I wonder what would be the most secure way to run Metricbeat with enabled system module with elevated permission to fetch all the details listed here. Some of those details are described as not available as less privileged user. So running MB as root would solve that problem. But actually it's only about to read some files under /proc. MB would not need all the elevated permissions (e.g. root write permissions) to do the job. May be there is another way to give the user running MB exactly what is needed, to fetch the required information.