We would like to collect sort of audit logs from every ingress request made to the K8s cluster. We are not interested and we did not enabled any of the Istio logging through mixer. All we need is plain JSON log to /dev/stdout from istio-ingressgateway pod so we can collect it and send to ELK.
Approach I took: https://istio.io/docs/tasks/telemetry/logs/access-log/#enable-envoy-s-access-logging since istio-ingressgateway is envoy-proxy based.
With bunch of customization (https://www.envoyproxy.io/docs/envoy/latest/configuration/observability/access_log#command-operators) I can get most things.
The side effect of this is that I’m enabling logging for all envoys in service-mesh.
I wonder is there other way of getting istio-ingressgateway pod to be more chatty about what is passing through it?