Understand Filebeat in Docker

iamoric · November 25, 2019, 2:23pm

Hi,

I would like to run Filebeat in Docker with mouting volume.
I followed the documentation (https://www.elastic.co/guide/en/beats/filebeat/7.4/running-on-docker.html#_volume_mounted_configuration) and it works fine, but I don't understand this option:

-e -strict.perms=false

Is this really needed? I tried with and without, logs are correctly collected and sent. Only difference is that if I do docker logs -f filebeat there is nothing if I don't put -e -strict.perms=false, while I can see logs if I put it.

Thanks for answer

kvch · November 28, 2019, 3:11pm

Filebeat does strict permissions and user checks when opening its configuration file. If those are not correct, it refuses to start up. If you don't need it I suggest you drop the flag, as it is disabling security checks.

See more: https://www.elastic.co/guide/en/beats/libbeat/current/config-file-permissions.html#_disabling_strict_permission_checks

iamoric · November 28, 2019, 3:12pm

Thanks

system · December 26, 2019, 3:12pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.