Understand Filebeat in Docker

iamoric · November 25, 2019, 2:23pm

Hi,

I would like to run Filebeat in Docker with mouting volume.
I followed the documentation (https://www.elastic.co/guide/en/beats/filebeat/7.4/running-on-docker.html#_volume_mounted_configuration) and it works fine, but I don't understand this option:

-e -strict.perms=false

Is this really needed? I tried with and without, logs are correctly collected and sent. Only difference is that if I do docker logs -f filebeat there is nothing if I don't put -e -strict.perms=false, while I can see logs if I put it.

Thanks for answer

kvch · November 28, 2019, 3:11pm

Filebeat does strict permissions and user checks when opening its configuration file. If those are not correct, it refuses to start up. If you don't need it I suggest you drop the flag, as it is disabling security checks.

See more: https://www.elastic.co/guide/en/beats/libbeat/current/config-file-permissions.html#_disabling_strict_permission_checks

iamoric · November 28, 2019, 3:12pm

Thanks

system · December 26, 2019, 3:12pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Filebeat.yml: permission denied while runing in docker Beats docker	3	1920	December 16, 2019
Can't Start Filebeat from docker compose Beats filebeat	1	657	October 5, 2020
Exiting: error loading config file: open filebeat.yml: permission denied Beats filebeat	2	3473	July 30, 2020
Volume mapped filebeat.yml permissions from Docker on Windows host Beats filebeat	4	15809	August 2, 2017
Filebeat daemon Beats docker , filebeat	5	442	May 5, 2022

Understand Filebeat in Docker

Related topics