Quick fix - Set a service account for graylog and give it the anyuid
scc.
oc adm policy add-scc-to-user anyuid -z useroot
Harder (but safer) fix? Build your own Dockerfile for graylog and set up permissions/users properly so it doesn't have to run as root.