Understand Filebeat in Docker


I would like to run Filebeat in Docker with mouting volume.
I followed the documentation (https://www.elastic.co/guide/en/beats/filebeat/7.4/running-on-docker.html#_volume_mounted_configuration) and it works fine, but I don't understand this option:

-e -strict.perms=false

Is this really needed? I tried with and without, logs are correctly collected and sent. Only difference is that if I do docker logs -f filebeat there is nothing if I don't put -e -strict.perms=false, while I can see logs if I put it.

Thanks for answer

Filebeat does strict permissions and user checks when opening its configuration file. If those are not correct, it refuses to start up. If you don't need it I suggest you drop the flag, as it is disabling security checks.

See more: https://www.elastic.co/guide/en/beats/libbeat/current/config-file-permissions.html#_disabling_strict_permission_checks


This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.