Why is not recommended to run graylog user as root?

hi people,

why is not recommended to run graylog user as root?
the problem is that i really need to have it running on UDP port 514…

Thanks,
Marius.

It’s all about security. If you follow best practices, you shouldn’t run daemons as root, because security bug (or running some script) in graylog could expose directly to root account, which has unlimited permissions.

If you need to forward logs to port 514, you can still forward it via firewall, check documentation:
https://docs.graylog.org/en/3.1/pages/faq.html#how-can-i-start-an-input-on-a-port-below-1024

1 Like

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.