Audit logs from istio-ingressgateway

Hi,

We would like to collect sort of audit logs from every ingress request made to the K8s cluster. We are not interested and we did not enabled any of the Istio logging through mixer. All we need is plain JSON log to /dev/stdout from istio-ingressgateway pod so we can collect it and send to ELK.

Approach I took: https://istio.io/docs/tasks/telemetry/logs/access-log/#enable-envoy-s-access-logging since istio-ingressgateway is envoy-proxy based.

With bunch of customization (https://www.envoyproxy.io/docs/envoy/latest/configuration/observability/access_log#command-operators) I can get most things.

The side effect of this is that I’m enabling logging for all envoys in service-mesh.

I wonder is there other way of getting istio-ingressgateway pod to be more chatty about what is passing through it?

Thanks

Hi @tvalasek Have you tried this?
kubectl -n istio-system logs istio-ingressgateway-pod istio-proxy

Thanks @mudit_singh for suggestion. The above command (kubectl -n istio-system logs istio-ingressgateway-pod -c istio-proxy) is what i do.

The only thing is that the istio-ingressgateway-pod is pretty silent when it comes to requests coming to service pods without envoy-proxy sidecars.

Looks like you MUST run envoy-proxies in your app pods to get some logs displayed in istio-ingressgateway-pod

@tvalasek Have you found any way to solve this. I am trying to achieve the same thing. So any guideline on how you solved it would really help.