Splunk Forwarder cant access "/var/log/messages"

Issue

Splunk log forwarder running under userID splunk cannot access /var/log/messages , throwing errors similar to :

05-05-2017 06:40:54.704 +0400 WARN TailingProcessor - Insufficient permissions to read file='/var/log/messages' (hint: Permission denied).

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Here are the common uses of Markdown.

Code blocks

~~~
Code surrounded in tildes is easier to read
~~~

Links/URLs

[Red Hat Customer Portal](https://access.redhat.com)