Graylog Sidecar Best Practices?

Is there any guidance or recommendations to configure the sidecar so that it runs as a privileged or hidden service and that the configuration directory is restricted to local admins or something like that by default?

Don’t want to reinvent the wheel here but as I plan to push the sidecar to end users, it’d be great to know that they can’t kill the process simply by turning off the service or modify configs by screwing with the config files.

Any guidance would be appreciated!

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.