# Log entry for egress access apiVersion: config.istio.io/v1alpha2 kind: instance metadata: name: egress-access namespace: istio-system spec: compiledTemplate: logentry params: severity: '"info"' timestamp: context.time | timestamp("2017-01-01T00:00:00Z") variables: connectionEvent: connection.event | "" source: source.labels["app"] | "unknown" sourceNamespace: source.namespace | "unknown" sourceWorkload: source.workload.name | "" sourcePrincipal: source.principal | "unknown" requestedServerName: connection.requested_server_name | "unknown" destinationApp: destination.labels["app"] | "" monitored_resource_type: '"UNSPECIFIED"' --- # Handler for info egress access entries apiVersion: config.istio.io/v1alpha2 kind: handler metadata: name: egress-access-logger namespace: istio-system spec: compiledAdapter: stdio params: severity_levels: info: 0 # output log level as info outputAsJson: true --- # Rule to handle access to *.wikipedia.org apiVersion: config.istio.io/v1alpha2 kind: rule metadata: name: handle-wikipedia-access namespace: istio-system spec: match: source.labels["app"] == "istio-egressgateway-with-sni-proxy" && destination.labels["app"] == "" && connection.event == "open" actions: - handler: egress-access-logger instances: [ egress-access ]