Hi, I am running logstash on my centOS machine using a user that I created "elastic"
This user needs to be able to run data ingestion for various tests.
This user needs to write to /var/log/logstash And to /usr/share/logstash/data/queue/
and /usr/share/logstash/data/dead_letter_queue
You find which directories by running and failing and reading the output logs until you get it right
So I added the logstash group to my user, but those locations have no group writable access. I can add this access of course, but wasn't sure if there is no better way people use.
The logstash user was created by the RPMs as a non-active (no shell) user, and I assumed this is done for some purpose.
If you say the logstash user is the best user to use, then I will start doing it.
To develop my config scripts, arrange csv data files and locations. So I created a separate "elastic" user for all that, but then I found out that it's not so easy to run them with that "elastic" user.
So my options are:
Create/develop logstash scripts/conf with my "elastic" user, then copy them to /etc/logstash/conf.d and make the csv data files accessible to the logstash user
Make logstash a real user and work with it
Use the elastic user for running as well as developing for logstash (not working smoothly)
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.