_lines => 1000
}
}
I m using something called as hostpath(this path /folder is in container and as well on host where the container runs in kubernetes.)
permission /common chmod -R 777 /common
Everything works fine. I need logstash reads from /common/logs and write to sincedb.
but when I change the chmod -R 774 /common. Logstash fails.
Will restart this plugin.
Pipeline_id:main
Plugin: <LogStash::Inputs::File start_position=>"beginning", path=>["/common/logs/dp-cms-mw/*.jsonl"], codec=><LogStash::Codecs::JSON id=>"f057e2c0-d76d-4a5f-97ce-c19a37817c6d", enable_metric=>true, charset=>"UTF-8">, id=>"7c803fd8a4b19ca1aedcd08f1e639817309a4dec3c5b975fa81e8eae528a65fa", sincedb_path=>"/shared/logs/.sincedb_json", type=>"dp-cms-mw", enable_metric=>true, stat_interval=>1.0, discover_interval=>15, sincedb_write_interval=>15.0, delimiter=>"\n", close_older=>3600.0, mode=>"tail", file_completed_action=>"delete", sincedb_clean_after=>1209600.0, file_chunk_size=>32768, file_chunk_count=>140737488355327, file_sort_by=>"last_modified", file_sort_direction=>"asc", exit_after_read=>false, check_archive_validity=>false>
Error: Permission denied - "/common/shared/logs/.sincedb_json
Exception: Errno::EACCES
logstash container starts as a logstash user.
how to handle this scenario?