Understand Filebeat in Docker

iamoric · November 25, 2019, 2:23pm

Hi,

I would like to run Filebeat in Docker with mouting volume.
I followed the documentation (https://www.elastic.co/guide/en/beats/filebeat/7.4/running-on-docker.html#_volume_mounted_configuration) and it works fine, but I don't understand this option:

-e -strict.perms=false

Is this really needed? I tried with and without, logs are correctly collected and sent. Only difference is that if I do docker logs -f filebeat there is nothing if I don't put -e -strict.perms=false, while I can see logs if I put it.

Thanks for answer

kvch · November 28, 2019, 3:11pm

Filebeat does strict permissions and user checks when opening its configuration file. If those are not correct, it refuses to start up. If you don't need it I suggest you drop the flag, as it is disabling security checks.

See more: https://www.elastic.co/guide/en/beats/libbeat/current/config-file-permissions.html#_disabling_strict_permission_checks

iamoric · November 28, 2019, 3:12pm

Thanks

Topic		Replies	Views
Filebeat.yml: permission denied while runing in docker Beats docker	3	1984	December 16, 2019
Exiting: error loading config file: open filebeat.yml: permission denied Beats filebeat	2	3680	July 30, 2020
Filebeat: permission denied Beats docker , filebeat	7	3894	May 30, 2023
Filebeat docker help with creating the container Beats docker , filebeat	6	1979	March 22, 2020
Config file needs to be owned by root or beat user. Best practice? Beats filebeat	2	867	February 20, 2019

Understand Filebeat in Docker

Related topics