[Ubuntu] Metricbeat Service Privilege Levels


(Mustafa Hasanbulli) #1

Hello,

As part of our internal standards for Linux (Ubuntu) VMs, when it is necessary to install a service, we create a user account, assign that user account to security groups and run that new service using that particular user account. This makes things like "who ran what" easier to track.

We have some development boxes that we would like to monitor using Metricbeat. The things we monitor are default system.yml and mysql.yml content.

For this type monitoring, what is the minimum privilege level we need to provide to Metricbeat? Does Metricbeat require sudo privileges all the time? Or, can we get away with less privileged accounts?