Access Logs
Enable Kmesh access logging
Kmesh accesslog can be enabled and disabled using kmeshctl.
Please refer to the Kmeshctl Monitoring Guide
Detailed TCP Access Logs Generated by Kmesh
Logs are generated by the Kmesh daemon during key stages of a TCP connection's lifecycle:
-
If the
connectionMetricsis enabled, at regular 5-second intervals while the connection is active. -
Upon connection closure
Access Log Field Descriptions :
| Name | Describe |
|---|---|
| src.addr | Source address and port, source workload of the request |
| src.workload | Name of the Pod that initiated the request |
| src.namespace | Namespace of source worklaod |
| dst.addr | Destination address and port, destination workload of the request |
| dst.service | Hostname of deatination service |
| dst.workload | Name of the Pod receiving the request |
| dst.namespace | Namespace of destination workload |
| direction | The direction of the traffic. INBOUND means into the destination service, OUTBOUND means out of the source service |
| sent_bytes | Number of bytes sent for this connection |
| received_bytes | Number of bytes received for this connection |
| duration | Duration of this |
An example log entry is shown below:
accesslog: 2025-04-24 08:54:40.971980208 +0000 UTC src.addr=10.244.2.79:41978, src.workload=ws-client, src.namespace=default, dst.addr=10.244.2.78:8080, dst.service=ws-server-service.default.svc.cluster.local, dst.workload=ws-server, dst.namespace=default, start_time=2025-04-24 08:53:50.919245381 +0000 UTC, direction=OUTBOUND, state=BPF_TCP_ESTABLISHED, sent_bytes=3, received_bytes=227, packet_loss=0, retransmissions=0, srtt=40515us, min_rtt=34us, duration=50052.734827ms