I am utilizing the full ELK stack in Linux including beats and logstash. I have found a few posts online that recommend not running these services as root such as this discussion post.
I tried to find some more information on this topic in the documentation without any luck. I can't find anything about setting up a new user specifically for running these ELK services or why I would want to do that.
Can someone explain to me why running these services as root is a bad idea or provide a resource for learning more on this topic?
Should I set up special users for each service that I want to run? if so, how do I need to set up the permissions & ownership of the config files, data files, logging files, … etc. for this special user that will be running each service?