Logstash permission issue and need help on this

Blason · September 29, 2019, 4:08am

Hi Folks,

I have directory /var/log/data where my files are being written and those are the docker volumes.

drwxrwxr-x 25 pbdocker pbdocker 4096 Sep 29 02:49 data

When I am trying to run the logstash to read the files inside data folder I am getting below error. Wondering what permission would be appropriate to make it work?

[2019-09-29T04:03:03,563][INFO ][logstash.agent           ] Pipelines running {:count=>1, :running_pipelines=>[:main], :non_running_pipelines=>[]}
[2019-09-29T04:03:03,594][WARN ][filewatch.tailmode.handlers.createinitial] failed to open /var/log/data/p0f/log/p0f.json: #<Errno::EACCES: Permission denied - /var/log/data/p0f/log/p0f.json>, ["org/jruby/RubyIO.java:1236:in `sysopen'", "org/jruby/RubyFile.java:367:in `initialize'", "org/jruby/RubyIO.java:1155:in `open'"]
[2019-09-29T04:03:03,820][INFO ][logstash.agent           ] Successfully started Logstash API endpoint {:port=>9601}

Badger · September 29, 2019, 12:48pm

It is able to find the file, so the permissions on /var/log/data, /var/log/data/p0f, and /var/log/data/p0f/log must be OK. The problem is the permissions on the file itself. logstash needs read access to it.

system · October 27, 2019, 12:48pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Running Logstash in a Docker container: data directory permissions Logstash	11	5376	July 10, 2018
Permission denied on config Logstash docker	2	3388	February 7, 2019
Logstash can't read files ( Permission denied ) Logstash	6	23804	July 6, 2017
Permission denied /usr/share/logstash/run Logstash	4	645	April 20, 2023
Permission Denied Issue using Logstash Logstash	3	620	December 6, 2018

Logstash permission issue and need help on this

Related topics