diff --git a/plugins/inputs/socket_listener/README.md b/plugins/inputs/socket_listener/README.md
index 2f1a0572e..1740d8bcf 100644
--- a/plugins/inputs/socket_listener/README.md
+++ b/plugins/inputs/socket_listener/README.md
@@ -25,6 +25,13 @@ This is a sample configuration for the plugin.
   # service_address = "unix:///tmp/telegraf.sock"
   # service_address = "unixgram:///tmp/telegraf.sock"
 
+  ## Change the file mode bits on unix sockets.  These permissions may not be
+  ## respected by some platforms, to safely restrict write permissions it is best
+  ## to place the socket into a directory that has previously been created
+  ## with the desired permissions.
+  ##   ex: socket_mode = "777"
+  # socket_mode = ""
+
   ## Maximum number of concurrent connections.
   ## Only applies to stream sockets (e.g. TCP).
   ## 0 (default) is unlimited.
diff --git a/plugins/inputs/socket_listener/socket_listener.go b/plugins/inputs/socket_listener/socket_listener.go
index ed007a00a..d29cff582 100644
--- a/plugins/inputs/socket_listener/socket_listener.go
+++ b/plugins/inputs/socket_listener/socket_listener.go
@@ -8,6 +8,7 @@ import (
 	"log"
 	"net"
 	"os"
+	"strconv"
 	"strings"
 	"sync"
 	"time"
@@ -165,6 +166,7 @@ type SocketListener struct {
 	ReadBufferSize  internal.Size      `toml:"read_buffer_size"`
 	ReadTimeout     *internal.Duration `toml:"read_timeout"`
 	KeepAlivePeriod *internal.Duration `toml:"keep_alive_period"`
+	SocketMode      string             `toml:"socket_mode"`
 	tlsint.ServerConfig
 
 	parsers.Parser
@@ -190,6 +192,13 @@ func (sl *SocketListener) SampleConfig() string {
   # service_address = "unix:///tmp/telegraf.sock"
   # service_address = "unixgram:///tmp/telegraf.sock"
 
+  ## Change the file mode bits on unix sockets.  These permissions may not be
+  ## respected by some platforms, to safely restrict write permissions it is best
+  ## to place the socket into a directory that has previously been created
+  ## with the desired permissions.
+  ##   ex: socket_mode = "777"
+  # socket_mode = ""
+
   ## Maximum number of concurrent connections.
   ## Only applies to stream sockets (e.g. TCP).
   ## 0 (default) is unlimited.
@@ -275,6 +284,17 @@ func (sl *SocketListener) Start(acc telegraf.Accumulator) error {
 
 		log.Printf("I! [inputs.socket_listener] Listening on %s://%s", protocol, l.Addr())
 
+		// Set permissions on socket
+		if (spl[0] == "unix" || spl[0] == "unixpacket") && sl.SocketMode != "" {
+			// Convert from octal in string to int
+			i, err := strconv.ParseUint(sl.SocketMode, 8, 32)
+			if err != nil {
+				return err
+			}
+
+			os.Chmod(spl[1], os.FileMode(uint32(i)))
+		}
+
 		ssl := &streamSocketListener{
 			Listener:       l,
 			SocketListener: sl,
@@ -289,6 +309,17 @@ func (sl *SocketListener) Start(acc telegraf.Accumulator) error {
 			return err
 		}
 
+		// Set permissions on socket
+		if spl[0] == "unixgram" && sl.SocketMode != "" {
+			// Convert from octal in string to int
+			i, err := strconv.ParseUint(sl.SocketMode, 8, 32)
+			if err != nil {
+				return err
+			}
+
+			os.Chmod(spl[1], os.FileMode(uint32(i)))
+		}
+
 		if sl.ReadBufferSize.Size > 0 {
 			if srb, ok := pc.(setReadBufferer); ok {
 				srb.SetReadBuffer(int(sl.ReadBufferSize.Size))