diff --git a/roles/rke2/templates/manifests/deploy-rancher-logging.j2 b/roles/rke2/templates/manifests/deploy-rancher-logging.j2
index 03a6e61184700585ed8b25e5b5d0ece98e2f6330..3934d31df3d27c721fe084d6ac563b14e50a5f44 100644
--- a/roles/rke2/templates/manifests/deploy-rancher-logging.j2
+++ b/roles/rke2/templates/manifests/deploy-rancher-logging.j2
@@ -20,7 +20,7 @@ spec:
 
 
 ---
-
+ #CreateContainerConfigError (container has runAsNonRoot and image has non-numeric user (fluent), cannot verify user is non-root (pod: "rancher-logging-root-fluentd-0_cattle-logging-system(abba9ac8-72a3-469e-b4e3-f04d942ade09)", container: fluentd))
 apiVersion: helm.cattle.io/v1
 kind: HelmChart
 metadata:
@@ -42,11 +42,15 @@ spec:
     podSecurityContext:
       runAsNonRoot: true
       runAsUser: 1000
-    SecurityContext:
-      runAsNonRoot: true
-      runAsUser: 1000
+      fsGroup: 2000
+    securityContext:
+      allowPrivilegeEscalation: false
+      capabilities: 
+        drop: ["ALL"]
+    debug: true
 
 # Need for fluentd statefulset the Security Context RunasUser
+# when running it runAsUser it needs perms /usr/lib/ruby/2.7.0/logger/log_device.rb:103:in `initialize': Permission denied @ rb_sysopen - /fluentd/log/out (Errno::EACCES)
 ---
 
 apiVersion: helm.cattle.io/v1