Use this page to learn how to view logs and monitor requests and access control decisions for traffic routed through your Agent Gateway deployment.
Logging
Agent Gateway logs are generated using the
networkservices.googleapis.com/Gateway monitored resource.
You can use these logs to monitor access requests to the gateway. This includes the logs created when Agent Gateway is deployed in dry-run mode.
View logs for a specific gateway
To view the logs for a specific gateway, complete the following steps.
Console query
In the Google Cloud console, go to the Logs Explorer page.
Click the Show query toggle.
Paste the following into the query field.
resource.type="networkservices.googleapis.com/Gateway" resource.labels.location="REGION" resource.labels.gateway_name="AGENT_GATEWAY_NAME"
Replace the following:
REGION: The region of your gateway.AGENT_GATEWAY_NAME: The name of your gateway.
Click Run query.
What is logged
Agent Gateway log entries contain information useful for monitoring and debugging traffic to and from your gateway.
| Field | Field format | Field type: Required or Optional | Description |
|---|---|---|---|
| severity insertID timestamp receiveTimestamp trace traceSampled logName |
LogEntry | Required | The general fields as described in a log entry. |
| httpRequest | HttpRequest | Required | A common protocol for logging HTTP requests. |
| resource | MonitoredResource | Required | The |
| jsonPayload | object (Struct format) | Required | The log entry payload that is expressed as a JSON object. The JSON object contains the following Agent Gateway fields:
|
Monitoring
Agent Gateway exports some Service Extensions metrics to Cloud Monitoring. If you're delegating authorization to Service Extensions, you can use these metrics to monitor traffic to and from your extension. For details, see Logging and monitoring for Cloud Load Balancing callouts.