背景:小弟想通过syslog插件监控网络设备日志记录,配置如下:
input{
syslog{
port => 514
}
}
使用elk用户启动logstash,但启动后提示没有权限。之前在网上查找资料发现Linux系统中对1024以下端口需要使用root 权限,后改用sudo方式启动还是启不来。现请大神指 点一二,小弟在此表示感谢。
错误提示:
[2018-05-22T10:51:31,271][WARN ][logstash.inputs.syslog ] syslog listener died {:protocol=>:udp, :address=>"0.0.0.0:514", :exception=>#<Errno::EACCES: Permission denied - bind(2) for "0.0.0.0" port 514>, :backtrace=>["org/jruby/ext/socket/RubyUDPSocket.java:197:in `bind'", "/opt/elk/logstash-6.2.4/vendor/bundle/jruby/2.3.0/gems/logstash-input-syslog-3.4.1/lib/logstash/inputs/syslog.rb:149:in `udp_listener'", "/opt/elk/logstash-6.2.4/vendor/bundle/jruby/2.3.0/gems/logstash-input-syslog-3.4.1/lib/logstash/inputs/syslog.rb:130:in `server'", "/opt/elk/logstash-6.2.4/vendor/bundle/jruby/2.3.0/gems/logstash-input-syslog-3.4.1/lib/logstash/inputs/syslog.rb:110:in `block in run'"]}
input{
syslog{
port => 514
}
}
使用elk用户启动logstash,但启动后提示没有权限。之前在网上查找资料发现Linux系统中对1024以下端口需要使用root 权限,后改用sudo方式启动还是启不来。现请大神指 点一二,小弟在此表示感谢。
错误提示:
[2018-05-22T10:51:31,271][WARN ][logstash.inputs.syslog ] syslog listener died {:protocol=>:udp, :address=>"0.0.0.0:514", :exception=>#<Errno::EACCES: Permission denied - bind(2) for "0.0.0.0" port 514>, :backtrace=>["org/jruby/ext/socket/RubyUDPSocket.java:197:in `bind'", "/opt/elk/logstash-6.2.4/vendor/bundle/jruby/2.3.0/gems/logstash-input-syslog-3.4.1/lib/logstash/inputs/syslog.rb:149:in `udp_listener'", "/opt/elk/logstash-6.2.4/vendor/bundle/jruby/2.3.0/gems/logstash-input-syslog-3.4.1/lib/logstash/inputs/syslog.rb:130:in `server'", "/opt/elk/logstash-6.2.4/vendor/bundle/jruby/2.3.0/gems/logstash-input-syslog-3.4.1/lib/logstash/inputs/syslog.rb:110:in `block in run'"]}
2 个回复
Dm
赞同来自: yuyaguo 、sony_zhang
yuyaguo
赞同来自: