diff --git a/hack/logcollector/internal/filebeat.go b/hack/logcollector/internal/filebeat.go
index 3f2aa7319e4..b48804a20ee 100644
--- a/hack/logcollector/internal/filebeat.go
+++ b/hack/logcollector/internal/filebeat.go
@@ -128,5 +128,17 @@ type FilebeatHelmValues struct {
 			Privileged bool `yaml:"privileged"`
 			RunAsUser  int  `yaml:"runAsUser"`
 		} `yaml:"securityContext"`
+		ExtraVolumeMounts []struct {
+			Name      string `yaml:"name"`
+			MountPath string `yaml:"mountPath"`
+			ReadOnly  bool   `yaml:"readOnly"`
+		} `yaml:"extraVolumeMounts"`
+		ExtraVolumes []struct {
+			Name     string `yaml:"name"`
+			HostPath struct {
+				Path string `yaml:"path"`
+				Type string `yaml:"type"`
+			} `yaml:"hostPath"`
+		} `yaml:"extraVolumes"`
 	} `yaml:"daemonset"`
 }
diff --git a/hack/logcollector/internal/templates/filebeat/values.yml b/hack/logcollector/internal/templates/filebeat/values.yml
index 18e65d54db9..60f657ac8ae 100644
--- a/hack/logcollector/internal/templates/filebeat/values.yml
+++ b/hack/logcollector/internal/templates/filebeat/values.yml
@@ -1,17 +1,40 @@
-image: docker.elastic.co/beats/filebeat-oss
-imageTag: 8.6.2-amd64@sha256:33ab8d364e3962dbb85b17df358ce2ac2cb4dcebea1d01da051d67c5f7e16c52
+image: ghcr.io/edgelesssys/beats/filebeat-oss
+imageTag: 8.10.0@sha256:655b2162104dc00b912a1bc91e6c437f4baf21b5aaef3464a1ac3e47251d8e01
 
 daemonset:
-    enabled: true
-    filebeatConfig:
-        filebeat.yml: ""
-        inputs.yml: ""
-    extraEnvs: []
-    secretMounts: []
-    securityContext:
-        runAsUser: 0
-        privileged: true
-    tolerations:
-        - key: node-role.kubernetes.io/control-plane
-          operator: Exists
-          effect: NoSchedule
+  enabled: true
+  filebeatConfig:
+    filebeat.yml: ""
+    inputs.yml: ""
+  extraEnvs: []
+  secretMounts: []
+  securityContext:
+    runAsUser: 0
+    privileged: true
+  tolerations:
+    - key: node-role.kubernetes.io/control-plane
+      operator: Exists
+      effect: NoSchedule
+  extraVolumeMounts:
+    - name: runsystemd
+      mountPath: /run/systemd
+      readOnly: true
+    - name: machine-id
+      mountPath: /etc/machine-id
+      readOnly: true
+    - name: runlogjournal
+      mountPath: /run/log/journal
+      readOnly: true
+  extraVolumes:
+    - name: runsystemd
+      hostPath:
+        path: /run/systemd
+        type: ""
+    - name: machine-id
+      hostPath:
+        path: /etc/machine-id
+        type: ""
+    - name: runlogjournal
+      hostPath:
+        path: /run/log/journal
+        type: ""