Logstash permission issue and need help on this

Blason · September 29, 2019, 4:08am

Hi Folks,

I have directory /var/log/data where my files are being written and those are the docker volumes.

drwxrwxr-x 25 pbdocker pbdocker 4096 Sep 29 02:49 data

When I am trying to run the logstash to read the files inside data folder I am getting below error. Wondering what permission would be appropriate to make it work?

[2019-09-29T04:03:03,563][INFO ][logstash.agent           ] Pipelines running {:count=>1, :running_pipelines=>[:main], :non_running_pipelines=>[]}
[2019-09-29T04:03:03,594][WARN ][filewatch.tailmode.handlers.createinitial] failed to open /var/log/data/p0f/log/p0f.json: #<Errno::EACCES: Permission denied - /var/log/data/p0f/log/p0f.json>, ["org/jruby/RubyIO.java:1236:in `sysopen'", "org/jruby/RubyFile.java:367:in `initialize'", "org/jruby/RubyIO.java:1155:in `open'"]
[2019-09-29T04:03:03,820][INFO ][logstash.agent           ] Successfully started Logstash API endpoint {:port=>9601}

Badger · September 29, 2019, 12:48pm

It is able to find the file, so the permissions on /var/log/data, /var/log/data/p0f, and /var/log/data/p0f/log must be OK. The problem is the permissions on the file itself. logstash needs read access to it.

Topic		Replies	Views
Logstash can't read files ( Permission denied ) Logstash	6	24000	July 6, 2017
Logstash complains permission denied when the file is owned by logstash user Logstash	3	941	July 6, 2017
Problems reading file by logstash input plugin (permissions) Logstash	4	93	August 5, 2025
Logstash failed to load files with permission denied Logstash	7	3822	July 6, 2017
Running Logstash in a Docker container: data directory permissions Logstash	11	5789	July 10, 2018

Logstash permission issue and need help on this

Related topics