User setting - looking for best practice

(Dor Juravski) #1

Hi, I am running logstash on my centOS machine using a user that I created "elastic"
This user needs to be able to run data ingestion for various tests.

This user needs to write to /var/log/logstash And to /usr/share/logstash/data/queue/
and /usr/share/logstash/data/dead_letter_queue
You find which directories by running and failing and reading the output logs until you get it right

So I added the logstash group to my user, but those locations have no group writable access. I can add this access of course, but wasn't sure if there is no better way people use.

Perhaps turn "logstash" into a full user?

Thank you in advance.

(Magnus B├Ąck) #2

Why not just use the logstash user created by the RPM installation?

(Dor Juravski) #3

The logstash user was created by the RPMs as a non-active (no shell) user, and I assumed this is done for some purpose.
If you say the logstash user is the best user to use, then I will start doing it.

(Mark Walkom) #4

Why do you need to login as that user?

(Dor Juravski) #5

To develop my config scripts, arrange csv data files and locations. So I created a separate "elastic" user for all that, but then I found out that it's not so easy to run them with that "elastic" user.

So my options are:

  1. Create/develop logstash scripts/conf with my "elastic" user, then copy them to /etc/logstash/conf.d and make the csv data files accessible to the logstash user
  2. Make logstash a real user and work with it
  3. Use the elastic user for running as well as developing for logstash (not working smoothly)

(system) #6

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.