We have updated our Terms of Service, Code of Conduct, and Addendum.

Unable to bind to 514 for syslog input on Cribl with non-sudo user


Hi Team, [Urgent] As per the best practices, we created a non-sudo user called Cribl and enable the boot-start. In our environment, we can't use other than 514 ports for syslog receiving but we are getting the Error: "bind EACCES". as per the Cribl documentation we did the below. systemctl edit cribl [Service] AmbientCapabilities=CAP_NET_BIND_SERVICE But we are getting the attached error and we are still not able to add the 514 ports in syslog source.