I am working with logstash and it is unable to read some log files. To be able to read, I think I have to add a profile in apparmor but am pretty lost at this point.

1. The app is run as: java -jar .... Do I have to add a profile for java or is there some other simpler way?
2. Will simply adding a single line like /path/to/mylogs r work?

Thanks for any help.

I have the same problem with a systemd service that starts an application via java -jar ....

As aa-genprof and AppArmor in general only works with file path and not PIDs and the jar files are not executables, it seems to me like one has to write a profile manually, maybe assisted by aa-easyprof, aa-genprof or aa-logprof for java.

The profile can then be enforced with e.g. the AppArmorProfile= directive in systemd.