Run Auditbeat with non-root user

Hi Elastic Team,
I run ELK on Linux(CentOS7).
Because of security issue, I need to run Auditbeat with non-root user.
I found this Use packetbeat without root and it works.

So I use root user to set:

  1. setcap cap_net_raw=ep auditbeat
  2. setcap cap_net_raw=ep auditbeat.yml
  3. setcap cap_net_admin=ep auditbeat
  4. setcap cap_net_admin=ep auditbeat.yml

But when I run Auditbeat with non-root user, it shows:

2019-08    WARN    [cfgwarn]       host/host.go:167        BETA: The system/host dataset is beta
2019-08    WARN    [cfgwarn]       login/login.go:95       BETA: The system/login dataset is beta
2019-08    WARN    [cfgwarn]       package/package.go:169  BETA: The system/package dataset is beta
2019-08    WARN    [cfgwarn]       process/process.go:131  BETA: The system/process dataset is beta
2019-08    WARN    [process]       process/process.go:174  Running as non-root user, will likely not report all processes.
2019-08    WARN    [cfgwarn]       socket/socket.go:245    BETA: The system/socket dataset is beta
2019-08    WARN    [cfgwarn]       user/user.go:205        BETA: The system/user dataset is beta
2019-08    INFO    instance/beat.go:385    auditbeat stopped.
2019-08    ERROR   instance/beat.go:877    Exiting: 1 error: 1 error: failed to create audit client: failed to get audit status: operation not permitted
Exiting: 1 error: 1 error: failed to create audit client: failed to get audit status: operation not permitted`

How could I fix this?
failed to create audit client: failed to get audit status: operation not permitted

Any suggestion will be really grateful!
Daniel.