Cloud Service Mesh (ASM)

Istio 是 Cloud Service Mesh 中經過稽核的可運作元件。

工作負載位置

根層級和機構工作負載
稽核記錄來源

Istio 服務網格 Envoy
稽核的作業

收到的要求和回覆

收到的要求和回應

記錄項目中包含稽核資訊的欄位
稽核中繼資料 稽核欄位名稱
使用者或服務身分 username

例如,假設使用者要求系統 將文字從英文翻譯成法文

"username": "fop-cluster-admin@example.com"

目標

(呼叫 API 的欄位和值)
  • authority
  • resource.cluster_name
  • resource.log_name
  • resource.node_name
  • resource.zone_name

例如,假設使用者要求系統 將文字從英文翻譯成法文

"authority": "console.zone1.google.gdch.test",
"resource": {
  "cluster_name": "fleet-admin-platform.gpc-system",
  "log_name": "otel_envoy_accesslog",
  "node_name": "sidecar~10.253.132.163",
  "zone_name": "europe-west4-a"
  }

動作

(包含所執行作業的欄位)
  • body
  • bytes_received
  • bytes_sent
  • connection_termination_details
  • downstream_local_address
  • downstream_remote_address
  • duration
  • method

例如,假設使用者要求系統 將文字從英文翻譯成法文

"body": {},
"bytes_received": "0",
"bytes_sent": "46259",
"connection_termination_details": "-",
"downstream_local_address": "10.253.132.163:80",
"downstream_remote_address": "10.200.0.1:0",
"duration": "4",
"method": "GET"

事件時間戳記
  • start_time
  • time_unix_nano

例如,假設使用者要求系統 將文字從英文翻譯成法文

"start_time": "2022-11-15T23:59:41.041Z",
"time_unix_nano": 1668556781041333000

動作來源 downstream_remote_address

例如,假設使用者要求系統 將文字從英文翻譯成法文

"downstream_remote_address": "10.200.0.1:0"
結果 response_code

例如,假設使用者要求系統 將文字從英文翻譯成法文

"response_code": "200"
其他欄位 不適用 不適用

範例記錄

{
  "authority":"cortex-tenant.obs-system.svc:9009",
  "body":{},
  "bytes_received":"573",
  "bytes_sent":"19",
  "connection_termination_details":"-",
  "downstream_local_address":"10.253.132.167:9009",
  "downstream_remote_address":"10.253.132.122:48272",
  "duration":"1",
  "method":"POST",
  "observed_time_unix_nano":0,
  "path":"/push",
  "protocol":"HTTP/1.1",
  "requested_server_name":"-",
  "resource":{
    "cluster_name":"cortex-tenant.obs-system",
    "log_name":"otel_envoy_accesslog",
    "node_name":"sidecar~10.253.132.167~cortex-tenant-7b9678cfb5-tl4xz.obs-system~obs-system.svc.cluster.local",
    "zone_name":"us-east1-b"
    },
  "response_code":"503",
  "response_code_details":"via_upstream",
  "response_flags":"-",
  "route_name":"default",
  "severity_number":0,
  "severity_text":"",
  "start_time":"2022-11-18T15:59:55.958Z",
  "time_unix_nano":1668787195958027000,
  "upstream_cluster":"inbound|9009||",
  "upstream_host":"10.253.132.167:9009",
  "upstream_local_address":"127.0.0.6:43899",
  "upstream_transport_failure_reason":"-",
  "user_agent":"Prometheus/2.29.2",
  "username":"-",
  "x_envoy_upstream_service_time":"1",
  "x_forwarded_for":"-",
  "x_goog_api_client":"-",
  "x_request_id":"9e942509-9d28-4164-850f-9666b3eb272e"
}