When the Elastic Agent is installed in an unprivileged mode, it will not have the requisite permissions to read system logs as they require higher privileges:
-rw-r-----@ 1 root admin 13967 May 6 11:32 system.log
-rw-r----- 1 root admin 895 May 5 00:00 system.log.0.gz
-rw-r----- 1 root admin 950 May 4 00:11 system.log.1.gz
-rw-r----- 1 root admin 978 May 3 00:03 system.log.2.gz
-rw-r----- 1 root admin 953 May 2 00:15 system.log.3.gz
-rw-r----- 1 root admin 942 May 1 00:04 system.log.4.gz
-rw-r----- 1 root admin 961 Apr 30 00:02 system.log.5.gz
Package developers do have the ability to nominate their package OR datastream to require root privileges.
Request
For the system package to indicate that logs-system.syslog requires root privilege.
cc: @cmacknz @kpollich
When the Elastic Agent is installed in an unprivileged mode, it will not have the requisite permissions to read system logs as they require higher privileges:
Package developers do have the ability to nominate their package OR datastream to require root privileges.
Request
For the system package to indicate that
logs-system.syslogrequires root privilege.cc: @cmacknz @kpollich