Telegraf can not access nginx log properly

1

Hello, I had a problem when I tried to parse the nginx log with tail plugin. I made it work but leave a topic to ask if there is a better way.

Here is the reason I think it is the access problem(or the authority problem)
When I started telegraf on root user with “telegraf --config /etc/telegraf/telegraf.conf” command, I can check the nginx log field in the influxdb. However, the field doesn’t show up when I start telegraf with “sudo systemctl start telegraf” to make it run with root authority (not as root user yet)

What I tried to make it wrok with systemctl command:

  1. chaned owner of nginx log with “sudo chown telegraf:telegraf” → didn’t work
  2. inclued telegraf into nginx group with “sudo usermod -aG nginx telegraf” → didn’t work
  3. changed mode of nginx log to 777 that any user can read,write or execute it → didn’t work
  4. opened /usr/lib/systemd/system/telegraf.service and changed user from telegraf to root → worked

I had expected it to be solve at least on #3, but it didn’t. And #4 doesn’t seem to be a proper solution. So could you tell me if there is anything I missed? The telgraf.conf is as below. I appreciate it in advance.

[global_tags]
   rack = "vc99"
   category = "WEB"
      metric_buffer_limit = 5000
      collection_jitter = "2s"
      flush_interval = "10s"
      flush_jitter = "1s"
      precision = "0s"
      omit_hostname = false
      logfile = "/var/log/telegraf/telegraf.log"

    [[outputs.influxdb_v2]]
      urls = ["http://{url}:8086"]
      token = {token}
      organization = "tnh"
      bucket = "nginx log_4"

    [[outputs.file]]
      files = ["stdout"]
      data_format = "influx"

    [[inputs.tail]]
      files = ["/var/log/nginx/access.log"]
      from_beginning = false
      name_override = "nginx_access_log"
      data_format = "grok"
      grok_patterns = ['%{COMBINED_LOG_FORMAT}']
      grok_custom_patterns = '''COMBINED_LOG_FORMAT %{HTTPDATE:timestamp} %{NUMBER:request_length} %{WORD:method} %{URIPATH:request} HTTP/%{NUMBER:http_version} %{URI:referer} %{NUMBER:status} %{NUMBER:bytes_sent} %{NUMBER:upstream_status} %{NUMBER:request_time} %{WORD:subdomain} %{IPORHOST:client} %{IPORHOST:upstream_addr}'''
      grok_timezone = "Local"

    [[processors.converter]]
      [processors.converter.fields]
        tag = ["subdomain"]
        float = ["request_time"]